From c9f04960f211d61e8a5ec208aa9b54e9159a6523 Mon Sep 17 00:00:00 2001
From: James Falkner <schtool@gmail.com>
Date: Sat, 22 Feb 2020 15:24:18 +0100
Subject: [PATCH] increase codeready keycloak token lifespan (#1170)

---
 ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml |   31 ++++++++++++++++++++++++-------
 1 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml b/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml
index 0d6658b..f669f3b 100644
--- a/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml
+++ b/ansible/roles/ocp4-workload-ccnrd/tasks/install-codeready.yaml
@@ -116,18 +116,35 @@
     user: "{{ item }}"
   with_list: "{{ users }}"
 
-- name: Get Codeready admin token
+- name: Get codeready SSO admin token
   uri:
-    url: http://keycloak-labs-infra.{{ route_subdomain }}/auth/realms/codeready/protocol/openid-connect/token
+    url: http://keycloak-labs-infra.{{ route_subdomain }}/auth/realms/master/protocol/openid-connect/token
     method: POST
     body:
-      username: admin
-      password: admin
+      username: "{{ codeready_sso_admin_username }}"
+      password: "{{ codeready_sso_admin_password }}"
       grant_type: "password"
       client_id: "admin-cli"
     body_format: form-urlencoded
     status_code: 200,201,204
-  register: che_admin_token
+  register: codeready_sso_admin_token
+
+- name: Increase codeready access token lifespans
+  uri:
+    url: http://keycloak-labs-infra.{{ route_subdomain }}/auth/admin/realms/codeready
+    method: PUT
+    headers:
+      Content-Type: application/json
+      Authorization: "Bearer {{ codeready_sso_admin_token.json.access_token }}"
+    body:
+      accessTokenLifespan: 28800
+      accessTokenLifespanForImplicitFlow: 28800
+      actionTokenGeneratedByUserLifespan: 28800
+      ssoSessionIdleTimeout: 28800
+      ssoSessionMaxLifespan: 28800
+    body_format: json
+    status_code: 204
+
 
 - name: Import stack imagestream
   k8s:
@@ -154,9 +171,9 @@
   shell: |
     oc import-image --all quarkus-stack -n openshift
 
-- name: wait a minute and let the image download and be registered so workspaces start up
+- name: wait 2 minutes and let the image download and be registered so workspaces start up
   pause:
-      minutes: 1
+      minutes: 2
 
 - name: Pre-create and warm user workspaces
   include_tasks: create_che_workspace.yaml

--
Gitblit v1.9.3