Skip to content

community.general.keycloak_group: Unable to create/update more than 10 sub groups #9690

New issue
New issue
Open
#9692
Open
community.general.keycloak_group: Unable to create/update more than 10 sub groups#9690
#9692
Labels
bugThis issue/PR relates to a bugmodulemodulepluginsplugin (any type)
@FabienSalles

Description

@FabienSalles
FabienSalles
opened on Feb 4, 2025

Summary

When we want to create or update a sub-group, we fetch children of the parent group to know which sub group exist and should be updated.
The API is paginated by default with a maximum of 10 result and the api call does not set the corresponding paremeter.

So, when we try to create more than 10 sub-groups, we have the error : Sibling group named '...' already exists.

Issue Type

Bug Report

Component Name

community.general.keycloak_group

Ansible Version

ansible --version
ansible [core 2.16.3]

Community.general Version

Collection        Version
----------------- -------
community.general 10.2.0

I do not use the latest version because i have another issue with roles (#9678) but the error is also present on the latest version

Configuration

ansible-config dump --only-changed
CONFIG_FILE() = None
PAGER(env: PAGER) = less

OS / Environment

lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 24.04.1 LTS
Release:	24.04
Codename:	noble

Steps to Reproduce

Create more than 10 subgroups

---
- name: Create ROOT Group
  community.general.keycloak_group:
    auth_client_id: admin-cli
    auth_keycloak_url: "keycloak_base_url"
    auth_realm: master
    auth_username: "keycloak_admin_username"
    auth_password: "keycloak_admin_password"
    realm: "master"
    name: "parent_group"

- name: Create SUB Groups
  community.general.keycloak_group:
    auth_client_id: admin-cli
    auth_keycloak_url: "keycloak_base_url"
    auth_realm: master
    auth_username: "keycloak_admin_username"
    auth_password: "keycloak_admin_password"
    state: present
    realm: "master"
    name: "{{ group.name }}"
    parents:
      - name: "parent_group"
  loop: 
     - name: SUB_GROUP_1
     - name: SUB_GROUP_2
     - name: SUB_GROUP_3
     - name: SUB_GROUP_4
     - name: SUB_GROUP_5
     - name: SUB_GROUP_6
     - name: SUB_GROUP_7
     - name: SUB_GROUP_8
     - name: SUB_GROUP_9
     - name: SUB_GROUP_10
     - name: SUB_GROUP_11
  loop_control:
    loop_var: group

Expected Results

Do not block and create conflict when we want to create more than 10 children.

Actual Results

failed: [keycloak_host] (item={'name': 'MY_CHILDREN', 'parent': 'parent_group'}) => {"ansible_loop_var": "group", "changed": false, "group": {"name": "MY_CHILDREN", "parent": "parent_group"}, "msg": "Could not create subgroup MY_CHILDREN for parent group cc1df29f-77cc-4ced-935e-3641d36667f8 in realm master: HTTP Error 409: Conflict: {\"errorMessage\":\"Sibling group named 'MY_CHILDREN' already exists.\"}"}

Code of Conduct

  • I agree to follow the Ansible Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugThis issue/PR relates to a bugmodulemodulepluginsplugin (any type)

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions