From fe88269c9f62a290eb588addfb8a75369ee6e10d Mon Sep 17 00:00:00 2001
From: Laurent Gourvenec <lgourvenec@cadoles.com>
Date: Thu, 13 Jul 2023 10:19:04 +0200
Subject: [PATCH] Add tasks to create only 1 client (#11)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Rational: adding a client seems inoffensive. Updating a client on the other hand is not (removing then adding a client).
Co-authored-by: Laurent Gourvénec <lgourvenec@cadoles.com>
Reviewed-on: https://forge.cadoles.com/Cadoles/ansible-role-sso/pulls/11
Co-authored-by: Laurent Gourvenec <lgourvenec@cadoles.com>
Co-committed-by: Laurent Gourvenec <lgourvenec@cadoles.com>
---
 tasks/hydra-create-client.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 tasks/hydra-create-client.yml

diff --git a/tasks/hydra-create-client.yml b/tasks/hydra-create-client.yml
new file mode 100644
index 0000000..e8b5c14
--- /dev/null
+++ b/tasks/hydra-create-client.yml
@@ -0,0 +1,25 @@
+---
+# Simple task to create 1 client for hydra. Fails if the client already exists.
+# Parameter: client_id
+
+- fail: msg='Error, client does not exist. Please define the client first'
+  when: hydra_clients|selectattr("client_id", "equalto", client_id)|list|length == 0
+
+# Creating a client which already exists could create problems
+- name: Check client doesn't already exists
+  command: podman exec -t cadoles-pod-hydra-v1 /bin/sh -c "hydra clients get {{ client_id }} --endpoint http://127.0.0.1:4445"
+  register: command_result
+  failed_when: command_result.rc == 0
+  become: true
+
+- name: Create hydra-client
+  template:
+    src: hydra-client.json.j2
+    dest: "/etc/hydra/clients.d/{{ item.client_id }}.json"
+  with_items: "{{ hydra_clients }}"
+  when: item.client_id == client_id
+  become: true
+
+- name: Import client
+  command: podman exec -t cadoles-pod-hydra-v1 /bin/sh -c "hydra clients import /etc/hydra/clients.d/{{ client_id }}.json --endpoint http://127.0.0.1:4445"
+  become: true