wttech.aem.osgi_config is not idempotent for factory configs #36
Description
I'm trying to create a SamlAuthenticationHandler factory config in ansible using the wttech.aem.osgi_config, which works, but once in a while (not every run) it creates a second one. How can this be avoid?
- name: aem_saml | Create SAML Authentication Handler configuration
wttech.aem.osgi_config:
command: save
pid: "com.adobe.granite.auth.saml.SamlAuthenticationHandler~{{ aem_saml_idp_config_name }}"
props:
path: "/"
service.ranking: "{{ aem_saml_service_ranking }}"
idpUrl: "{{ aem_saml_idp_url }}"
idpCertAlias: "{{ idp_cert_data.data.added | default('') }}"
serviceProviderEntityId: "{{ aem_saml_entity_id }}"
assertionConsumerServiceURL: "{{ aem_saml_consumer_service_url }}"
keyStorePassword: "{{ aem_keystore_password }}"
defaultRedirectUrl: "/aem/start.html"
userIDAttribute: "{{ aem_saml_user_id_attr | default('name') }}"
useEncryption: false
createUser: true
userIntermediatePath: "saml"
addGroupMemberships: true
groupMembershipAttribute: "roles"
defaultGroups: ""
nameIdFormat: "{{ aem_saml_name_id_format | default('urn:oasis:names:tc:SAML:2.0:nameid-format:transient') }}"
synchronizeAttributes: "{{ aem_saml_user_attributes }}"
handleLogout: true
logoutUrl: "{{ aem_saml_logout_url }}"
The first run output will be like this:
author1: TASK [aem_config : aem_saml | Create SAML Authentication Handler configuration] ***
author1: changed: [author1-l.be] =>
author1: changed: true
author1: data:
author1: saved:
author1: - changed: true
author1: config:
author1: alias: ping
author1: details:
author1: bundleLocation: ''
author1: description: Adobe Granite SAML 2.0 Authentication Handler
author1: factoryPid: com.adobe.granite.auth.saml.SamlAuthenticationHandler
author1: serviceLocation: ''
author1: title: Adobe Granite SAML 2.0 Authentication Handler
author1: exists: true
author1: fpid: com.adobe.granite.auth.saml.SamlAuthenticationHandler
author1: pid: com.adobe.granite.auth.saml.SamlAuthenticationHandler.a10f17c1-20d4-453f-ac39-81089d4c0a5b
author1: properties:
author1: addGroupMemberships: true
author1: assertionConsumerServiceURL: https://something/saml_login
author1: clockTolerance: '60'
author1: createUser: true
author1: defaultGroups:
author1: - ''
author1: defaultRedirectUrl: /aem/start.html
author1: digestMethod: http://www.w3.org/2001/04/xmlenc#sha256
author1: groupMembershipAttribute: roles
author1: handleLogout: true
author1: identitySyncType: default
author1: idpCertAlias: certalias___1767717135280
author1: idpHttpRedirect: 'false'
author1: idpIdentifier: ''
author1: idpUrl: https://login.something/iam/SSOPOST/metaAlias/user/idp
author1: keyStorePassword: unmodified
author1: logoutUrl: https://login.something/iam/IDPSloPOST/metaAlias/user/idp
author1: nameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
author1: path:
author1: - /
author1: service.ranking: 4999
author1: serviceProviderEntityId: aem.author1.local
author1: signatureMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
author1: spPrivateKeyAlias: ''
author1: storeSAMLResponse: 'false'
author1: synchronizeAttributes:
author1: - emailaddress=profile/email
author1: - Givenname=profile/givenName
author1: - surname=profile/familyName
author1: useEncryption: false
author1: userIDAttribute: customusername
author1: userIntermediatePath: saml
author1: instance:
author1: aemVersion: 6.5.1.LTS
author1: attributes:
author1: - local
author1: - created
author1: - running
author1: - up-to-date
author1: dir: /opt/aemc/aem/home/var/instance/aem
author1: healthChecks:
author1: - all bundles stable
author1: - recent events stable
author1: - installer idle
author1: - login page ready
author1: - all components stable
author1: id: local_aem
author1: runModes:
author1: - author1
author1: - s7connect
author1: - crx3
author1: - nosamplecontent
author1: - author
author1: - aem
author1: - aem65lts
author1: - local
author1: - crx3tar
author1: url: http://127.0.0.1:4502
The second like this:
author1: TASK [aem_config : aem_saml | Create SAML Authentication Handler configuration] ***
author1: changed: [author1-l.be] =>
author1: changed: true
author1: data:
author1: saved:
author1: - changed: true
author1: config:
author1: alias: ping
author1: details:
author1: bundleLocation: ''
author1: description: Adobe Granite SAML 2.0 Authentication Handler
author1: factoryPid: com.adobe.granite.auth.saml.SamlAuthenticationHandler
author1: serviceLocation: ''
author1: title: Adobe Granite SAML 2.0 Authentication Handler
author1: exists: true
author1: fpid: com.adobe.granite.auth.saml.SamlAuthenticationHandler
author1: pid: com.adobe.granite.auth.saml.SamlAuthenticationHandler.b974fc31-a15c-4963-829b-18274f45c88a
author1: properties:
author1: addGroupMemberships: true
author1: assertionConsumerServiceURL: https://something/saml_login
author1: clockTolerance: '60'
author1: createUser: true
author1: defaultGroups:
author1: - ''
author1: defaultRedirectUrl: /aem/start.html
author1: digestMethod: http://www.w3.org/2001/04/xmlenc#sha256
author1: groupMembershipAttribute: roles
author1: handleLogout: true
author1: identitySyncType: default
author1: idpCertAlias: certalias___1767717135280
author1: idpHttpRedirect: 'false'
author1: idpIdentifier: ''
author1: idpUrl: https://login.something/iam/SSOPOST/metaAlias/user/idp
author1: keyStorePassword: unmodified
author1: logoutUrl: https://login.something/iam/IDPSloPOST/metaAlias/user/idp
author1: nameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
author1: path:
author1: - /
author1: service.ranking: 4999
author1: serviceProviderEntityId: aem.author1.local
author1: signatureMethod: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
author1: spPrivateKeyAlias: ''
author1: storeSAMLResponse: 'false'
author1: synchronizeAttributes:
author1: - emailaddress=profile/email
author1: - Givenname=profile/givenName
author1: - surname=profile/familyName
author1: useEncryption: false
author1: userIDAttribute: customusername
author1: userIntermediatePath: saml
author1: instance:
author1: aemVersion: 6.5.1.LTS
author1: attributes:
author1: - local
author1: - created
author1: - running
author1: - up-to-date
author1: dir: /opt/aemc/aem/home/var/instance/aem
author1: healthChecks:
author1: - all bundles stable
author1: - recent events stable
author1: - installer idle
author1: - login page ready
author1: - all components stable
author1: id: local_aem
author1: runModes:
author1: - author1
author1: - s7connect
author1: - crx3
author1: - nosamplecontent
author1: - author
author1: - aem
author1: - aem65lts
author1: - local
author1: - crx3tar
author1: url: http://127.0.0.1:4502