---
# tasks file for Route53

- set_fact:
    zone_one: '{{ resource_prefix | replace("-", "") }}.one.fakeansible.com.'
    zone_two: '{{ resource_prefix | replace("-", "") }}.two.fakeansible.com.'
- debug: msg='Set zones {{ zone_one }} and {{ zone_two }}'

- name: Test basics (new zone, A and AAAA records)
  module_defaults:
    group/aws:
      aws_access_key: "{{ aws_access_key }}"
      aws_secret_key: "{{ aws_secret_key }}"
      security_token: "{{ security_token }}"
      region: "{{ aws_region }}"
    route53:
      region: null
  block:
  - route53_zone:
      zone: '{{ zone_one }}'
      comment: Created in Ansible test {{ resource_prefix }}
    register: z1

  - debug: msg='TODO write tests'
  - debug: var=z1

  - name: Create A record using zone fqdn
    route53:
      state: present
      zone: '{{ zone_one }}'
      record: 'qdn_test.{{ zone_one }}'
      type: A
      value: 1.2.3.4
    register: qdn
  - assert:
      that:
        - qdn is not failed
        - qdn is changed

  - name: Create same A record using zone non-qualified domain
    route53:
      state: present
      zone: '{{ zone_one[:-1] }}'
      record: 'qdn_test.{{ zone_one[:-1] }}'
      type: A
      value: 1.2.3.4
    register: non_qdn
  - assert:
      that:
        - non_qdn is not failed
        - non_qdn is not changed

  - name: Create a LetsEncrypt CAA record
    route53:
      state: present
      zone: '{{ zone_one }}'
      record: '{{ zone_one }}'
      type: CAA
      value:
      - 0 issue "letsencrypt.org;"
      - 0 issuewild "letsencrypt.org;"
      overwrite: true
    register: caa
  - assert:
      that:
        - caa is not failed
        - caa is changed

  - name: Re-create the same LetsEncrypt CAA record
    route53:
      state: present
      zone: '{{ zone_one }}'
      record: '{{ zone_one }}'
      type: CAA
      value:
      - 0 issue "letsencrypt.org;"
      - 0 issuewild "letsencrypt.org;"
      overwrite: true
    register: caa
  - assert:
      that:
        - caa is not failed
        - caa is not changed

  - name: Re-create the same LetsEncrypt CAA record in opposite-order
    route53:
      state: present
      zone: '{{ zone_one }}'
      record: '{{ zone_one }}'
      type: CAA
      value:
      - 0 issuewild "letsencrypt.org;"
      - 0 issue "letsencrypt.org;"
      overwrite: true
    register: caa
  - name: This should not be changed, as CAA records are not order sensitive
    assert:
      that:
        - caa is not failed
        - caa is not changed
  always:
  - route53_facts:
      query: record_sets
      hosted_zone_id: '{{ z1.zone_id }}'
    register: z1_records
  - debug: var=z1_records
  - name: Loop over A/AAAA/CNAME records and delete them
    route53:
      state: absent
      zone: '{{ zone_one }}'
      record: '{{ item.Name }}'
      type: '{{ item.Type }}'
      value: '{{ item.ResourceRecords | map(attribute="Value") | join(",") }}'
    loop: '{{ z1_records.ResourceRecordSets | selectattr("Type", "in", ["A", "AAAA", "CNAME", "CAA"]) | list }}'
  - name: Delete test zone one '{{ zone_one }}'
    route53_zone:
      state: absent
      zone: '{{ zone_one }}'
    register: delete_one
    ignore_errors: yes
    retries: 10
    until: delete_one is not failed
  - name: Delete test zone two '{{ zone_two }}'
    route53_zone:
      state: absent
      zone: '{{ zone_two }}'
    register: delete_two
    ignore_errors: yes
    retries: 10
    until: delete_two is not failed
    when: false


#TODO(ryansb) build internal-vpc integration tests
#- include_tasks: internal_zone.yml