#!/bin/bash

set -e
set -o pipefail

SCRIPT_NAME=$(basename $0)
OPTS=`getopt -o i: -l inputs: -n $SCRIPT_NAME -- "$@"`

if [ $? != 0 ]; then
    echo "Terminating..." >&2
    exit 1
fi

EXTRA_VARS_FILE=""

# Note the quotes around `$OPTS': they are essential!
eval set -- "$OPTS"

while true ; do
    case "$1" in
        -i | --inputs ) EXTRA_VARS_FILE="$2" ; shift 2 ;;
        -- ) shift ; break ;;
        * ) echo "Error: unsupported option $1." ; exit 1 ;;
    esac
done

VALIDATION_FILE=$1
IDENTITY_FILE=$2
PLAN_NAME=$3
VALIDATIONS_BASEDIR=$4

if [[ -z "$VALIDATION_FILE" ]]; then
    echo "Missing required validation file"
    exit 1
fi

if [[ ! -r "$VALIDATION_FILE" ]]; then
    echo "Can not find validation at $VALIDATION_FILE"
    exit 1
fi

if [[ -z "$IDENTITY_FILE" ]]; then
    echo "Missing required identity file"
    exit 1
fi

if [[ -z "$EXTRA_VARS_FILE" ]]; then
    EXTRA_VARS_ARGS=""
elif [[ -r "$EXTRA_VARS_FILE" ]]; then
    EXTRA_VARS_ARGS="--extra-vars @$EXTRA_VARS_FILE"
else
    echo "Can not find the inputs file at $EXTRA_VARS_FILE"
    exit 1
fi

if [[ -z "$VALIDATIONS_BASEDIR" ]]; then
    echo "Missing required tripleo-validations basedir"
    exit 1
fi

if [[ ! -d "$VALIDATIONS_BASEDIR" ]]; then
    echo "Can not find tripleo-validations basedir at $VALIDATION_BASEDIR"
    exit 1
fi
# Make sure ssh is not asking interactively for hosts it can't check the key
# authenticity
export ANSIBLE_HOST_KEY_CHECKING=False
# Disable retry files until we find a good use and location for them
export ANSIBLE_RETRY_FILES_ENABLED=False
# Use a fact cache to improve performance
# The defaults from tripleo_common/actions/ansible.py cannot be used
# beause they will clash with the 'mistral' user owning the fact cache
# path.
export ANSIBLE_GATHERING=smart
export ANSIBLE_CACHE_PLUGIN=jsonfile
export ANSIBLE_CACHE_PLUGIN_CONNECTION=~/ansible_fact_cache
export ANSIBLE_GATHER_TIMEOUT=7200 # 7200s = 2h
# ANSIBLE_SUDO_FLAGS is deprecated in favor of become and will be removed in
# version 2.8. We now have to use ANSIBLE_BECOME_FLAGS to pass Flags to the
# privilege escalation sudo executable.
export ANSIBLE_BECOME_FLAGS="-H -S -n -E"

export ANSIBLE_PRIVATE_KEY_FILE=$IDENTITY_FILE

export ANSIBLE_INVENTORY=$(which tripleo-ansible-inventory)

# Use the custom validation-specific formatter
export ANSIBLE_STDOUT_CALLBACK=validation_output

export ANSIBLE_CALLBACK_PLUGINS="${VALIDATIONS_BASEDIR}/callback_plugins"
export ANSIBLE_ROLES_PATH="${VALIDATIONS_BASEDIR}/roles"
export ANSIBLE_LOOKUP_PLUGINS="${VALIDATIONS_BASEDIR}/lookup_plugins"
export ANSIBLE_LIBRARY="${VALIDATIONS_BASEDIR}/library"

# Environment variable is the easiest way to pass variables to an Ansible
# dynamic inventory script
export TRIPLEO_PLAN_NAME=${PLAN_NAME}

# NOTE(shadower): set up token-based environment for the openstack
# client when the password doesn't exist. This happens when called
# from mistral:
if [ -z "${OS_PASSWORD:-}" ]; then
    # The auth type must be explicitly set to token
    export OS_AUTH_TYPE=token
    # The openstack client expects the token as OS_TOKEN
    export OS_TOKEN=$OS_AUTH_TOKEN
    # TODO(shadower): I could not get the token auth working with v3:
    export OS_AUTH_URL=${OS_AUTH_URL/%v3/v2.0}
fi

ansible-playbook $EXTRA_VARS_ARGS $VALIDATION_FILE