---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Run basic prep
- include: test-prep.yml

# Run container clean up and build
- include: test-container-create.yml

- name: Playbook for deploying infra services
  hosts: service_all
  user: root
  gather_facts: true
  roles:
    - role: "rabbitmq_server"
      rabbitmq_cookie_token: secrete
    - role: "galera_server"
      galera_root_password: secrete
      galera_root_user: root
      galera_innodb_buffer_pool_size: 512M
      galera_innodb_log_buffer_size: 32M
      galera_server_id: "{{ inventory_hostname | string_2_int }}"
      galera_wsrep_node_name: "{{ inventory_hostname }}"
      galera_wsrep_provider_options:
        - { option: "gcache.size", value: "32M" }
      galera_server_id: "{{ inventory_hostname | string_2_int }}"

- name: Playbook for deploying keystone
  hosts: keystone_all
  user: root
  gather_facts: true
  pre_tasks:
    - name: Ensure rabbitmq vhost
      rabbitmq_vhost:
        name: "{{ keystone_rabbitmq_vhost }}"
        state: "present"
      delegate_to: "10.100.100.101"
      when: inventory_hostname == groups['keystone_all'][0]
    - name: Ensure rabbitmq user
      rabbitmq_user:
        user: "{{ keystone_rabbitmq_userid }}"
        password: "{{ keystone_rabbitmq_password }}"
        vhost: "{{ keystone_rabbitmq_vhost }}"
        configure_priv: ".*"
        read_priv: ".*"
        write_priv: ".*"
        state: "present"
      delegate_to: "10.100.100.101"
      when: inventory_hostname == groups['keystone_all'][0]
    - name: Create DB for service
      mysql_db:
        login_user: "root"
        login_password: "secrete"
        login_host: "localhost"
        name: "{{ keystone_galera_database }}"
        state: "present"
      delegate_to: "10.100.100.101"
      when: inventory_hostname == groups['keystone_all'][0]
    - name: Grant access to the DB for the service
      mysql_user:
        login_user: "root"
        login_password: "secrete"
        login_host: "localhost"
        name: "{{ keystone_galera_database }}"
        password: "{{ keystone_container_mysql_password }}"
        host: "{{ item }}"
        state: "present"
        priv: "{{ keystone_galera_database }}.*:ALL"
      with_items:
        - "localhost"
        - "%"
      delegate_to: "10.100.100.101"
      when: inventory_hostname == groups['keystone_all'][0]
  roles:
    - role: os_keystone
  vars:
    external_lb_vip_address: 10.100.100.102
    internal_lb_vip_address: 10.100.100.102
    keystone_galera_address: 10.100.100.101
    keystone_galera_database: keystone
    keystone_venv_tag: "testing"
    keystone_developer_mode: true
    keystone_git_install_branch: master
    keystone_requirements_git_install_branch: master
    keystone_auth_admin_token: "SuperSecreteTestToken"
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_service_password: "secrete"
    keystone_rabbitmq_password: "secrete"
    keystone_container_mysql_password: "SuperSecrete"
    keystone_rabbitmq_port: 5671
    keystone_rabbitmq_userid: keystone
    keystone_rabbitmq_vhost: /keystone
    keystone_rabbitmq_servers: 10.100.100.101
    keystone_rabbitmq_use_ssl: true
    galera_client_drop_config_file: false

- name: Playbook for role testing
  hosts: horizon_all
  user: root
  roles:
    - role: "{{ rolename | basename }}"
  vars:
    galera_client_drop_config_file: false
    external_lb_vip_address: 10.100.100.102
    internal_lb_vip_address: 10.100.100.102
    horizon_developer_mode: true
    horizon_venv_tag: "testing"
    horizon_git_install_branch: master
    horizon_requirements_git_install_branch: master
    horizon_galera_address: 10.100.100.101
    horizon_rabbitmq_password: "secrete"
    horizon_rabbitmq_userid: horizon
    horizon_rabbitmq_vhost: /horizon
    horizon_container_mysql_password: "SuperSecrete"
    horizon_secret_key: "SuperSecreteHorizonKey"
    horizon_external_ssl: true
    horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
    horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
    galera_root_password: "secrete"
    rabbitmq_servers: 10.100.100.101
    rabbitmq_use_ssl: false
    rabbitmq_port: 5671
    keystone_auth_admin_token: "SuperSecreteTestToken"
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_service_adminuri_insecure: false
    keystone_service_internaluri_insecure: false
    keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
    keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
    keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
    keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
    openrc_os_password: "{{ keystone_auth_admin_password }}"
    openrc_os_domain_name: "Default"
    memcached_servers: 10.100.100.101
    memcached_encryption_key: "secrete"