Update storage and Keycloak config

roles/ocp_service_account/meta/argument_specs.yml

@@ -0,0 +1,29 @@
+---
+argument_specs:
+  main:
+    short_description: Create an OpenShift ServiceAccount with scoped ClusterRole
+    description:
+      - Creates a ServiceAccount, ClusterRole, ClusterRoleBinding, and a
+        long-lived token Secret. The token is registered as
+        __ocp_service_account_token for downstream use.
+    options:
+      ocp_service_account_name:
+        description: Name for the ServiceAccount, ClusterRole, and ClusterRoleBinding.
+        type: str
+        required: true
+      ocp_service_account_namespace:
+        description: Namespace where the ServiceAccount and token Secret are created.
+        type: str
+        required: true
+      ocp_service_account_cluster_role_rules:
+        description: >-
+          List of RBAC policy rules for the ClusterRole.
+          Each item follows the Kubernetes PolicyRule schema
+          (apiGroups, resources, verbs).
+        type: list
+        elements: dict
+        required: true
+      ocp_service_account_create_namespace:
+        description: Whether to create the namespace if it does not exist.
+        type: bool
+        default: true

roles/ocp_service_account/meta/main.yml

@@ -0,0 +1,16 @@
+---
+galaxy_info:
+  author: ptoal
+  description: Create an OpenShift ServiceAccount with ClusterRole and long-lived token
+  license: MIT
+  min_ansible_version: "2.16"
+  platforms:
+    - name: GenericLinux
+      versions:
+        - all
+  galaxy_tags:
+    - openshift
+    - rbac
+    - serviceaccount
+
+dependencies: []