# Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---

- name: Check if {{ tower_config_file }} file is encrypted
  command: cat {{ tower_config_file }}
  changed_when: false
  no_log: true
  register: config_content
  run_once: true

- name: Decrpyt {{ tower_config_file }}
  command: >-
    ansible-vault decrypt {{ tower_config_file }}
    --vault-password-file {{ tower_vault_file }}
  when: "'$ANSIBLE_VAULT;' in config_content.stdout"
  changed_when: false
  run_once: true

# Deleting the defaults
- name: Delete machine credential
  awx.awx.tower_credential:
    name: "{{ default_credential }}"
    credential_type: "{{ default_credential_type }}"
    state: absent
    tower_config_file: "{{ tower_config_file }}"
  register: delete_credential
  until: not delete_credential.failed
  retries: "{{ max_retries }}"
  delay: "{{ max_delay }}"

- name: Delete job template
  awx.awx.tower_job_template:
    name: "{{ default_template }}"
    state: absent
    tower_config_file: "{{ tower_config_file }}"
    
- name: Delete project
  awx.awx.tower_project:
    name: "{{ default_project }}"
    state: absent
    tower_config_file: "{{ tower_config_file }}"

- name: Delete organization
  awx.awx.tower_organization:
    name: "{{ default_org }}"
    state: absent
    tower_config_file: "{{ tower_config_file }}"

# Configuration begins
- name: Create organization
  awx.awx.tower_organization:
    name: "{{ awx_organization }}"
    description: "Name of organization using this product"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  register: add_organization
  until: not add_organization.failed
  retries: "{{ max_retries }}"
  delay: "{{ max_delay }}"

- name: Create awx inventories
  awx.awx.tower_inventory:
    name: "{{ item.name }}"
    description: "{{ item.description }}"
    organization: "{{ awx_organization }}"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  loop: "{{ inventory_names }}"
  when: item.flag

- name: Add groups to node_inventory
  awx.awx.tower_group:
    name: "{{ item.name }}"
    description: "{{ item.description }}"
    inventory: "node_inventory"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  loop: "{{ group_names }}"

- name: Add project
  awx.awx.tower_project:
    name: "{{ project_name }}"
    description: "{{ project_description }}"
    organization: "{{ awx_organization }}"
    scm_type: manual
    local_path: "{{ role_path.split('/')[-4] }}"
    default_environment: custom-awx-ee
    state: present
    tower_config_file: "{{ tower_config_file }}"
    wait: yes
  register: add_project
  until: not add_project.failed
  retries: "{{ max_retries }}"
  delay: "{{ max_delay }}"

- name: Add awx credentials
  awx.awx.tower_credential:
    name: "{{ item.name }}"
    organization: "{{ awx_organization }}"
    credential_type: "{{ item.type }}"
    inputs:
      username: "{{ item.username }}"
      password: "{{ item.password }}"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  loop: "{{ credential_details }}"
  no_log: true
  changed_when: true
  when: item.flag

- name: Create awx job templates for network devices, inventories, storage and idrac
  awx.awx.tower_job_template:
    name: "{{ item.name }}"
    job_type: "run"
    organization: "{{ awx_organization }}"
    inventory: "{{ item.inventory }}"
    project: "{{ project_name }}"
    playbook: "{{ item.playbook }}"
    credentials:
      - "{{ item.credential }}"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  loop: "{{ job_template_details }}"
  when: item.flag

- name: Create awx job template for deploying omnia
  awx.awx.tower_job_template:
    name: "{{ item.name }}"
    job_type: "run"
    organization: "{{ awx_organization }}"
    inventory: "{{ item.inventory }}"
    project: "{{ project_name }}"
    playbook: "{{ item.playbook }}"
    ask_skip_tags_on_launch: true
    extra_vars: "{{ item.extra_vars }}"
    credentials:
      - "{{ item.credential }}"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  loop: "{{ omnia_job_template_details }}"

- name: Build a schedule for node inventory and device inventory
  awx.awx.tower_schedule:
    name: "{{ item.name }}"
    unified_job_template: "{{ item.template }}"
    rrule: "{{ item.schedule_rule }}"
    state: present
    tower_config_file: "{{ tower_config_file }}"
  register: result
  loop: "{{ scheduled_templates }}"
  when: item.flag

- name: Encrypt {{ tower_config_file }}
  command: >-
    ansible-vault encrypt {{ tower_config_file }}
    --vault-password-file {{ tower_vault_file }}
  changed_when: false

- name: Change file permissions
  file:
    path: "{{ tower_config_file }}"
    mode: "{{ file_perm }}"