##############################################################################
# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
---
- name: set keystone endpoint
  shell:
    . /opt/admin-openrc.sh;
    openstack endpoint set \
         --interface public \
         --url {{ item.publicurl }} \
         $(openstack endpoint list | grep keystone | grep public | awk '{print $2}');
    openstack endpoint set \
         --interface internal \
         --url {{ item.internalurl }} \
         $(openstack endpoint list | grep keystone | grep internal | awk '{print $2}');
    openstack endpoint set \
         --interface admin \
         --url {{ item.adminurl }} \
         $(openstack endpoint list | grep keystone | grep admin | awk '{print $2}');
  with_items: "{{ os_services[0:1] }}"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: add service
  shell:
    . /opt/admin-openrc.sh;
    openstack service create \
        --name "{{ item.name }}"
        --description "{{ item.description }}" \
        {{ item.type }}
  with_items: "{{ os_services[1:] }}"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: add project
  shell:
    . /opt/admin-openrc.sh;
    openstack project create --description "Service Project" service;
    openstack project create --domain default --description "Demo Project" demo;
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: set admin user
  shell:
    . /opt/admin-openrc.sh;
    openstack user set \
        --email "{{ item.email }}" \
        --project "{{ item.tenant }}" \
        --description "{{ item.tenant_description }}" \
        --password "{{ item.password }}" \
        {{ item.user }}
  with_items: "{{ os_users }}"
  when: item["user"] == "admin"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: add user
  shell:
    . /opt/admin-openrc.sh;
    openstack user create \
        --email "{{ item.email }}" \
        --project "{{ item.tenant }}" \
        --description "{{ item.tenant_description }}" \
        --password "{{ item.password }}" \
        {{ item.user }}
  with_items: "{{ os_users[1:] }}"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: add roles
  shell:
    . /opt/admin-openrc.sh;
    openstack role create {{ item.role }}
  with_items: "{{ os_users }}"
  when: item["user"] == "demo"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: grant roles
  shell:
    . /opt/admin-openrc.sh;
    openstack role add \
        --project "{{ item.tenant }}" \
        --user "{{ item.user }}" \
        {{ item.role }}
  with_items: "{{ os_users }}"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5

- name: add endpoints
  shell:
    . /opt/admin-openrc.sh;
    openstack endpoint create \
        --region {{ item.region }} \
        {{ item.name }} public {{ item.publicurl }};
    openstack endpoint create \
        --region {{ item.region }} \
        {{ item.name }} internal {{ item.internalurl }};
    openstack endpoint create \
        --region {{ item.region }} \
        {{ item.name }} admin {{ item.adminurl }};
  with_items: "{{ os_services[1:] }}"
  register: result
  until: result.rc == 0
  retries: 10
  delay: 5