#!/usr/bin/python

RETURN = '''# '''

from subprocess import call
import string

try:
    import gitlab
    HAS_GITLAB_PACKAGE = True
except:
    HAS_GITLAB_PACKAGE = False


def main():
    module = AnsibleModule(
        argument_spec=dict(
            server_url=dict(required=True),
            validate_certs=dict(required=False, default=True, type='bool', aliases=['verify_ssl']),
            login_user=dict(required=False, no_log=True),
            login_password=dict(required=False, no_log=True),
            login_token=dict(required=False, no_log=True),
            company=dict(required=True),
            hostname=dict(required=True),
        ),
        supports_check_mode=True
    )

    if not HAS_GITLAB_PACKAGE:
        module.fail_json(msg="Missing required gitlab module (check docs or install with: pip install python-gitlab")

    server_url = module.params['server_url']
    verify_ssl = module.params['validate_certs']
    login_user = module.params['login_user']
    login_password = module.params['login_password']
    login_token = module.params['login_token']
    company = module.params['company']
    hostname = module.params['hostname']

    # We need both login_user and login_password or login_token, otherwise we fail.
    if login_user is not None and login_password is not None:
        use_credentials = True
    elif login_token is not None:
        use_credentials = False
    else:
        module.fail_json(msg="No login credentials are given. Use login_user with login_password, or login_token")
        return

    # Lets make a connection to the Gitlab server_url, with either login_user and login_password
    # or with login_token
    try:
        if use_credentials:
            git = gitlab.Gitlab(server_url, email=login_user, password=login_password, ssl_verify=verify_ssl) # type: gitlab
        else:
            git = gitlab.Gitlab(server_url, login_token, ssl_verify=verify_ssl) # type: gitlab
        git.auth()
    except Exception, e:
        module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
        return

    try:
        group = git.groups.get('ansible-inventories') # type: gitlab.Group
        hgroup = git.groups.get(group.subgroups.list(search='hosts')[0].id) # type: gitlab.Group
        cgroup = git.groups.get(hgroup.subgroups.list(search=company)[0].id) # type: gitlab.Group
        projects = cgroup.projects.list(search=hostname)
        if projects:
            changed = False
            gproject = projects[0]
        else:
            changed = True
            gproject = git.projects.create({
                'name': hostname,
                'namespace_id': cgroup.id,
            })
            # Add remote repo to etckeeper git repo
            cmd = ['git', 'remote', 'add', 'origin', '%s:ansible-inventories/hosts/%s/%s.git' % (string.replace(server_url, 'https://', 'git@'), company, hostname)]
            call(cmd, cwd='/etc')

        project = git.projects.get(gproject.id) # type: gitlab.Project
        project.keys.create({
            'title': 'root@%s' % hostname,
            'key': open('/root/.ssh/id_rsa.pub').read(),
            'can_push': True,
        })
    except Exception, e:
        module.fail_json(msg="Creating new host project failed: %s" % e.message, response=e)
        return

    module.exit_json(changed=changed, result="Successfully created project %s/ansible-inventories/hosts/%s/%s" % (server_url, company, hostname))


from ansible.module_utils.basic import *

if __name__ == '__main__':
    main()