Bug 1771425

Summary: Keycloak httpd configuration lost after installer run
Product: Red Hat Satellite Reporter: Nikhil Kathole <nkathole>
Component: AuthenticationAssignee: Ewoud Kohl van Wijngaarden <ekohlvan>
Status: CLOSED ERRATA QA Contact: Omkar Khatavkar <okhatavk>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.7.0CC: egolov, ekohlvan, mhulan, okhatavk, rabajaj, spetrosi
Target Milestone: 6.7.0Keywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: foreman-installer-1.24.1.13-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-14 13:27:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nikhil Kathole 2019-11-12 10:56:39 UTC 
Description of problem:

Keycloak integation with satellite is based on /etc/httpd/conf.d/foreman-openidc_oidc_keycloak_Example.conf generated by 
keycloak-httpd-client-install --app-name foreman-openidc --keycloak-server-url "{{ RHSSO_URL }}" --keycloak-admin-username "{{ RHSSO_USER }}" --keycloak-admin-password password.txt --keycloak-realm "{{ RHSSO_REALM }}" --keycloak-admin-realm master --keycloak-auth-role root-admin -t openidc -l /users/extlogin --tls-verify false --force

But the configuration lost after installer run.


Version-Release number of selected component (if applicable):
Satellite 6.7 snap 1


How reproducible:
always

Steps to Reproduce:
1. Setup keycloak  integration with satellite
2. Run installer/upgrade
3. See integration lost

Actual results:
Before:
# ls /etc/httpd/conf.d/
03-crane.conf                  05-foreman-ssl.conf  foreman-openidc_oidc_keycloak_Example.conf  pulp_docker.conf  pulp_rpm.conf
05-foreman.conf                05-foreman-ssl.d     passenger.conf                              pulp_iso.conf     pulp_streamer.conf
05-foreman.d                   15-default.conf      pulp.conf                                   pulp_ostree.conf  pulp-vhosts80
05-foreman_proxy_content.conf  auth_openidc.conf    pulp_content.conf                           pulp_puppet.conf  ssl.conf

After:
# ls /etc/httpd/conf.d/
03-crane.conf    05-foreman_proxy_content.conf  15-default.conf  pulp_content.conf  pulp_ostree.conf  pulp_streamer.conf
05-foreman.conf  05-foreman-ssl.conf            passenger.conf   pulp_docker.conf   pulp_puppet.conf  pulp-vhosts80
05-foreman.d     05-foreman-ssl.d               pulp.conf        pulp_iso.conf      pulp_rpm.conf     ssl.conf


Expected results:
Configuration should not lost, 

Additional info:
Comment 4 Rahul Bajaj 2019-12-12 15:37:14 UTC 
Hello Marek,

Sorry for the late reply! Ewoud is working on the installer part. 
He has a draft PR created on github, one can track the PR here: https://github.com/theforeman/puppet-foreman/pull/779

Thanks,
Comment 5 Rahul Bajaj 2020-01-20 04:45:57 UTC 
Hello, 

From what I understand, other parts of installer are yet broken, once those are fixed, Ewoud would have a better hold on this issue.

Thanks,
Comment 6 Bryan Kearney 2020-03-02 15:02:10 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/28436 has been resolved.
Comment 14 errata-xmlrpc 2020-04-14 13:27:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1454