---
- name: Step 003 - Create env key
  hosts: localhost
  connection: local
  gather_facts: false
  become: false
  tags:
  - step003
  - generate_env_keys
  tasks:
  - name: Generate SSH keys
    shell: ssh-keygen -b 2048 -t rsa -f "{{output_dir}}/{{env_authorized_key}}" -q -N ""
    args:
      creates: "{{output_dir}}/{{env_authorized_key}}"
    when: set_env_authorized_key | bool

  - name: fix permission
    file:
      path: "{{output_dir}}/{{env_authorized_key}}"
      mode: 0400
    when: set_env_authorized_key | bool

  - name: Generate SSH pub key
    shell: ssh-keygen -y -f "{{output_dir}}/{{env_authorized_key}}" > "{{output_dir}}/{{env_authorized_key}}.pub"
    args:
      creates: "{{output_dir}}/{{env_authorized_key}}.pub"
    when: set_env_authorized_key | bool

# Cloudformation template or equivalent should tag all hosts with Project:{{ env_type }}-{{ guid }}
- name: Configure all hosts with Repositories, Common Files and Set environment key
  hosts:
  - all:!windows
  become: true
  gather_facts: False
  tags:
  - step004
  - common_tasks
  roles:
  - { role: "set-repositories",       when: 'repo_method is defined' }
  - { role: "common",                 when: 'install_common | bool' }
  - { role: "set_env_authorized_key", when: 'set_env_authorized_key | bool' }

- name: Configuring Bastion Hosts
  hosts: bastions
  become: true
  roles:
  - { role: "bastion",              when: 'install_bastion | bool' }
  - role: "status-report-install"
    vars:
      bastion_dns_name: "bastion{{ guid }}{{ subdomain_base_suffix }}"
    when: 'report_status | d(false)'
  - { role: "bastion-student-user", when: 'install_student_user | bool' }
  - { role: "bastion-opentlc-ipa",  when: 'install_ipa_client | bool' }
  tags:
  - step004
  - bastion_tasks

- name: Create a Python3 VirtualEnv for use in the k8s Ansible tasks
  hosts: bastions
  gather_facts: false
  become: true
  tasks:
  - name: Setup pre-requisite python3 packages
    package:
      state: present
      name:
      - git
      - python3-pip

  - name: Setup pre-requisite pip3 packages
    pip:
      name:
      - virtualenv
      state: present
      executable: /usr/bin/pip3

  - name: Copy requirements.txt to target for k8s virtualenv
    copy:
      src: ./files/requirements_k8s.txt
      dest: /tmp/requirements_k8s.txt

  - name: "Create virtualenv k8s"
    pip:
      requirements: /tmp/requirements_k8s.txt
      virtualenv: "/opt/virtualenvs/k8s"
      virtualenv_site_packages: no
      virtualenv_command: /usr/local/bin/virtualenv

  - name: Ensure system Python3 has selinux library installed
    pip:
      state: present
      executable: /usr/bin/pip3
      name: selinux
      version: 0.2.1

- name: PreSoftware flight-check
  hosts: localhost
  connection: local
  gather_facts: false
  become: false
  tags:
  - flight_check
  tasks:
  - debug:
      msg: "Pre-Software checks completed successfully"