---
# [DEPRECATION WARNING]: The TRANSFORM_INVALID_GROUP_CHARS settings is set to allow bad characters in group names by default, this will change, but still be user configurable on deprecation. This feature
# will be removed in version 2.10. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
#[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details

- set_fact:
    _name_selector: name

- set_fact:
    stack_tag: "{{env_type | replace('-', '_')}}_{{guid}}"
  tags:
  - create_inventory
  - must

# Find the bastion
- name: Find the bastion in this batch of host
  set_fact:
    local_bastion: "{{ server | json_query(_name_selector) | default(server.name) }}"
  when:
  - server.status != 'terminated'
  - '"bastions" in server.metadata.AnsibleGroup | default("")'
  loop: "{{ r_osp_facts.ansible_facts.openstack_servers }}"
  loop_control:
    label: "{{ server | json_query(_name_selector) | default(server.name) }}"
    loop_var: server
  ignore_errors: yes
  tags:
  - create_inventory
  - must

- when: server.status != 'terminated'
  block:
  - name: Add hosts to inventory
    add_host:
      name: "{{ server | json_query(_name_selector) | default(server.name) }}"
      original_name: "{{ server.name }}"
      groups:
      #TODO: remove thos tag_*
      - "tag_Project_{{stack_tag}}"
      - "tag_{{ stack_tag}} | default('unknowns') }}"
      - "{{ server.metadata.ostype | default('unknowns') }}"
      ansible_user: "{{ ansible_user }}"
      remote_user: "{{ remote_user }}"
      # ansible_ssh_private_key_file: "{{item['key_name']}}"
      # key_name: "{{item['key_name']}}"
      state: "{{ server.status }}"
      instance_id: "{{ server.id }}"
      isolated: "{{ server.metadata.isolated | default(false) }}"
      # private_dns_name: "{{item['private_dns_name']}}"
      private_ip_address: "{{ server.private_v4 }}"
      public_ip_address: "{{ server.public_v4 | default('') }}"
      image_id: "{{ server.image.id | default('') }}"
      ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
      ansible_python_interpreter: "{{ server.metadata.ansible_python_interpreter | default(omit) }}"
      bastion: "{{ local_bastion | default('') }}"
    loop: "{{ r_osp_facts.ansible_facts.openstack_servers }}"
    loop_control:
      label: "{{ server | json_query(_name_selector) | default(server.name) }}"
      loop_var: server
    tags:
    - create_inventory
    - must

  - add_host:
      name: "{{ server | json_query(_name_selector) | default(server.name) }}"
      groups: "{{ server.metadata.AnsibleGroup }}"
    loop: "{{ r_osp_facts.ansible_facts.openstack_servers }}"
    loop_control:
      label: "{{ server | json_query(_name_selector) | default(server.name) }}"
      loop_var: server
    when: server.metadata.AnsibleGroup | default('') != ''
    tags:
    - create_inventory
    - must

- name: Make sure bastion has public DNS name defined
  add_host:
    name: "{{ host }}"
    public_dns_name: "{{ host }}.{{ guid }}.{{osp_cluster_dns_zone}}"
  loop: "{{ groups['bastions'] }}"
  loop_control:
    loop_var: host
  when: hostvars[host].public_ip_address != ''

- debug:
    var: hostvars[local_bastion].public_ip_address

- debug:
    msg: >-
      bastion IP is {{ lookup('dig', hostvars[local_bastion].public_dns_name) }}
  ignore_errors: true

- name: Verify that DNS matches bastion host_var
  assert:
    that:
    # Requires dnspython library
    - lookup('dig', hostvars[local_bastion].public_dns_name) == hostvars[local_bastion].public_ip_address

- name: debug hostvars
  debug:
    var: hostvars
    verbosity: 2

- name: debug groups
  debug:
    var: groups
    verbosity: 2