version: '3'

env:
  DOCKER_REPOSITORY: pouncetech/molecule

vars:
  PYTHON_WRAPPER: '{{.ROOT_DIR}}/scripts/python_wrapper.sh'
  MOLECULE_DIR: '{{.ROOT_DIR}}/collections/ansible_collections/nullified/infrastructure/extensions'
  COLLECTIONS_DIR: '{{.ROOT_DIR}}/collections/ansible_collections'

tasks:
  setup:venv:
    desc: install a Python3 virtualenv and all the required ansible / molecule dependencies.
    cmds:
      - |
        set -e
        rm -rf ./venv || true
        python3 -m virtualenv --download venv
        ./venv/bin/python3 -m pip install --upgrade -r requirements.txt
    status:
      - test -d venv

  setup:ansible:
    desc: install ansible galaxy collections
    cmds:
      - '{{.PYTHON_WRAPPER}} ansible-galaxy collection install -r ansible_galaxy-requirements.yml'

  setup:
    desc: set up environment for Python virtualenv and ansible dependencies
    cmds:
      - task: 'setup:venv'
      - task: 'setup:ansible'

  test:modules:
    desc: run `ansible-test sanity` on collections to find common issues for modules and collections
    dir: collections/ansible_collections
    vars:
      ANSIBLE_COLLECTIONS:
        sh: find -mindepth 2 -maxdepth 2 -type d
    cmds:
      - for: { var: ANSIBLE_COLLECTIONS }
        task: 'test:module:sanity'
        vars:
          COLLECTION_PATH: 'collections/ansible_collections/{{.ITEM}}'

  test:module:sanity:
    internal: true
    dir: '{{.COLLECTION_PATH}}'
    cmds:
      - 'test -d tests && {{.PYTHON_WRAPPER}} ansible-test sanity --venv || echo - ignored $(pwd)'

  test:collections:
    desc: run molecule tests for all roles and collections.
    dir: collections/ansible_collections
    vars:
      ANSIBLE_COLLECTIONS:
        sh: find -mindepth 2 -maxdepth 2 -type d
    cmds:
      - for: { var: ANSIBLE_COLLECTIONS }
        task: 'test:collection:molecule'
        vars:
          COLLECTION_PATH: 'collections/ansible_collections/{{.ITEM}}'

  test:collection:molecule:
    internal: true
    dir: '{{.COLLECTION_PATH}}/extensions'
    cmds:
      - 'test -d molecule && {{.PYTHON_WRAPPER}} molecule test || echo - ignored $(pwd)'

  module:github_artifact:
    desc: run a module from the collection for testing purposes
    vars:
      PLUGINS_DIR: '{{.ROOT_DIR}}/collections/ansible_collections/nullified/infrastructure/plugins'
    cmd: |
      {{.PYTHON_WRAPPER}} python3 {{.PLUGINS_DIR}}/modules/github_artifact.py {{.PLUGINS_DIR}}/tests/github_artifact.json |
        {{.PYTHON_WRAPPER}} python3 -m json.tool | {{.PYTHON_WRAPPER}} pygmentize -l json

  docker:build:
    desc: build docker images locally.
    vars:
      DOCKERFILE_IMAGES:
        sh: find images -type f -name 'Dockerfile-*'
    cmds:
      - for: { var: DOCKERFILE_IMAGES }
        task: 'docker:build:image'
        vars:
          DOCKERFILE: '{{.ITEM}}'
          DOCKER_CONTEXT: images
          IMAGE_TAG: '{{.ITEM | splitList "/" | last | replace "Dockerfile-" ""}}'
  docker:build:image:
    internal: true
    sources:
      - '{{.DOCKERFILE}}'
    cmds:
      - docker buildx build --load -t "{{.DOCKER_REPOSITORY}}:{{.IMAGE_TAG}}" -f {{.DOCKERFILE}} {{.DOCKER_CONTEXT}}
    status:
      - docker image ls --format '{{"{{"}} .Tag {{"}}"}}' | grep -E '^{{.IMAGE_TAG}}$'

  docker:push:
    desc: push locally built images
    cmds:
      - 'echo docker push $DOCKER_REPOSITORY:$IMAGE_TAG'
    env:
      IMAGE_TAG:

  nosey:
    desc: start noseyparker to ensure no secrets or passwords are committed
    cmds:
      - noseyparker scan --datastore=$(basename $PWD).np --ignore=.gitignore --color=always --progress=always .
      - noseyparker report --datastore=$(basename $PWD).np

  venv:
    desc: execute a python3 command using the virtualenv wrapper
    cmd: '{{.PYTHON_WRAPPER}} {{.CLI_ARGS}}'

  molecule:
    desc: execute a molecule command
    dir: '{{.MOLECULE_DIR}}'
    cmd: '{{.PYTHON_WRAPPER}} molecule {{.CLI_ARGS}}'

  molecule:purge:
    desc: purge libvirtd and reset firewall rules
    vars:
      VIRSH_CONNECT: '{{.VIRSH_CONNECT | default "qemu:///system"}}'
    cmds:
      - ./scripts/purge_virsh.sh
      - task: 'molecule'
        vars:
          CLI_ARGS: 'destroy'
      - sudo systemctl restart nftables.service
      - sudo systemctl restart libvirtd.service

  ansible:new:role:*:
    desc: create a new role for the specified collection
    vars:
      COLLECTION_NAME: '{{default "nullified.infrastructure" .COLLECTION_NAME}}'
      ROLE_NAME: '{{index .MATCH 0}}'
    cmds:
      - '{{.PYTHON_WRAPPER}} ansible-galaxy role init {{.ROLE_NAME}} --role-skeleton ./templates/ansible_role_skeleton --init-path {{.COLLECTIONS_DIR}}/{{.COLLECTION_NAME | replace "." "/"}}/roles'

  ansible:new:collection:*:
    desc: create a new collection
    vars:
      COLLECTION_NAME: '{{index .MATCH 0}}'
      COLLECTION_SUBPATH: 'collections/ansible_collections'
    cmds:
      - '{{.PYTHON_WRAPPER}} ansible-galaxy collection init {{.COLLECTION_NAME}} --init-path {{.COLLECTIONS_DIR}}'
      - 'echo "!{{.COLLECTION_SUBPATH}}/{{(.COLLECTION_NAME | split ".")._0}}" | tee -a .gitignore > /dev/null'