---
- name: Preapre all hosts
  hosts: all
  tasks:
    - name: Create group
      become: true
      group:
        name: "{{ user_group }}"
        state: present
    - name: Create user
      become: true
      user:
        name: "{{ user_name }}"
        generate_ssh_key: true
      register: ssh_key_info
    - name: Install JDK
      become: true
      package:
        name: "{{ java_packages }}"
        state: present

- name: Get Jenkins master installed
  hosts: jenkins_masters
  tasks:
    - name: Get repo Jenkins
      become: true
      get_url:
        url: https://pkg.jenkins.io/redhat-stable/jenkins.repo
        dest: /etc/yum.repos.d/jenkins.repo
        validate_certs: false
    - name: Add Jenkins key
      become: true
      rpm_key:
        key: https://pkg.jenkins.io/redhat-stable/jenkins.io.key
        state: present
        validate_certs: false
    - name: Install epel-release
      become: true
      yum:
        name: epel-release
        state: present
    - name: Install Jenkins and requirements
      become: true
      yum:
        name:
          - jenkins
          - git
        state: present
      register: jenkins_installed
    - name: Ensure jenkins agents are present in known_hosts file
      become: true
      become_user: "{{ jenkins_user_name }}"
      known_hosts:
        name: "{{ hostvars[item].ansible_host }}"
        state: present
        key: "{{ lookup('pipe', 'ssh-keyscan {{ hostvars[item].ansible_host }}') }}"
        hash_host: true
      with_items: "{{ groups.jenkins_agents }}"
    - name: Start Jenkins
      become: true
      systemd:
        name: jenkins
        state: restarted
        enabled: true
      when: jenkins_installed is changed
    - name: Ensure github.com is a known host
      become: true
      become_user: "{{ jenkins_user_name }}"
      lineinfile:
        dest: ~/.ssh/known_hosts
        create: yes
        state: present
        line: "{{ lookup('pipe', 'ssh-keyscan -t rsa github.com') }}"
        regexp: "^github\\.com"
  tags:
    - jenkins-master

- name: Prepare jenkins agent
  hosts: jenkins_agents
  become: true
  become_user: "{{ jenkins_user_name }}"
  tasks:
    - name: Add master publickey into authorized_key
      authorized_key:
        user: "{{ jenkins_user_name }}"
        state: present
        key: "{{ hostvars['jenkins-master-01']['ssh_key_info']['ssh_public_key'] }}"
    - name: Create agent_dir
      become_user: root
      file:
        path: "{{ jenkins_agent_dir }}"
        state: directory
        owner: "{{ jenkins_user_name }}"
        group: "{{ jenkins_user_group }}"
    - name: Add docker repo
      become_user: root
      get_url:
        url: https://download.docker.com/linux/centos/docker-ce.repo
        dest: /etc/yum.repos.d/docker-ce.repo
        validate_certs: false
    - name: Install some required
      become_user: root
      yum:
        name:
          - git
          - docker-ce
          - docker-ce-cli
          - containerd.io
          - gcc
          - openssl-devel
          - bzip2-devel
          - libffi-devel
          - zlib-devel
          - xz-devel
        state: present
    - name: Download python 3.8 distrib
      ansible.builtin.get_url:
        url: "https://www.python.org/ftp/python/3.8.12/Python-3.8.12.tgz"
        dest: "{{ jenkins_agent_dir }}/Python-3.8.12.tgz"
    - name: Unpack python 3.8 distrib
      ansible.builtin.unarchive:
        src: "{{ jenkins_agent_dir }}/Python-3.8.12.tgz"
        dest: "{{ jenkins_agent_dir }}"
        remote_src: true
    - name: Configure python 3.8
      ansible.builtin.shell:
        cmd: ./configure --enable-optimizations
        chdir: "{{ jenkins_agent_dir }}/Python-3.8.12"
    - name: Install python 3.8
      become_user: root
      ansible.builtin.shell:
        cmd: make altinstall
        chdir: "{{ jenkins_agent_dir }}/Python-3.8.12"
    - name: Create symbolic link python3
      become_user: root
      ansible.builtin.file:
        src: /usr/local/bin/python3.8
        dest: /usr/bin/python3
        state: link
    - name: Create symbolic link pip3
      become_user: root
      ansible.builtin.file:
        src: /usr/local/bin/pip3.8
        dest: /usr/bin/pip3
        state: link
    - name: Add local to path
      become_user: root
      ansible.builtin.shell: echo "PATH=$PATH:/usr/local/bin" > /etc/environment
    - name: Update pip
      become_user: root
      pip:
        executable: /usr/bin/pip3
        name: pip
        extra_args: --upgrade
    - name: Install Ansible
      become_user: root
      pip:
        executable: /usr/bin/pip3
        name:
          - selinux
          - ansible<3.0
        state: present
    - name: Reinstall Selinux
      become_user: root
      pip:
        executable: /usr/bin/pip3
        name:
          - selinux
        state: forcereinstall
    - name: Create docker group
      become_user: root
      group:
        name: docker
        state: present
    - name: Add jenkins user to dockergroup
      become_user: root
      user:
        name: "{{ jenkins_user_name }}"
        groups: docker
    - name: Restart docker
      become_user: root
      systemd:
        name: docker
        state: restarted
        enabled: true
    - name: Install agent.jar
      get_url:
        url: "http://{{ hostvars['jenkins-master-01']['ansible_host'] }}:8080/jnlpJars/agent.jar"
        dest: "{{ jenkins_agent_dir }}"
      register: install_agent
      until: install_agent is succeeded
      retries: 10
      timeout: 10
    - name: Install pip molecule
      become_user: root
      ansible.builtin.pip:
        executable: /usr/bin/pip3
        name:
          - molecule==3.5.2
          - molecule-docker
          - yamllint
          - ansible-lint
    - name: Update ansible community.docker collection
      ansible.builtin.shell:
        cmd: ansible-galaxy collection install community.docker
    - name: Ensure github.com is a known host
      lineinfile:
        dest: ~/.ssh/known_hosts
        create: yes
        state: present
        line: "{{ lookup('pipe', 'ssh-keyscan -t rsa github.com') }}"
        regexp: "^github\\.com"
  tags:
    - jenkins-agent