- name: Include OS-specific variables
  include_vars: "{{ zj_distro_os }}"
  with_first_found:
    - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yaml"
    - "{{ ansible_distribution }}.{{ ansible_architecture }}.yaml"
    - "{{ ansible_distribution }}.yaml"
    - "{{ ansible_os_family }}.yaml"
    - "default.yaml"
  loop_control:
    loop_var: zj_distro_os

- name: Make tempfile for buildkit.toml
  tempfile:
    state: file
  register: buildkit_toml_tmp

- name: Write buildkit.toml file
  template:
    dest: '{{ buildkit_toml_tmp.path }}'
    src: buildkitd.toml.j2

- name: Run binfmt container
  command: docker run --rm --privileged docker/binfmt:a7996909642ee92942dcd6cff44b9b95f08dad64
  environment:
    DOCKER_CLI_EXPERIMENTAL: enabled

- name: Create builder
  command: 'docker buildx create --name mybuilder --driver-opt network=host --config {{ buildkit_toml_tmp.path }}'
  environment:
    DOCKER_CLI_EXPERIMENTAL: enabled

- name: Use builder
  command: docker buildx use mybuilder
  environment:
    DOCKER_CLI_EXPERIMENTAL: enabled

- name: Bootstrap builder
  command: docker buildx inspect --bootstrap
  environment:
    DOCKER_CLI_EXPERIMENTAL: enabled

- name: Copy buildset registry TLS cert into worker container
  command: "docker cp {{ ca_dir }}/buildset-registry.crt buildx_buildkit_mybuilder0:/usr/local/share/ca-certificates"

- name: Update CA certs in worker container
  command: docker exec buildx_buildkit_mybuilder0 update-ca-certificates

- name: Make tempfile for /etc/hosts
  tempfile:
    state: file
  register: etc_hosts_tmp

- name: Copy /etc/hosts for editing
  command: 'docker cp buildx_buildkit_mybuilder0:/etc/hosts {{ etc_hosts_tmp.path }}'

# Docker buildx has its own /etc/hosts in the builder image.
- name: Configure /etc/hosts for buildset_registry to workaround docker not understanding ipv6 addresses
  become: yes
  lineinfile:
    path: '{{ etc_hosts_tmp.path }}'
    state: present
    regex: "^{{ buildset_registry.host }}\tzuul-jobs.buildset-registry$"
    line: "{{ buildset_registry.host }}\tzuul-jobs.buildset-registry"
    insertafter: EOF
  when: buildset_registry is defined and buildset_registry.host | ipaddr

- name: Unmount the /etc/hosts mount
  command: docker exec buildx_buildkit_mybuilder0 umount /etc/hosts

# NOTE(mordred) This is done in two steps. Even though we've unmounted /etc/hosts
# in the previous step, when we try to copy the file back directly, we get:
#   unlinkat /etc/hosts: device or resource busy
- name: Copy modified hosts file back in
  command: 'docker cp {{ etc_hosts_tmp.path }} buildx_buildkit_mybuilder0:/etc/new-hosts'

- name: Copy modified hosts file into place
  command: docker exec buildx_buildkit_mybuilder0 cp /etc/new-hosts /etc/hosts

- name: Remove tempfile for /etc/hosts
  file:
    state: absent
    path: '{{ etc_hosts_tmp.path }}'