# Cookbook Name:: openstack-application-catalog
# Recipe:: server
#
# Copyright (c) 2016 Mirantis Inc, All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

require 'uri'
class ::Chef::Recipe
  include ::Openstack
end

packages = %w(api_package_name cfapi_package_name common_package_name
              engine_package_name pythonclient_package_name)

if node['openstack']['murano']['database_connection'] =~ /^mysql\+pymysql/
  packages << 'pymysql_package_name'
end

packages.each do |pkg|
  package node['openstack']['murano'][pkg] do
    action :install
  end
end

# config

db_password = get_password 'db', 'murano'
db_user = node['openstack']['murano']['db_user']
db_connection = db_uri('application-catalog', db_user, db_password)

node.default['openstack']['murano']['conf_secrets']
.[]('DEFAULT')['transport_url'] = rabbit_transport_url 'application-catalog'
node.default['openstack']['murano']['conf_secrets']
.[]('keystone_authtoken')['password'] =
  get_password 'service', 'openstack-application-catalog'

node.default['openstack']['murano']['conf']
.[]('database')['connection'] = db_connection

ie = public_endpoint 'identity'
ae = admin_endpoint 'identity'
ine = internal_endpoint 'identity'
auth_uri = ::URI.decode ae.to_s
auth_url = ::URI.decode ine.to_s
node.default['openstack']['murano']['conf']['keystone_authtoken']['auth_url'] = auth_url

murano_conf_options = merge_config_options 'murano'

template '/etc/murano/murano.conf' do
  source 'openstack-service.conf.erb'
  cookbook 'openstack-common'
  owner 'murano'
  group 'murano'
  mode 00640
  variables(
    service_config: murano_conf_options
  )
end

service 'murano-api' do
  supports restart: true, reload: true
  action :enable
end

service 'murano-cfapi' do
  supports restart: true, reload: true
  action :enable
end

service 'murano-engine' do
  supports restart: true, reload: true
  action :enable
end

execute 'murano-dbmanage upgrade' do
  command 'murano-db-manage --config-file /etc/murano/murano.conf upgrade'
  user 'murano'
  notifies :restart, 'service[murano-api]', :immediately
  notifies :restart, 'service[murano-cfapi]', :immediately
  notifies :restart, 'service[murano-engine]', :immediately
end

murano_port = node['openstack']['murano']['service_port']

# TODO(jrosenboom): Use murano specific endpoint definitions directly
public_murano_api_endpoint = public_endpoint 'application-catalog'
admin_murano_api_endpoint = "#{ae.scheme}://#{ae.host}:#{murano_port}/"
internal_murano_api_endpoint = "#{ine.scheme}://#{ine.host}:#{murano_port}/"

service_pass = get_password 'service', 'openstack-application-catalog'
service_project_name = node['openstack']['murano']['conf']['keystone_authtoken']['project_name']
service_domain_name = node['openstack']['murano']['conf']['keystone_authtoken']['user_domain_name']
admin_user = node['openstack']['identity']['admin_user']
admin_pass = get_password 'user', node['openstack']['identity']['admin_user']
admin_project = node['openstack']['identity']['admin_project']
admin_domain = node['openstack']['identity']['admin_domain_name']
service_user = node['openstack']['murano']['admin_user']
service_role = node['openstack']['murano']['service_role']
region = node['openstack']['region']
murano_service_name = 'murano'
murano_service_type = 'application-catalog'
cfapi_service_name = 'murano-cfapi'
cfapi_service_type = 'service-broker'

connection_params = {
  openstack_auth_url:     "#{auth_uri}/auth/tokens",
  openstack_username:     admin_user,
  openstack_api_key:      admin_pass,
  openstack_project_name: admin_project,
  openstack_domain_name:  admin_domain
}

# Register Service Project
openstack_project service_project_name do
  connection_params connection_params
end

# Register Murano Service
openstack_service murano_service_name do
  type murano_service_type
  connection_params connection_params
end

# Register Murano Public-Endpoint
openstack_endpoint murano_service_type do
  service_name murano_service_name
  interface 'public'
  url ::URI.decode public_murano_api_endpoint.to_s
  region region
  connection_params connection_params
end

# Register Murano Internal-Endpoint
openstack_endpoint murano_service_type do
  service_name murano_service_name
  url ::URI.decode internal_murano_api_endpoint.to_s
  region region
  connection_params connection_params
end

# Register Murano Admin-Endpoint
openstack_endpoint murano_service_type do
  service_name murano_service_name
  interface 'admin'
  url ::URI.decode admin_murano_api_endpoint.to_s
  region region
  connection_params connection_params
end

# Register Service User
openstack_user service_user do
  project_name service_project_name
  role_name service_role
  password service_pass
  connection_params connection_params
end

## Grant Service role to Service User in Service Project
openstack_user service_user do
  role_name service_role
  project_name service_project_name
  connection_params connection_params
  action :grant_role
end

openstack_user service_user do
  domain_name service_domain_name
  role_name service_role
  user_name service_user
  connection_params connection_params
  action :grant_domain
end

if node['openstack']['murano']['cfapi_enabled']
  public_cfapi_api_endpoint = "#{ie.scheme}://#{ie.host}:8083/"
  admin_cfapi_api_endpoint = "#{ae.scheme}://#{ae.host}:8083/"
  internal_cfapi_api_endpoint = "#{ine.scheme}://#{ine.host}:8083/"

  # Register CFAPI Service
  openstack_service cfapi_service_name do
    type cfapi_service_type
    connection_params connection_params
  end

  # Register CFAPI Public-Endpoint
  openstack_endpoint cfapi_service_type do
    service_name cfapi_service_name
    interface 'public'
    url ::URI.decode public_cfapi_api_endpoint.to_s
    region region
    connection_params connection_params
  end

  # Register CFAPI Internal-Endpoint
  openstack_endpoint cfapi_service_type do
    service_name cfapi_service_name
    url ::URI.decode internal_cfapi_api_endpoint.to_s
    region region
    connection_params connection_params
  end

  # Register CFAPI Admin-Endpoint
  openstack_endpoint cfapi_service_type do
    service_name cfapi_service_name
    interface 'admin'
    url ::URI.decode admin_cfapi_api_endpoint.to_s
    region region
    connection_params connection_params
  end
end

# Symlink base package
link '/var/cache/murano/meta/io.murano.zip' do
  to '/usr/share/murano-common/io.murano.zip'
end

# TODO(frickler): Crosscheck domain name usage
openstack_application_catalog_application 'io.murano' do
  identity_user node['openstack']['murano']['admin_user']
  identity_pass service_pass
  identity_user_domain service_domain_name
  identity_project service_project_name
  identity_project_domain service_domain_name
  identity_uri auth_uri
  is_public true
  action :create
end