- name: Upload config files
  template:
    src: "{{item}}"
    dest: /tmp/{{item}}
    backup: yes
    mode: 0644
  with_items:
    - httpd.conf
    - httpd-keystone-main.conf
    - httpd-keystone-admin.conf

- include: hiera.yml

- name: Generate config files
  config_template:
    src: base.conf.j2
    dest: /tmp/keystone.conf
    config_overrides: '{{keystone_config}}'
    config_type: ini

- name: Read configs into memory
  slurp:
    src: "/tmp/httpd-keystone-main.conf"
  register: "httpd_keystone_main_conf"

- name: Read configs into memory
  slurp:
    src: "/tmp/httpd-keystone-admin.conf"
  register: "httpd_keystone_admin_conf"

- name: Read configs into memory
  slurp:
    src: "/tmp/httpd.conf"
  register: "httpd_conf"

- name: Read configs into memory
  slurp:
    src: "/tmp/keystone.conf"
  register: "keystone_conf"

- name: Create keystone configmaps
  ignore_errors: yes
  k8s_v1_config_map:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: keystone
    namespace: "{{namespace}}"
    state: present
    debug: yes
    labels:
      service: keystone
    data:
      config.json: |
        {
            "command": "/usr/sbin/httpd -DFOREGROUND",
            "config_files": [
              {
                "dest": "/etc/httpd/conf/httpd.conf",
                "owner": "root",
                "perm": "0644",
                "source": "/var/lib/kolla/config_files/httpd.conf"
              },
              {
                "dest": "/etc/keystone/keystone.conf",
                "owner": "keystone",
                "perm": "0644",
                "source": "/var/lib/kolla/config_files/keystone.conf"
              },
              {
                "dest": "/etc/httpd/conf.d/10-keystone-main.conf",
                "owner": "root",
                "perm": "0644",
                "source": "/var/lib/kolla/config_files/httpd-keystone-main.conf"
              },
              {
                "dest": "/etc/httpd/conf.d/10-keystone-admin.conf",
                "owner": "root",
                "perm": "0644",
                "source": "/var/lib/kolla/config_files/httpd-keystone-admin.conf"
              }
            ]
        }
      keystone.conf: |
        {{keystone_conf['content'] | b64decode}}
      httpd.conf: |
        {{httpd_conf['content'] | b64decode}}
      httpd-keystone-main.conf: |
        {{httpd_keystone_main_conf['content'] | b64decode}}
      httpd-keystone-admin.conf: |
        {{httpd_keystone_admin_conf['content'] | b64decode}}

- name: Create keystone database
  include_role:
    name: ansible-role-k8s-tripleo
    tasks_from: create-database
  vars:
    service_name: 'keystone'
    database_name: 'keystone'

- name: Create keystone job
  k8s_v1_job:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: keystone-db-sync
    namespace: "{{namespace}}"
    state: present
    restart_policy: OnFailure
    containers:
      - image: tripleoupstream/centos-binary-keystone
        name: keystone-db-sync
        env:
          - name: KOLLA_CONFIG_STRATEGY
            value: COPY_ALWAYS
          - name: KOLLA_BOOTSTRAP
            value: ''
        volume_mounts:
        - name: kolla-config
          mountPath: /var/lib/kolla/config_files/
        - name: keystone-fernet
          mountPath: /etc/keystone/fernet-keys
    volumes:
      - name: kolla-config
        config_map:
          name: keystone
      - name: keystone-fernet
        hostPath:
          # directory location on host
          path: /tmp/keystone-fernet
    state: present

- name: Keystone fernet bootstrap
  k8s_v1_job:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: keystone-fernet
    namespace: "{{namespace}}"
    state: present
    restart_policy: OnFailure
    containers:
      - image: tripleoupstream/centos-binary-keystone-fernet
        name: keystone-fernet-bootstrap
        command: ["kolla_keystone_bootstrap", "keystone", "keystone"]
        env:
          - name: KOLLA_CONFIG_STRATEGY
            value: COPY_ALWAYS
        volume_mounts:
        - name: kolla-config
          mountPath: /var/lib/kolla/config_files/
        - name: keystone-fernet
          mountPath: /etc/keystone/fernet-keys
    volumes:
      - name: kolla-config
        config_map:
          name: keystone
      - name: keystone-fernet
        hostPath:
          # directory location on host
          path: /tmp/keystone-fernet
    state: present

- name: Keystone bootstrap
  k8s_v1_job:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: keystone-bootstrap
    namespace: "{{namespace}}"
    state: present
    restart_policy: OnFailure
    containers:
      - image: tripleoupstream/centos-binary-keystone
        name: keystone-bootstrap
        # NOTE(flaper87): We might want to set bootstrap URLs, project name, etc
        command:
          - keystone-manage
          - --config-file
          - /var/lib/kolla/config_files/keystone.conf
          - bootstrap
          - --bootstrap-username
          - '{{keystone_config.admin_username}}'
          - --bootstrap-password
          - '{{keystone_config.admin_password}}'
          - --bootstrap-role-name
          - '{{keystone_config.admin_role_name}}'
          - --bootstrap-project-name
          - '{{keystone_config.admin_project_name}}'
          - --bootstrap-service-name
          - '{{keystone_config.admin_service_name}}'
          - --bootstrap-admin-url
          - http://keystone:35357/v3
          - --bootstrap-internal-url
          - http://keystone:5000/v3
          - --bootstrap-public-url
          - http://keystone:5000/v3
          - --bootstrap-region-id
          - RegionOne
        env:
          - name: KOLLA_CONFIG_STRATEGY
            value: COPY_ALWAYS
          - name: KOLLA_BOOTSTRAP
            value: ''
        volume_mounts:
        - name: kolla-config
          mountPath: /var/lib/kolla/config_files/
        - name: keystone-fernet
          mountPath: /etc/keystone/fernet-keys
    volumes:
      - name: kolla-config
        config_map:
          name: keystone
      - name: keystone-fernet
        hostPath:
          # directory location on host
          path: /tmp/keystone-fernet
    state: present


- name: Create keystone service
  k8s_v1_service:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: keystone
    namespace: "{{namespace}}"
    state: present
    ports:
      - port: 5000
        name: keystone-api-public
      - port: 35357
        name: keystone-api-admin
    selector:
      app: keystone-api
  register: create_service

- name: Create keystone deployment
  k8s_apps_v1beta1_deployment:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: keystone-api
    namespace: "{{namespace}}"
    replicas: 1
    spec_revision_history_limit: 3
    spec_template_metadata_labels:
      app: keystone-api
    containers:
      - name: keystone-api
        image: tripleoupstream/centos-binary-keystone
        imagePullPolicy: IfNotPresent
        env:
        - name: KOLLA_CONFIG_STRATEGY
          value: COPY_ALWAYS
        - name: KOLLA_KUBERNETES
          value: ""
        ports:
          - name: api-public
            containerPort: 5000
          - name: api-admin
            containerPort: 35357
        volume_mounts:
        - name: kolla-config
          mountPath: /var/lib/kolla/config_files/
        - name: keystone-fernet
          mountPath: /etc/keystone/fernet-keys
    volumes:
      - name: kolla-config
        config_map:
          name: keystone
      - name: keystone-fernet
        hostPath:
          # directory location on host
          path: /tmp/keystone-fernet
    state: present
  register: create_service

- set_fact:
    clouds_yaml: |
      clouds:
        {{namespace}}:
          region_name: RegionOne
          identity_api_version: 3
          auth:
            username: '{{keystone_config.admin_username}}'
            password: '{{keystone_config.admin_password}}'
            project_name: '{{keystone_config.admin_project_name}}'
            user_domain_name: '{{keystone_config.admin_domain_name}}'
            project_domain_name: '{{keystone_config.admin_domain_name}}'
            auth_url: 'http://keystone:5000/v3'

- name: Create keystone secrets
  k8s_v1_secret:
    host: "{{coe_host}}"
    context: "{{coe_config_context}}"
    kubeconfig: "{{coe_config_file}}"
    name: '{{clouds_config}}'
    namespace: "{{namespace}}"
    state: present
    data:
      clouds.yaml: "{{clouds_yaml | b64encode}}"