#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---

- name: Validate skip tags
  fail:
    msg: "{{ invalid_skip_tag_msg }}"
  tags: [ network-device, pxe, awx, network-ib, idrac, monitoring, security, firmware-repo, templates ]
  when:
    - '"init" in ansible_skip_tags'

- name: Validate run tags
  fail:
    msg: "{{ invalid_run_tag_msg }}"
  when:
    - '"init" not in ansible_run_tags'
    - '"all" not in ansible_run_tags'
  tags: [ init, network-device, pxe, awx, network-ib, idrac, monitoring, security, firmware-repo, templates ]

- name: Mount Path
  set_fact:
    mount_path: "{{ role_path + '/../../..'  }}"
  tags: init

- name: Saving management station os
  set_fact:
    mgmt_os: "{{ ansible_facts['distribution'] | lower }}"
  tags: init

- name: Verify the ansible and python versions installed
  fail:
    msg: "{{ ansible_python_version_status }}"
  tags: init
  when: 
    - ansible_python_version < python_version_support 
    - os_supported_leap not in mgmt_os

- name: Verify the ansible and python versions installed
  fail:
    msg: "{{ ansible_python_version_status }}"
  tags: init
  when: 
    - ansible_python_version < python_version_leap
    - os_supported_leap in mgmt_os
    - ansible_distribution_version >= os_supported_leap_version

- name: Verify whether ansible configuration file exists
  stat:
    path: "{{ default_ansible_config_file_path }}"
  register: file_exists
  tags: init

- name: Set omnia.log file
  replace:
    path: "{{ default_ansible_config_file_path }}"
    regexp: '#log_path = /var/log/ansible.log'
    replace: 'log_path = /var/log/omnia.log'
  when: file_exists.stat.exists
  tags: init

- name: Check OS support
  assert:
    that:
      - ( os_supported_centos in mgmt_os ) and ( ansible_distribution_version >= os_supported_centos_version ) or
        ( os_supported_rocky in mgmt_os ) and ( ansible_distribution_version >= os_supported_rocky_version ) or
        ( os_supported_leap in mgmt_os ) and ( ansible_distribution_version >= os_supported_leap_version )
    fail_msg: "{{ fail_os_status }}"
    success_msg: "{{ success_os_status }}"
  register: os_value
  tags: [ init, validate ]

- block:
    - name: Fetch SElinux mode
      command: sestatus
      register: sestatus_current
      changed_when: false

    - name: Disable SElinux
      replace:
        path: /etc/sysconfig/selinux
        regexp: 'SELINUX=[a-z]+'
        replace: 'SELINUX=disabled'
      when: '"SELinux status: enabled" in sestatus_current.stdout_lines'

    - name: Status of SElinux
      fail:
        msg: "{{ selinux_status }}"
      when: '"SELinux status: enabled" in sestatus_current.stdout_lines'
      register: selinux_value
  tags: init
  when:
    - os_supported_leap not in mgmt_os

- name: State of firewall
  service:
    name: firewalld
    state: started
    enabled: yes
  tags: init