From c9f04960f211d61e8a5ec208aa9b54e9159a6523 Mon Sep 17 00:00:00 2001 From: James Falkner <schtool@gmail.com> Date: Sat, 22 Feb 2020 15:24:18 +0100 Subject: [PATCH] increase codeready keycloak token lifespan (#1170) --- ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml | 31 ++++++++++++++++++++++++------- 1 files changed, 24 insertions(+), 7 deletions(-) diff --git a/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml b/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml index 0d6658b..f669f3b 100644 --- a/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml +++ b/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml @@ -116,18 +116,35 @@ user: "{{ item }}" with_list: "{{ users }}" -- name: Get Codeready admin token +- name: Get codeready SSO admin token uri: - url: http://keycloak-labs-infra.{{ route_subdomain }}/auth/realms/codeready/protocol/openid-connect/token + url: http://keycloak-labs-infra.{{ route_subdomain }}/auth/realms/master/protocol/openid-connect/token method: POST body: - username: admin - password: admin + username: "{{ codeready_sso_admin_username }}" + password: "{{ codeready_sso_admin_password }}" grant_type: "password" client_id: "admin-cli" body_format: form-urlencoded status_code: 200,201,204 - register: che_admin_token + register: codeready_sso_admin_token + +- name: Increase codeready access token lifespans + uri: + url: http://keycloak-labs-infra.{{ route_subdomain }}/auth/admin/realms/codeready + method: PUT + headers: + Content-Type: application/json + Authorization: "Bearer {{ codeready_sso_admin_token.json.access_token }}" + body: + accessTokenLifespan: 28800 + accessTokenLifespanForImplicitFlow: 28800 + actionTokenGeneratedByUserLifespan: 28800 + ssoSessionIdleTimeout: 28800 + ssoSessionMaxLifespan: 28800 + body_format: json + status_code: 204 + - name: Import stack imagestream k8s: @@ -154,9 +171,9 @@ shell: | oc import-image --all quarkus-stack -n openshift -- name: wait a minute and let the image download and be registered so workspaces start up +- name: wait 2 minutes and let the image download and be registered so workspaces start up pause: - minutes: 1 + minutes: 2 - name: Pre-create and warm user workspaces include_tasks: create_che_workspace.yaml -- Gitblit v1.9.3