---

- name: check if user is cluster admin
  shell: "oc get project default"
  register: default_project_result
  ignore_errors: true
  changed_when: false

- name: user granted access rights
  fail:
    msg: "User does not have cluster-admin rights to install Fuse Online"
  when: default_project_result is failed


- name: Create project for workload; project =  {{ocp_project}}
  shell: "oc new-project {{ocp_project}} --display-name={{ocp_project}}"

- name: "Label namespace"
  command: "oc label namespace {{ocp_project}} AAD='{{guid}}'"

- name: Make sure we go back do default project
  shell: "oc project default"



# ######                 Fuse Online            ##########

- name: Create serviceaccount-as-oauthclient
  shell: "oc create -f {{syndesisio_sa_yml}} -n {{ocp_project}}"

- name: Create syndesisio template; {{syndesisio_template_yml}}
  shell: "oc create -f {{syndesisio_template_yml}} -n {{ocp_project}}"


- name: delete temp dir if it exists
  file:
      path: /tmp/{{ocp_project}}
      state: absent
- file:
      path: /tmp/{{ocp_project}}
      state: directory

- name: Load fuse-ignite-is
  shell: "oc create -f {{ fuse_ignite_is_yaml }} -n {{ocp_project}}"

- name: Create the syndesisio app
  shell: |
      oc new-app {{ignite_template_name}} \
      -p ROUTE_HOSTNAME=fuse.{{ocp_project}}.{{ocp_apps_domain}} \
      -p OPENSHIFT_MASTER=https://master.{{ocp_domain}} \
      -p OPENSHIFT_PROJECT={{ocp_project}} \
      -p POSTGRESQL_MEMORY_LIMIT={{POSTGRESQL_MEMORY_LIMIT}} \
      -p PROMETHEUS_MEMORY_LIMIT={{PROMETHEUS_MEMORY_LIMIT}} \
      -p META_MEMORY_LIMIT={{META_MEMORY_LIMIT}} \
      -p SERVER_MEMORY_LIMIT={{SERVER_MEMORY_LIMIT}} \
      -p OPENSHIFT_OAUTH_CLIENT_SECRET=$(oc sa get-token syndesis-oauth-client -n {{ocp_project}}) \
      -p MAX_INTEGRATIONS_PER_USER={{MAX_INTEGRATIONS_PER_USER}} \
      -p IMAGE_STREAM_NAMESPACE={{ocp_project}} \
      -n {{ocp_project}}

- name: "Resume {{with_items}}"
  command: oc rollout resume dc/"{{ item }}" -n "{{ ocp_project }}"
  with_items:
    - syndesis-db
    - syndesis-oauthproxy

- include_tasks: wait_for_deploy.yml
  vars:
    pod_to_wait:
    - syndesis-db
    - syndesis-oauthproxy

- name: resume todo
  shell: oc rollout resume dc/todo -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - todo

- name: Scale up broker-amq
  shell: |
      oc scale dc/broker-amq --replicas=1 -n {{ocp_project}}
- name: resume broker-amq
  shell: oc rollout resume dc/broker-amq -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - "broker-amq"

- name: resume syndesis-meta
  shell: oc rollout resume dc/syndesis-meta -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - syndesis-meta

- name: resume syndesis-server
  shell: oc rollout resume dc/syndesis-server -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - syndesis-server

- name: resume syndesis-ui
  shell: oc rollout resume dc/syndesis-ui -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - syndesis-ui

- name: resume syndesis-prometheus
  shell: oc rollout resume dc/syndesis-prometheus -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - syndesis-prometheus

# ########################################################



# ######        Coolstore Catalog Service       ##########

- name: Add the view role to the default service account
  shell: "oc policy add-role-to-user view -z default -n {{ocp_project}}"

- name: Copy catalog service configmap to known path
  template:
    src: templates/app-config.yaml
    dest: /tmp/{{ocp_project}}/app-config.yaml
- name: Load catalog service configmap
  shell: "oc create configmap app-config --from-file=/tmp/{{ocp_project}}/app-config.yaml -n {{ocp_project}}"


- name: Copy catalog service (with db) template to known path
  template:
    src: templates/coolstore-catalog-mongodb-persistent.yaml
    dest: /tmp/{{ocp_project}}/coolstore-catalog-mongodb-persistent.yaml
- name: Build and create catalog service
  shell: |
      oc new-app \
      -f /tmp/{{ocp_project}}/coolstore-catalog-mongodb-persistent.yaml \
      -p CATALOG_DB_USERNAME=mongo \
      -p CATALOG_DB_PASSWORD=mongo \
      -n {{ocp_project}}

- include_tasks: ./wait_for_build.yml
  static: no
  vars:
    build_to_wait:
      - catalog-service-s2i

- name: resume catalog-service
  shell: oc rollout resume dc/catalog-service -n {{ocp_project}}
- include_tasks: ./wait_for_deploy.yml
  static: no
  vars:
    pod_to_wait:
      - catalog-service

# ########################################################

- name: Annotate the empty project as requested by user
  shell: "oc annotate namespace {{ocp_project}} openshift.io/requester={{ocp_username}} --overwrite"

- name: Give ocp_username access to ocp_project; user = {{ocp_username}}
  shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{ocp_project}}"


- name: workload Tasks Complete
  debug:
    msg: workload Tasks Complete