- name: node/config.yml, populate oo_nodes_to_config host group if needed
  hosts: localhost
  gather_facts: no
  tasks:
  - name: Evaluate oo_host_group_exp
    add_host: "name={{ item }} groups=oo_nodes_to_config"
    with_items: "{{ oo_host_group_exp | default('') }}"
    when: oo_host_group_exp is defined
  - name: Find masters for env
    add_host: "name={{ item }} groups=oo_masters_for_node_config"
    with_items: groups['tag_env-host-type-' + oo_env + '-openshift-master']

- name: Gather facts for masters in {{ oo_env }}
  hosts: tag_env-host-type-{{ oo_env }}-openshift-master
  tasks:
  - set_fact:
      openshift_master_ip: "{{ openshift_ip }}"
      openshift_master_api_url: "{{ openshift_api_url }}"
      openshift_master_webui_url: "{{ openshift_webui_url }}"
      openshift_master_hostname: "{{ openshift_hostname }}"
      openshift_master_public_ip: "{{ openshift_public_ip }}"
      openshift_master_api_public_url: "{{ openshift_api_public_url }}"
      openshift_master_webui_public_url: "{{ openshift_webui_public_url }}"
      openshift_master_public_hostnames: "{{ openshift_public_hostname }}"

- name: Gather facts for hosts to configure
  hosts: tag_env-host-type-{{ oo_env }}-openshift-node
  tasks:
  - set_fact:
      openshift_node_hostname: "{{ openshift_hostname }}"
      openshift_node_name: "{{ openshift_hostname }}"
      openshift_node_cpu: "{{ openshift_node_cpu if openshift_node_cpu else ansible_processor_cores }}"
      openshift_node_memory: "{{ openshift_node_memory if openshift_node_memory else (ansible_memtotal_mb|int * 1024 * 1024 * 0.75)|int }}"
      openshift_node_pod_cidr: "{{ openshift_node_pod_cidr if openshift_node_pod_cidr else None }}"
      openshift_node_host_ip: "{{ openshift_ip }}"
      openshift_node_labels: "{{ openshift_node_labels if openshift_node_labels else {} }}"
      openshift_node_annotations: "{{ openshift_node_annotations if openshift_node_annotations else {} }}"

- name: Register nodes
  hosts: tag_env-host-type-{{ oo_env }}-openshift-master[0]
  vars:
    openshift_node_group: tag_env-host-type-{{ oo_env }}-openshift-node
    openshift_nodes: "{{ hostvars
          | oo_select_keys(groups[openshift_node_group]) }}"
    openshift_master_group: tag_env-host-type-{{ oo_env }}-openshift-master
    openshift_master_urls: "{{ hostvars
          | oo_select_keys(groups[openshift_master_group])
          | oo_collect(attribute='openshift_master_api_url') }}"
    openshift_master_public_urls: "{{ hostvars
          | oo_select_keys(groups[openshift_master_group])
          | oo_collect(attribute='openshift_master_api_public_url') }}"
  pre_tasks:
  roles:
  - openshift_register_nodes
  tasks:
  - name: Create local temp directory for syncing certs
    local_action: command /usr/bin/mktemp -d /tmp/openshift-ansible-XXXXXXX
    register: mktemp

  - name: Sync master certs to localhost
    synchronize:
      mode: pull
      checksum: yes
      src: /var/lib/openshift/openshift.local.certificates
      dest: "{{ mktemp.stdout }}"

# TODO: sync generated certs between masters
#
- name: Configure instances
  hosts: oo_nodes_to_config
  vars_files:
  - vars.yml
  vars:
    openshift_master_group: tag_env-host-type-{{ oo_env }}-openshift-master
    openshift_master_ips: "{{ hostvars
          | oo_select_keys(groups[openshift_master_group])
          | oo_collect(attribute='openshift_master_ip') }}"
    openshift_master_hostnames: "{{ hostvars
          | oo_select_keys(groups[openshift_master_group])
          | oo_collect(attribute='openshift_master_hostname') }}"
    openshift_master_public_ips: "{{ hostvars
          | oo_select_keys(groups[openshift_master_group])
          | oo_collect(attribute='openshift_master_public_ip') }}"
    openshift_master_public_hostnames: "{{ hostvars
          | oo_select_keys(groups[openshift_master_group])
          | oo_collect(attribute='openshift_master_public_hostname') }}"
    cert_parent_rel_path: openshift.local.certificates
    cert_rel_path: "{{ cert_parent_rel_path }}/node-{{ openshift_node_name }}"
    cert_base_path: /var/lib/openshift
    cert_parent_path: "{{ cert_base_path }}/{{ cert_parent_rel_path }}"
    cert_path: "{{ cert_base_path }}/{{ cert_rel_path }}"
  pre_tasks:
  - name: Ensure certificate directories exists
    file:
      path: "{{ item }}"
      state: directory
    with_items:
    - "{{ cert_path }}"
    - "{{ cert_parent_path }}/ca"

  # TODO: only sync to a node if it's certs have been updated
  # TODO: notify restart openshift-node and/or restart openshift-sdn-node,
  # possibly test service started time against certificate/config file
  # timestamps in openshift-node or openshift-sdn-node to trigger notify
  # TODO: also copy ca cert: /var/lib/openshift/openshift.local.certificates/ca/cert.crt
  - name: Sync certs to nodes
    synchronize:
      checksum: yes
      src: "{{ item.src }}"
      dest: "{{ item.dest }}"
      owner: no
      group: no
    with_items:
    - src: "{{ hostvars[groups[openshift_master_group][0]].mktemp.stdout }}/{{ cert_rel_path }}"
      dest: "{{ cert_parent_path }}"
    - src: "{{ hostvars[groups[openshift_master_group][0]].mktemp.stdout }}/{{ cert_parent_rel_path }}/ca/cert.crt"
      dest: "{{ cert_parent_path }}/ca/cert.crt"
  - local_action: file name={{ hostvars[groups[openshift_master_group][0]].mktemp.stdout }} state=absent
    run_once: true
  roles:
    - openshift_node
    - os_env_extras