- name: deploy podified Ironic
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    oc patch openstackcontrolplane openstack --type=merge --patch '{{ ironic_patch }}'

- name: Wait for Ironic control plane services' CRs to become ready
  ansible.builtin.include_tasks:
    file: wait.yaml

- name: check that ironic is reachable and its endpoints are defined
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"

    ${BASH_ALIASES[openstack]} endpoint list -c "Service Name" -f yaml | grep ironic
    ${BASH_ALIASES[openstack]} baremetal node list
  register: ironic_running_result
  until: ironic_running_result is success
  retries: 60
  delay: "{{ ironic_retry_delay }}"

- name: check that ironic-inspector is reachable and its endpoints are defined
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"

    ${BASH_ALIASES[openstack]} endpoint list -c "Service Name" -f yaml | grep ironic-inspector

    # TODO(hjensas): When python3-ironic-inspector-client is in openstackclient container
    # https://github.com/openstack-k8s-operators/tcib/pull/148
    # ${BASH_ALIASES[openstack]} baremetal inspection list
  register: ironic_inspector_running_result
  until: ironic_inspector_running_result is success
  retries: 60
  delay: "{{ ironic_retry_delay }}"

- name: Disable Role Based Access Control
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}

    oc patch openstackcontrolplane openstack --type=merge --patch '{{ ironic_disable_rbac_patch }}'

- name: Wait for Ironic control plane services' CRs to become ready
  ansible.builtin.include_tasks:
    file: wait.yaml

- name: Make sure nodes can be listed
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"
    ${BASH_ALIASES[openstack]} baremetal node list -f json | jq 'if (. | length) > 0 then true else halt_error(1) end'
  register: ironic_node_list_result
  until: ironic_node_list_result is success
  retries: 60
  delay: "{{ ironic_retry_delay }}"

- name: Set owner field on baremeteal nodes
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"

    ADMIN_PROJECT_ID=$(${BASH_ALIASES[openstack]} project show -c id -f value --domain default admin)
    NODE_LIST=$(${BASH_ALIASES[openstack]} baremetal node list -f json -c UUID -c Owner | jq -r '.[] | select(.Owner == null) | .UUID')
    for node in $NODE_LIST; do
      ${BASH_ALIASES[openstack]} baremetal node set --owner $ADMIN_PROJECT_ID $node;
    done
  register: ironic_set_owner_field_result

- name: Re-Enable Role Based Access Control
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}

    oc patch openstackcontrolplane openstack --type=merge --patch '{{ ironic_enable_rbac_patch }}'

- name: Wait for Ironic control plane services' CRs to become ready
  ansible.builtin.include_tasks:
    file: wait.yaml

- name: Make sure nodes can be listed
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"
    ${BASH_ALIASES[openstack]} baremetal node list -f json | jq 'if (. | length) > 0 then true else halt_error(1) end'
  register: ironic_node_list_result
  until: ironic_node_list_result is success
  retries: 60
  delay: "{{ ironic_retry_delay }}"

- name: Change the DNS server in the provisioning subnet
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"
    ${BASH_ALIASES[openstack]} subnet set --dns-nameserver {{ dns_server_provisioning_ip }} provisioning-subnet

- name: Reset node driver_info to use new deploy images
  ansible.builtin.shell: |
    {{ shell_header }}
    {{ oc_header }}
    alias openstack="oc exec -t openstackclient -- openstack"

    for node in $(${BASH_ALIASES[openstack]} baremetal node list -c UUID -f value); do
      ${BASH_ALIASES[openstack]} baremetal node set $node \
        --driver-info deploy_ramdisk= \
        --driver-info deploy_kernel=
    done

- name: Post-adoption baremetal node management
  when:
    - ironic_post_adoption_manage_nodes | bool or
      ironic_post_adoption_inspect_nodes | bool or
      ironic_post_adoption_provide_nodes | bool
  ansible.builtin.shell:
    cmd: |
      {{ shell_header }}
      {{ oc_header }}
      export OPENSTACK_COMMAND="oc exec -t openstackclient -- openstack"
      export IRONIC_POST_ADOPTION_MANAGE_NODES={{ ironic_post_adoption_manage_nodes | string | lower }}
      export IRONIC_POST_ADOPTION_INSPECT_NODES={{ ironic_post_adoption_inspect_nodes | string | lower }}
      export IRONIC_POST_ADOPTION_PROVIDE_NODES={{ ironic_post_adoption_provide_nodes | string | lower }}
      {{ lookup('ansible.builtin.file', 'post_adoption_manage_nodes.bash') }}