---
    - name: "Configure Keycloak instances"
      block:

      - name: "Assure Keycloak instance is stopped"
        service:
          name: keycloak
          state: stopped
        become: true

      - name: "Git checkout of d4sceicne themes"
        git:
          repo: 'https://code-repo.d4science.org/gCubeSystem/d4science-keycloak-themes.git'
          dest: "/tmp/checkout/d4science-keycloak-themes"

      - name: "Copy themes in the proper folder"
        copy:
          src: "/tmp/checkout/d4science-keycloak-themes/src/themes/"
          dest: "{{ keycloak_themes }}/"
          owner: "keycloak"
          group: "keycloak"
          directory_mode: "yes"
          mode: "u=rwx,g=rwx,o="
          remote_src: "yes"

      - name: "Check if the storage-module is already installed"
        stat:
          path: "{{ keycloak_modules }}/org/gcube/keycloak/avatar-storage/main"
        register: storagemodule

      - name: "Download avatar-storage JAR from Maven repo"
        maven_artifact:
          group_id: org.gcube
          artifact_id: avatar-storage
          extension: jar
          repository_url: 'https://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging-jenkins'
          dest: "/tmp/avatar-storage.jar"
          verify_checksum: "always"
        when: not storagemodule.stat.exists

      - name: "Install avatar-storage Keycloak module"
        shell:
          cmd: './bin/jboss-cli.sh --command="module add --name=org.gcube.keycloak.avatar-storage --resources=/tmp/avatar-storage.jar --dependencies=org.keycloak.keycloak-core,org.keycloak.keycloak-services,org.keycloak.keycloak-server-spi,org.keycloak.keycloak-server-spi-private,org.jboss.logging"'
          chdir: "{{ keycloak_home }}"
        when: not storagemodule.stat.exists

      - name: "Switch ON Keycloak server instance"
        service:
          name: keycloak
          state: started
        become: true

      - name: "Waiting for server start"
        pause:
          seconds: 15

      - name: "Enable avatar-storage module in Keycloak conf"
        shell:
          cmd: './bin/jboss-cli.sh --connect --controller=localhost:9990 --command="/subsystem=keycloak-server:list-add(name=providers, value=module:org.gcube.keycloak.avatar-storage)"'
          chdir: "{{ keycloak_home }}"

      - name: "Restart Keycloak server instance to load new provider configuration"
        service:
          name: keycloak
          state: stopped
        become: true

      - service:
          name: keycloak
          state: started
        become: true

      - name: "Download keycloak-d4science-bundle EAR from Maven repo"
        maven_artifact:
          group_id: org.gcube
          artifact_id: keycloak-d4science-bundle
          extension: ear
          repository_url: 'https://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging-jenkins'
          dest: "/tmp/keycloak-d4science-bundle.ear"
          verify_checksum: "always" 

      - name: "Deploy keycloak-d4science-bundle EAR on Keycloak"
        copy:
          src: "/tmp/keycloak-d4science-bundle.ear"
          dest: "{{ keycloak_deployments }}/keycloak-d4science-bundle.ear"
          owner: "keycloak"
          group: "keycloak"
          directory_mode: "yes"
          mode: "u=rw,g=rw,o="
          remote_src: "yes"

      - name: "Waiting for EAR deploy"
        pause:
          seconds: 15