---
- name: Check for virtualized compute in Baremetal jobs
  when:
    - cifmw_is_nested_virt | default(false) | bool
  block:
    - name: List all of the existing virtual machines
      register: vms_list
      community.libvirt.virt:
        command: list_vms
        uri: "qemu:///system"

    - name: Filter out edpm vm
      ansible.builtin.set_fact:
        ssh_key_file: "{{ cifmw_artifacts_basedir }}/artifacts/edpm/ansibleee-ssh-key-id_rsa"
        ssh_user: cloud-admin
        edpm_vms: >-
          {%- set listing=vms_list.list_vms | select('match', '^edpm-.*$') -%}
          {%- if listing | length == 1 -%}
          ['192.168.122.100']
          {%- endif -%}

- name: Hit compute nodeset
  when:
    - not cifmw_is_nested_virt | default(false) | bool
  block:
    - name: Slurp zuul inventory file
      ansible.builtin.slurp:
        path: "{{ ansible_user_dir }}/ci-framework-data/artifacts/zuul_inventory.yml"
      register: _cifmw_artifacs_inventory_slurp

    - name: Extract Compute and Networker from zuul mapping if any
      when:
        - cifmw_edpm_deploy_extra_vars is defined
        - _edpm_vms_data | length > 0
      vars:
        _inv_data: "{{ _cifmw_artifacs_inventory_slurp['content'] | b64decode | from_yaml }}"
        # _edpm_vms_data is a list of dictionaries, each one with only one entry
        # that corresponds with a compute or a networker node
        _edpm_vms_data: >-
          {{
            _inv_data | dict2items |
            selectattr('key', 'match', '^.*(compute|networker).*$') |
            map(attribute='value.hosts') | flatten
          }}
        # each item is the single-entry dict
        _edpm_vms_item: "{{ item | dict2items | first }}"
      ansible.builtin.set_fact:
        ssh_key_file: "{{ cifmw_edpm_deploy_extra_vars.SSH_KEY_FILE }}"
        ssh_user: "{{ _edpm_vms_item.value.ansible_user | default('zuul') }}" # all EDPM nodes have a common ansible_user
        edpm_vms: "{{ edpm_vms | default([]) + [_edpm_vms_item.value.ansible_host] }}"
      loop: "{{ _edpm_vms_data }}"

- name: Generate logs on EDPM vms
  when:
    - edpm_vms is defined
    - edpm_vms | length > 0
  block:
    - name: "Generate logs on edpm vm {{ item.split('/')[0] }}"
      ignore_errors: true  # noqa: ignore-errors
      vars:
        host_ip: "{{ item.split('/')[0] }}"
      cifmw.general.ci_script:
        output_dir: "{{ cifmw_artifacts_basedir }}/artifacts"
        script: |-
          ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
            -i {{ ssh_key_file }} {{ ssh_user }}@{{ host_ip }} <<'EOF'
          set -x
          sudo dnf install -y rsync
          mkdir -p /tmp/{{ host_ip }}
          sudo rsync -rq --exclude "**/ssh" --exclude "**/ubound" \
            --exclude "**/pki" --exclude "**/pkcs12" --exclude "**/audit" \
            --exclude "**/crypt*" --exclude "**/fonts" --exclude "**/gss*" \
            /etc/ /tmp/{{ host_ip }}/etc
          sudo cp -a /var/log/ /tmp/{{ host_ip }}
          sudo test -d /var/lib/openstack && sudo cp -a /var/lib/openstack /tmp/{{ host_ip }}
          sudo test -d /var/lib/config-data && sudo cp -a /var/lib/config-data /tmp/{{ host_ip }}
          sudo test -d /var/lib/cloud && sudo cp -a /var/lib/cloud /tmp/{{ host_ip }}
          sudo test -d {{ ansible_user_dir }}/compliance-scans && sudo cp -a {{ ansible_user_dir }}/compliance-scans /tmp/{{ host_ip }}
          sudo find /tmp/{{ host_ip }} -type d -exec chmod ugoa+rx '{}' \;
          sudo find /tmp/{{ host_ip }} -type f -exec chmod ugoa+r '{}' \;
          command -v ovs-vsctl && sudo ovs-vsctl list Open_vSwitch > /tmp/{{ host_ip }}/ovs_vsctl_list_openvswitch.txt
          sudo ip netns > /tmp/{{ host_ip }}/ip_netns.txt
          sudo ip a > /tmp/{{ host_ip }}/network.txt
          sudo ip ro ls >> /tmp/{{ host_ip }}/network.txt
          sudo rpm -qa > /tmp/{{ host_ip }}/rpm_qa.txt
          sudo dnf list installed > /tmp/{{ host_ip }}/dnf_list_installed.txt
          sudo podman images --digests > /tmp/{{ host_ip }}/podman_images.txt
          sudo fips-mode-setup --check > /tmp/{{ host_ip }}/fips_check.txt
          mkdir -p /tmp/{{ host_ip }}/service_logs
          systemctl list-units | awk '/virt|edpm|ovs/ {print $1}' | egrep -v "sys|ovs-delete-transient-ports" | xargs -I {} sudo bash -c 'journalctl -u {} > /tmp/{{ host_ip }}/service_logs/{}.log'
          sudo ausearch -i | grep denied > /tmp/{{ host_ip }}/selinux-denials.log || true
          sudo journalctl -p warning -t kernel -o short -g DROPPING --no-pager &> /tmp/{{ host_ip }}/firewall-drops.txt || true
          EOF
      loop: "{{ edpm_vms }}"
      loop_control:
        label: "{{ item.split('/')[0] }}"

    - name: "Copy logs to host machine from {{ item.split('/')[0] }}"
      ignore_errors: true  # noqa: ignore-errors
      vars:
        host_ip: "{{ item.split('/')[0] }}"
      cifmw.general.ci_script:
        output_dir: "{{ cifmw_artifacts_basedir }}/artifacts"
        script: >-
          rsync -a -e "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i {{ ssh_key_file }}"
          {{ ssh_user }}@{{ host_ip }}:/tmp/{{ host_ip }} {{ cifmw_artifacts_basedir }}/logs/;
      loop: "{{ edpm_vms }}"
      loop_control:
        label: "{{ item.split('/')[0] }}"