# Copyright (c) 2019 Dell Inc. or its subsidiaries. All Rights Reserved.
---
- name: Gather AWX secret key details
  set_fact:
    awx_secret_key_details: >
      {
      '"secret_key"': '"{{ secret_key }}"'
      }
  no_log: "{{ enforce_no_log }}"

- name: Gather AWX secret key details
  set_fact:
    rabbitmq_details: >
      {
      '"username"': '"{{ rabbitmq_user }}"',
      '"password"': '"{{ rabbitmq_password }}"',
      '"cookie"': '"{{ rabbitmq_erlang_cookie }}"'
      }
  no_log: "{{ enforce_no_log }}"

- name: Get the vault pod name
  shell: >
    kubectl get pods
    --namespace={{ ngci_vault_namespace }}
    --selector=app=vault
    --output=jsonpath='{.items..metadata.name}'
  register: pod_vault_name

- name: Get vault login token
  shell: >
    kubectl get secret {{ ngci_vault_root_token_secret }}
    --namespace={{ ngci_vault_namespace }}
    --output=jsonpath="{['data']['root_token']}" | base64 --decode
  register: ldap_login_token
  no_log: "{{ enforce_no_log }}"

- name: Store AWX secret key
  shell: >
    kubectl exec -t {{ pod_vault_name.stdout }}
    --namespace={{ ngci_vault_namespace }}
    -- sh -c
    'env VAULT_ADDR={{ vault_local_address }}
    VAULT_TOKEN={{ ldap_login_token.stdout }}
    vault kv put {{ awx_secret_key_path }}
    awx_secret_key_details="{{ awx_secret_key_details | to_json }}"'
  no_log: "{{ enforce_no_log }}"

- name: Store RabbitMQ details
  shell: >
    kubectl exec -t {{ pod_vault_name.stdout }}
    --namespace={{ ngci_vault_namespace }}
    -- sh -c
    'env VAULT_ADDR={{ vault_local_address }}
    VAULT_TOKEN={{ ldap_login_token.stdout }}
    vault kv put {{ rabbitmq_details_path }}
    rabbitmq_details="{{ rabbitmq_details | to_json }}"'
  no_log: "{{ enforce_no_log }}"