jws: ensure that tc_vault pkg are install if install method is rpm

roles/jws/defaults/main.yml

@@ -81,6 +81,7 @@ jws_tomcat_vault_iteration: '44'
 jws_tomcat_vault_salt: '1234abcd'
 jws_tomcat_vault_properties: 'vault.properties'
 jws_tomcat_vault_data: 'VAULT.dat'
+jws_tomcat_vault_rpm_name: 'jws5-tomcat-vault'
 
 # modcluster configuration
 jws_modcluster_enabled: False

roles/jws/meta/argument_specs.yml

@@ -278,6 +278,10 @@ argument_specs:
                 default: "VAULT.dat"
                 description: "vault.data filename"
                 type: "str"
+            jws_tomcat_vault_rpm_name:
+                default: "jws5-tomcat-vault"
+                description: "RPM package to install for tomcat vault (only used if install method is 'rpm')."
+                type: "str"
             jws_modcluster_enabled:
                 # line 42 of jws/defaults/main.yml
                 default: False

roles/jws/tasks/install/rpm.yml

@@ -44,3 +44,12 @@
     creates: "{{ jws_rpm_root_dir }}/enable"
   notify:
     - Ensure Tomcat runs under systemd
+
+- name: "Install tomcat vault extra packages, if requested."
+  block:
+    - name: "Install package for tomcat_vault: {{ jws.vault.package_name }}"
+      ansible.builtin.package:
+        name: "{{ jws.vault.package_name }}"
+        state: present
+  when:
+    - jws_tomcat_vault_enabled is defined and jws_tomcat_vault_enabled

roles/jws/vars/main.yml

@@ -56,6 +56,7 @@ jws:
       secretRequired: "{{ jws_listen_ajp_secret_required }}"
       secret: "{{ jws_listen_ajp_secret }}"
   vault:
+    package_name: "{{ jws_tomcat_vault_rpm_name }}"
     name: "{{ jws_tomcat_vault_keystore }}"
     enable: "{{ jws_tomcat_vault_enabled }}"
     alias: "{{ jws_tomcat_vault_alias }}"