---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

- name: "Tear-down containers that need to be re-created (new-config detected)"
  when:
    - tripleo_container_manage_systemd_teardown | bool
  include_role:
    name: tripleo-container-rm
  vars:
    tripleo_container_cli: "{{ tripleo_container_manage_cli }}"
    tripleo_containers_to_rm: >-
      {{ podman_containers.containers | needs_delete(config=batched_container_data|
      haskey(attribute='action', reverse=True)|singledict,
      config_id=tripleo_container_manage_config_id, clean_orphans=False) }}

- name: "Async container create/run"
  no_log: "{{ not tripleo_container_manage_debug }}"
  async: "{{ (not ansible_check_mode | bool) | ternary('600', omit) }}"
  poll: "{{ (not ansible_check_mode | bool) | ternary('0', omit) }}"
  register: create_async_results
  loop: "{{ batched_container_data | haskey(attribute='action', reverse=True) }}"
  loop_control:
    loop_var: container_data
  podman_container:
    annotation: "{{ lookup('dict', container_data).value.annotation | default(omit) }}"
    cap_add: "{{ lookup('dict', container_data).value.cap_add | default(omit) }}"
    cap_drop: "{{ lookup('dict', container_data).value.cap_drop | default(omit) }}"
    command: "{{ lookup('dict', container_data).value.command | default(omit) }}"
    conmon_pidfile: "/var/run/{{ lookup('dict', container_data).key }}.pid"
    cpu_shares: "{{ lookup('dict', container_data).value.cpu_shares | default(omit) | int }}"
    # cpuset_cpus: "{{ lookup('dict', container_data).value.cpuset_cpus | default(omit) }}"
    debug: true
    detach: "{{ lookup('dict', container_data).value.detach | default(true) }}"
    device: "{{ lookup('dict', container_data).value.device | default(omit) }}"
    entrypoint: "{{ lookup('dict', container_data).value.entrypoint | default(omit) }}"
    env: "{{ lookup('dict', container_data).value.environment | default(omit) }}"
    env_file: "{{ lookup('dict', container_data).value.env_file | default(omit) }}"
    etc_hosts: "{{ lookup('dict', container_data).value.extra_hosts | default({}) }}"
    group_add: "{{ lookup('dict', container_data).value.group_add | default(omit) }}"
    hostname: "{{ lookup('dict', container_data).value.hostname | default(omit) }}"
    image: "{{ lookup('dict', container_data).value.image }}"
    interactive: "{{ lookup('dict', container_data).value.interactive | default(false) }}"
    ipc: "{{ lookup('dict', container_data).value.ipc | default(omit) }}"
    label:
      config_id: "{{ tripleo_container_manage_config_id }}"
      container_name: "{{ lookup('dict', container_data).key }}"
      managed_by: tripleo_ansible
      config_data: "{{ lookup('dict', container_data).value }}"
    log_driver: 'k8s-file'
    log_level: "{{ tripleo_container_manage_debug | ternary('debug', 'error') }}"
    log_opt: "path={{ tripleo_container_manage_log_path }}/{{ lookup('dict', container_data).key }}.log"
    memory: "{{ lookup('dict', container_data).value.mem_limit | default(omit) }}"
    memory_swap: "{{ lookup('dict', container_data).value.mem_swappiness | default(omit) }}"
    name: "{{ lookup('dict', container_data).key }}"
    net: "{{ lookup('dict', container_data).value.net | default('none') }}"
    pid: "{{ lookup('dict', container_data).value.pid | default(omit) }}"
    privileged: "{{ lookup('dict', container_data).value.privileged | default(false) }}"
    rm: "{{ lookup('dict', container_data).value.remove | default(false) }}"
    security_opt: "{{ lookup('dict', container_data).value.security_opt | default(omit) }}"
    state: present
    stop_signal: "{{ lookup('dict', container_data).value.stop_signal | default(omit) }}"
    stop_timeout: "{{ lookup('dict', container_data).value.stop_grace_period | default(omit) | int }}"
    sysctl: "{{ lookup('dict', container_data).value.sysctl | default(omit) }}"
    tty: "{{ lookup('dict', container_data).value.tty | default(false) }}"
    ulimit: "{{ lookup('dict', container_data).value.ulimit | default(omit) }}"
    user: "{{ lookup('dict', container_data).value.user | default(omit) }}"
    uts: "{{ lookup('dict', container_data).value.uts | default(omit) }}"
    volume: "{{ lookup('dict', container_data).value.volumes | default(omit) }}"
    volumes_from: "{{ lookup('dict', container_data).value.volumes_from | default([]) }}"

- name: "Check podman create status"
  no_log: "{{ not tripleo_container_manage_debug }}"
  async_status:
    jid: "{{ create_async_result_item.ansible_job_id }}"
  loop: "{{ create_async_results.results }}"
  loop_control:
    loop_var: "create_async_result_item"
  register: create_async_poll_results
  until: create_async_poll_results.finished
  retries: "{{ tripleo_container_manage_create_retries }}"
  # We fail later if a container has failed to start
  failed_when: false
  when:
    - not ansible_check_mode|bool

- name: "Create fact for containers which changed"
  set_fact:
    # List of containers which have changed (created or updated)
    containers_changed: "{{ create_async_poll_results.results | get_changed_containers | default([]) }}"

- name: "Create fact for containers which failed"
  set_fact:
    # List of containers which returned an error when creating or updating them
    containers_failed: "{{ create_async_poll_results.results | get_failed_containers | default([]) }}"

- name: "Create fact for containers which require rc check"
  set_fact:
    # List of containers which would terminate with a return code that needs to be valid.
    # We assume that container configs that don't have a restart policy nor action
    # (used for podman exec) will run something and then exit with a return code.
    containers_to_check: >-
      {{ batched_container_data | haskey(attribute='image', excluded_keys=['action', 'restart']) |
      list_of_keys | default([]) | difference(containers_failed) }}

- name: Print the containers that failed to start
  fail:
    msg: "{{ containers_failed }} failed to start, check logs in /var/log/containers/stdouts/"
  when:
    - containers_failed|length != 0

- name: Block for container commands
  include_tasks: podman/get_commands_create.yml
  when:
    - ansible_check_mode|bool

- name: "Print the list of containers which changed"
  debug:
    var: containers_changed
  when: tripleo_container_manage_debug | bool

- name: "Block for container exit codes"
  when:
    - not ansible_check_mode|bool
    - tripleo_container_manage_valid_exit_code|length != 0
    - containers_to_check|length != 0
  include_tasks: podman/check_exit_code.yml
  vars:
    containers_with_exit_code: "{{ containers_to_check }}"