- name: Inventory
  hosts: |-
    {%- if nfc_pb_host is defined -%}
      {{ nfc_pb_host }}
    {%- else -%}
      all
    {%- endif %}
  become: true


  tasks:


    - name: Inventory host
      block:

        - name: Fetch Packages
          ansible.builtin.package_facts:
            manager: auto
          become: true


        - name: Inventory Details
          ansible.builtin.set_fact:
            details: {
              "name": "{{ ansible_hostname }}",
              "serial_number": "{{ ansible_product_serial }}",
              "uuid": "{{ ansible_product_uuid }}"
            }


        - name: Inventory Software [a-k]
          ansible.builtin.set_fact:
            cacheable: false
            software: "{{ software | default([]) + [{
                'name': package.value[0].name,
                'category': package.value[0].category | default(''),
                'version': package.value[0].version
                }] }}"
                # no_log: true
          loop: "{{ ansible_facts.packages | dict2items() }}"
          loop_control:
            loop_var: package
            label: "{{ package.key }}"
          when: >
            package.value[0].name | regex_search("^[a-k]")

# https://github.com/nofusscomputing/ansible_collection_centurion/issues/19

# This task has been commented out due to the above issue

#     - name: Inventory Software [l]
#        ansible.builtin.set_fact:
#          cacheable: false
#         software: "{{ software | default([]) + [{
#              'name': package.value[0].name,
#              'category': package.value[0].category | default(''),
#              'version': package.value[0].version
#           }] }}"
#       # no_log: true
#       loop: "{{ ansible_facts.packages | dict2items() }}"
#       loop_control:
#         loop_var: package
#         label: "{{ package.key }}"
#       when: >
#         package.value[0].name | regex_search("^[l]")


        - name: Inventory Software [m-z]
          ansible.builtin.set_fact:
            cacheable: false
            software: "{{ software | default([]) + [{
              'name': package.value[0].name,
              'category': package.value[0].category | default(''),
              'version': package.value[0].version
              }] }}"
          # no_log: true
          loop: "{{ ansible_facts.packages | dict2items() }}"
          loop_control:
            loop_var: package
            label: "{{ package.key }}"
          when: >
            package.value[0].name | regex_search("^[m-z]")


        - name: Inventory Document
          ansible.builtin.set_fact:
            report: {
              "details": "{{ details }}",
              "os": {
                "name": "{{ ansible_distribution | lower }}",
                "version": "{{ ansible_distribution_version }}",
                "version_major": "{{ ansible_distribution_major_version }}"
              },
              "software": "{{ software }}"
            }


        - name: Save report
          ansible.builtin.copy:
            content: "{{ report | to_nice_json }}"
            dest: "/tmp/{{ ansible_hostname }}.json"


        - name: Try / catch
          block:


            - name: Upload inventory - {{ ansible_hostname }}
              ansible.builtin.uri:
                url: |-
                  {{ lookup('env', 'CENTURION_API') }}/api/v2/itam/inventory

                method: POST
                body_format: json
                src: "/tmp/{{ ansible_hostname }}.json"
                remote_src: true
                headers:
                  Authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
                validate_certs: "{{ lookup('env', 'CENTURION_VALIDATE_CERTS') | default(true) | bool }}"
                timeout: 300
                status_code:
                  - 200
                  - 201
              no_log: >    # Contains a secret that logging shows
                {{ nfc_pb_disable_log | default(true) }}
              register: api_post_inventory


          always:


            - name: Trace - Show Upload Details
              ansible.builtin.debug:
                msg:
                  - |
                    Upload failed with:
                    * URL: {{ api_post_inventory.url }}
                    * HTTP status code: {{ api_post_inventory.status }}
                    * Message: {{ api_post_inventory.msg }}
                    * Body: {{ api_post_inventory.json }}


      always:
        - name: Remove report
          ansible.builtin.file:
            path: "/tmp/{{ ansible_hostname }}.json"
            state: absent


  vars:

    nfc_pb_awx_tower_template:

      - name: "Centurion/ITAM/Inventory"
        ask_tags_on_launch: false
        ask_inventory_on_launch: true
        ask_credential_on_launch: true
        ask_limit_on_launch: true
        concurrent_jobs_enabled: true
        description: Inventory host machines and publish to Centurion ERP
        execution_environment: "No Fuss Computing EE"
        job_type: "run"
        # job_tags: complete
        labels:
          - centurion
          - inventory
          - itam
          - itsm
        use_fact_cache: true
        credential_types:
          - name: 'Collection/No Fuss Computing/Centurion/API'
            description: |
              Credentials for authentication to Centurion ERP
            inputs: |
              fields:
                - id: centurion_url
                  type: string
                  label: centurion url
                  help_text: Ensure that `https://` is prefixed to url
                - id: centurion_token
                  type: string
                  label: api token
                  secret: true
                - id: centurion_validate_certs
                  type: boolean
                  label: Validate SSL Certificate
              required:
                - centurion_api
                - centurion_token
            injectors: >
              env:
                CENTURION_API: '{{ centurion_url }}'
                CENTURION_TOKEN: '{{ centurion_token }}'
                CENTURION_VALIDATE_CERTS: '{{ centurion_validate_certs | default(true) }}'