## puppet_cd::r10k::webhook.pp
# Module name: puppet_cd
# Author: Arne Teuke (arne_teuke@confdroid)
# @summary  Class manages r10k webhook settings for the puppet_cd module.
###############################################################################
class puppet_cd::r10k::webhook (

) inherits puppet_cd::params {
  if ($pt_pm_fqdn == $fqdn) and ($pt_use_r10k_webhook == true) {
    # install packages
    package { $pt_r10k_webhook_pkg:
      ensure => $pt_pkg_ensure,
    }

    # create the webhook dir
    file { '/opt/r10k-webhook':
      ensure   => directory,
      path     => $pt_r10k_webhook_dir,
      owner    => 'puppet',
      group    => 'puppet',
      mode     => '0755',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
    }

    # create the requirements file
    file { $pt_r10k_req_file:
      ensure   => file,
      owner    => 'puppet',
      group    => 'puppet',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_r10k_req_erb),
      require  => File['/opt/r10k-webhook'],
    }

    # create the binary file
    file { $pt_r10k_webhook_file:
      ensure   => file,
      owner    => 'puppet',
      group    => 'puppet',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_r10k_webhook_erb),
      require  => File['/opt/r10k-webhook'],
    }

    # install pip dependencies
    exec { 'pip_install_r10k_webhook':
      command => 'pip3 install --user -r /opt/r10k-webhook/requirements.txt',
      user    => 'puppet',
      require => [Package[$pt_r10k_webhook_pkg],File[$pt_r10k_req_file]],
      unless  => 'pip3 show fastapi',  # Idempotent check
    }

    # establish exec systemd reload
    exec { 'systemctl_daemon_reload':
      command     => 'systemctl daemon-reload',
      path        => ['/bin', '/usr/bin'],
      require     => Exec['pip_install_r10k_webhook'],
      refreshonly => true,
    }

    # install systemd service file
    file { $pt_r10k_wh_service_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => systemd_unit_file_t,
      seluser  => system_u,
      content  => template($pt_r10k_wh_service_erb),
      notify   => Exec['systemctl_daemon_reload'],
    }

    # manage service
    service { 'r10k-webhook':
      ensure    => 'running',
      enable    => true,
      require   => File[$pt_r10k_wh_service_file],
      subscribe => File[$pt_r10k_webhook_file],
    }
  }
}