- name: Install the gerritforge repo
  dnf:
    name: 'https://gerritforge.com/gerritforge-repo-1-2.noarch.rpm'
    state: present
    disable_gpg_check: yes
  become: true

- name: Install gerrit and git review
  package:
    name:
      - initscripts
      - java
      - gerrit
      - git-review
    state: present
  become: true

- name: Initialize Gerrit
  block:
    - command: java -jar /var/gerrit/bin/gerrit.war init --batch --install-all-plugins -d /var/gerrit
      become: true
    - command: java -jar /var/gerrit/bin/gerrit.war reindex -d /var/gerrit
      become: true
    - command: git config -f /var/gerrit/etc/gerrit.config gerrit.canonicalWebUrl "http://localhost:8081"
      become: true
    - command: git config -f /var/gerrit/etc/gerrit.config httpd.listenUrl "http://*:8081"
      become: true
    - shell: /var/gerrit/bin/gerrit.sh run
      become: true
      async: 86400
      poll: 0

- name: Generate admin SSH key for Gerrit
  command: ssh-keygen -t ecdsa -f /var/lib/zuul/.ssh/admin -N ''
  args:
    creates: /var/lib/zuul/.ssh/admin.pub
  become: true

- name: Generate Zuul SSH key for Gerrit
  command: ssh-keygen -t ecdsa -f /var/lib/zuul/.ssh/id_rsa -N '' -t ecdsa -m PEM
  args:
    creates: /var/lib/zuul/.ssh/id_rsa.pub
  become_user: zuul
  become: true

- name: Wait for Gerrit first login screen
  uri:
    url: http://localhost:8081/a/accounts/self/sshkeys
    method: GET
    user: admin
    password: secret
  register: first_login
  until: first_login.status == 200
  retries: 60
  delay: 1
  ignore_errors: true

- name: Add admin SSH key to Gerrit
  uri:
    url: http://localhost:8081/a/accounts/self/sshkeys
    method: POST
    user: admin
    password: secret
    body: "{{ lookup('file', '/var/lib/zuul/.ssh/admin.pub') }}"
    status_code: 201
    headers:
      Content-Type: text/plain

- name: Create SSH config
  file:
    path: /root/.ssh/config
    state: touch
  become: true

- name: Configure gerrit SSH connection
  blockinfile:
    path: /root/.ssh/config
    marker: "# gerrit config"
    block: |
      Host gerrit
        Hostname localhost
        Port 29418
        User admin
        IdentityFile /var/lib/zuul/.ssh/admin
        StrictHostKeyChecking no

- name: Create temp dir for Gerrit config update
  shell: mktemp -d
  register: gerrit_tmp

- name: Check out All-Projects config
  environment:
    TMPDIR: "{{ gerrit_tmp.stdout }}"
  git:
    repo: ssh://localhost:29418/All-Projects/
    ssh_opts: "-o StrictHostKeyChecking=no -i /var/lib/zuul/.ssh/admin -l admin"
    dest: "{{ gerrit_tmp.stdout }}/All-Projects"
    refspec: '+refs/meta/config:refs/meta/config'
    version: refs/meta/config
  become: true

- name: Copy new All-Projects config into place
  copy:
    src: "gerrit-project.config"
    dest: "{{ gerrit_tmp.stdout }}/All-Projects/project.config"
  become: true

- name: Update All-Projects config in Gerrit
  shell: |
    git config user.email 'admin@example.com'
    git commit -a -m 'update config'
    git push http://admin:secret@localhost:8081/All-Projects +HEAD:refs/meta/config
  args:
    chdir: "{{ gerrit_tmp.stdout }}/All-Projects"
    warn: false
  become: true

- name: create gerrit repo
  import_tasks: create_gerrit_project.yml
  vars:
    project: zuul-config

- name: Check if zuul user exists
  uri:
    url: http://localhost:8081/accounts/zuul
    status_code: 200, 404
  register: zuul_user_check
- name: Create zuul Gerrit account
  when: zuul_user_check.status==404
  uri:
    url: http://localhost:8081/a/accounts/zuul
    method: PUT
    user: admin
    password: secret
    status_code: 201
    body_format: json
    body:
      name: Zuul
      ssh_key: "{{ lookup('file', '/var/lib/zuul/.ssh/id_rsa.pub') }}"
      http_password: secret
      groups:
        - "Service Users"