---
#  Copyright 2021 Intel Corporation, Inc
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
#
- hosts: localhost
  become: yes
  pre_tasks:
    - name: Load kud variables
      include_vars:
        file: "{{ playbook_dir }}/kud-vars.yml"
  tasks:
    - name: Create Kata webook folder
      file:
        state: directory
        path: "{{ kata_webhook_dest }}/deploy"
      ignore_errors: yes

    - name: Download Kata webhook script
      get_url:
        url: "{{ kata_webhook_script_url }}"
        dest: "{{ kata_webhook_dest }}"

    - name: Download Kata webhook registration yaml
      get_url:
        url: "{{ kata_webhook_registration_url }}"
        dest: "{{ kata_webhook_dest }}/deploy"

    - name: Download Kata webhook deployment yaml
      get_url:
        url: "{{ kata_webhook_deployment_url }}"
        dest: "{{ kata_webhook_dest }}/deploy"

    - name: Changing perm of create-certs.sh, adding "+x"
      shell: "chmod +x create-certs.sh"
      args:
        chdir: "{{ kata_webhook_dest }}"
        warn: False

    - name: Modify webhook for {{ kata_webhook_runtimeclass }} Runtimeclass
      shell: "sed 's/value: kata/value: {{ kata_webhook_runtimeclass }}/g' webhook.yaml | tee webhook-{{ kata_webhook_runtimeclass }}.yaml"
      args:
        chdir: "{{ kata_webhook_dest }}/deploy"
        warn: False

    - name: Create Kata webhook secret
      command: "{{ kata_webhook_dest }}/create-certs.sh"
      args:
        chdir: "{{ kata_webhook_dest }}"
        warn: False

    - name: Apply Kata webhook certs
      command: "/usr/local/bin/kubectl apply -f {{ kata_webhook_dest }}/deploy/webhook-certs.yaml"

    - name: Apply Kata mutating webhook configuration
      command: "/usr/local/bin/kubectl apply -f {{ kata_webhook_dest }}/deploy/webhook-registration.yaml"

    - name: Apply Kata webhook
      command: "/usr/local/bin/kubectl apply -f {{ kata_webhook_dest }}/deploy/webhook-{{ kata_webhook_runtimeclass }}.yaml"