---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: User secrets adjustments
  hosts: localhost
  connection: local
  gather_facts: false
  user: root
  tasks:
    - name: Read example user secrets file
      shell: "grep '^[a-zA-Z]' {{ osa_playbook_dir }}/etc/openstack_deploy/user_secrets.yml"
      register: secrets
    - name: Rename changed secrets
      lineinfile:
        dest: "/etc/openstack_deploy/{{ _osa_secrets_file_name }}"
        regexp: "^{{ item.old_name }}: (.*)$"
        line: "{{ item.new_name }}: \\1"
        backrefs: yes
      with_items:
        - { old_name: "ironic_galera_password", new_name: "ironic_container_mysql_password" }
    - name: Read user secrets file
      shell: "grep '^[a-zA-Z]' /etc/openstack_deploy/{{ _osa_secrets_file_name }}"
      register: user_secrets
    - name: Add missing secrets
      lineinfile:
        dest: "/etc/openstack_deploy/{{ _osa_secrets_file_name }}"
        line: "{{ item }}"
      with_items: "{{ secrets.stdout_lines }}"
      when: user_secrets.stdout.find("{{ item }}") == -1
    - name: Generate new secrets
      shell: "{{ osa_playbook_dir }}/scripts/pw-token-gen.py --file /etc/openstack_deploy/{{ _osa_secrets_file_name }}"
  vars:
    _osa_secrets_file_name: "{{ osa_secrets_file_name | default('user_secrets.yml') }}"