---
### Pre cleaning to ensure that no zuul-executor exists in the adjacent namespace

- name: "Ensure no External Zuul executor running"
  ansible.builtin.shell: |
    kubectl -n ext-ze delete SoftwareFactory my-ext-ze || true
    kubectl -n ext-ze delete sts zuul-executor || true

### Set control plane to deactivate the default zuul-executor and expose required services

- name: "Deactivate the Zuul executor in the control plan"
  ansible.builtin.include_role:
    name: update-custom-resource
  vars:
    # NOTE: The ca.crt what is mounted in /run/secrets/kubernetes.io/serviceaccount/ca.crt,
    # when the automountServiceAccountToken is set to true, is providing the
    # internal CA certificate to the cluster, which is not valid in MicroShift
    # 4.14 and newer (which is correct). For the tests purposes, we can do a
    # workaround which is using the internal API url.
    cr_spec:
      config-location:
        name: config
        zuul-connection-name: gerrit
        k8s-api-url: "https://10.43.0.1:443"
        logserver-host: logserver.sf
      zuul:
        executor:
          enabled: false

### Deploy the external zuul-executor in the adjacent namespace
- name: "Sync expected secrets resources from the control plan ns to ext-ze ns"
  ansible.builtin.shell: |
    kubectl get secrets {{ item }} -o json | jq --arg name {{ item }} '. + {metadata: {name: $name}}' | kubectl apply -n ext-ze -f -
  loop:
    - zookeeper-client-tls
    - zuul-ssh-key
    - zuul-keystore-password

- name: "Deploy the external Zuul executor"
  ansible.builtin.include_role:
    name: run-operator-standalone
  vars:
    cr_path: playbooks/files/ext-ze.yaml
    cli_global_flags: "--namespace ext-ze"
    log_file: sf-operator_ext-ze.log

### Real proof that external executor is running as expected

- name: "Run the 'config-update-zuul' test case"
  ansible.builtin.include_role:
    name: health-check/config-update-zuul

### Post actions

- name: "Ensure no External Zuul executor running"
  ansible.builtin.shell: |
    kubectl -n ext-ze delete SoftwareFactory my-ext-ze || true
    kubectl -n ext-ze delete sts zuul-executor || true

- name: "Restore the Zuul executor in the control plan (by using the default CR)"
  ansible.builtin.include_role:
    name: update-custom-resource
  vars:
    cr_spec:
      config-location:
        name: config
        zuul-connection-name: gerrit
        k8s-api-url: ""
        logserver-host: ""
      zuul:
        executor:
          enabled: true
          standalone: null