# Copyright: (c) 2020, Hetzner Cloud GmbH <info@hetzner-cloud.de>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
---
- name: test missing required parameters on create certificate
  hetzner.hcloud.hcloud_certificate:
    name: "{{ hcloud_certificate_name }}"
  register: result
  ignore_errors: true
- name: verify fail test missing required parameters on create certificate
  assert:
    that:
      - result is failed
      - 'result.msg == "missing required arguments: certificate, private_key"'

- name: test create certificate with check mode
  hetzner.hcloud.hcloud_certificate:
    name: "{{ hcloud_certificate_name }}"
    certificate: "{{ test_certificate_content }}"
    private_key: "{{ test_certificate_privatekey_content }}"
  register: result
  check_mode: true
- name: test create certificate with check mode
  assert:
    that:
      - result is changed

- name: test create certificate
  hetzner.hcloud.hcloud_certificate:
    name: "{{ hcloud_certificate_name }}"
    certificate: "{{ test_certificate_content }}"
    private_key: "{{ test_certificate_privatekey_content }}"
    labels:
      key: value
      my-label: label
  register: certificate
- name: verify create certificate
  assert:
    that:
      - certificate is changed
      - certificate.hcloud_certificate.name == "{{ hcloud_certificate_name }}"
      - certificate.hcloud_certificate.domain_names[0] ==  "www.example.com"
      - certificate.hcloud_certificate.labels.key == "value"

- name: test create certificate idempotence
  hetzner.hcloud.hcloud_certificate:
    name: "{{ hcloud_certificate_name }}"
    certificate: "{{ test_certificate_content }}"
    private_key: "{{ test_certificate_privatekey_content }}"
  register: result
- name: verify create certificate idempotence
  assert:
    that:
      - result is not changed

- name: test update certificate with check mode
  hetzner.hcloud.hcloud_certificate:
    id: "{{ certificate.hcloud_certificate.id }}"
    name: "changed-{{ hcloud_certificate_name }}"
  register: result
  check_mode: true
- name: test create certificate with check mode
  assert:
    that:
      - result is changed

- name: test update certificate
  hetzner.hcloud.hcloud_certificate:
    id: "{{ certificate.hcloud_certificate.id }}"
    name: "changed-{{ hcloud_certificate_name }}"
    labels:
      key: value
  register: result
- name: test update certificate
  assert:
    that:
      - result is changed
      - result.hcloud_certificate.name == "changed-{{ hcloud_certificate_name }}"

- name: test update certificate with same labels
  hetzner.hcloud.hcloud_certificate:
    id: "{{ certificate.hcloud_certificate.id }}"
    name: "changed-{{ hcloud_certificate_name }}"
    labels:
      key: value
  register: result
- name: test update certificate with same labels
  assert:
    that:
      - result is not changed

- name: test update certificate with other labels
  hetzner.hcloud.hcloud_certificate:
    id: "{{ certificate.hcloud_certificate.id }}"
    name: "changed-{{ hcloud_certificate_name }}"
    labels:
      key: value
      test: "val123"
  register: result
- name: test update certificate with other labels
  assert:
    that:
      - result is changed

- name: test rename certificate
  hetzner.hcloud.hcloud_certificate:
    id: "{{ certificate.hcloud_certificate.id }}"
    name: "{{ hcloud_certificate_name }}"
  register: result
- name: test rename certificate
  assert:
    that:
      - result is changed
      - result.hcloud_certificate.name == "{{ hcloud_certificate_name }}"

- name: absent certificate
  hetzner.hcloud.hcloud_certificate:
    id: "{{ certificate.hcloud_certificate.id }}"
    state: absent
  register: result
- name: verify absent server
  assert:
    that:
      - result is success

- name: generate dns domain name
  set_fact:
    # hcloud_dns_test_domain uses random, which generates a new random number
    # on every invocation, by saving it into a fact we generate the number once
    hcloud_dns_test_domain: "{{ hcloud_dns_test_domain }}"

- name: test create managed certificate
  hetzner.hcloud.hcloud_certificate:
    name: "{{ hcloud_certificate_name }}"
    domain_names:
      - "{{ hcloud_dns_test_domain }}"
    type: managed
    labels:
      HC-Use-Staging-CA: "true"
  register: result
- name: verify create managed certificate
  assert:
    that:
      - result is changed
      - result.hcloud_certificate.name == "{{ hcloud_certificate_name }}"
      - result.hcloud_certificate.domain_names[0] == "{{ hcloud_dns_test_domain }}"

- name: test delete certificate
  hetzner.hcloud.hcloud_certificate:
    id: "{{ result.hcloud_certificate.id }}"
    state: absent
  register: result
- name: verify test delete certificate
  assert:
    that:
      - result is success