---

# updates firewall config

# Parameters:
#   playbook inventory
#     stage := the name of the stage (e.g. dev, int, qa, prod)

#############################################################
#   Creating inventory dynamically for given parameters
#############################################################

- hosts: localhost
  gather_facts: false
  connection: local

  pre_tasks:
    - name: "Check if ansible version is at least 2.10.x"
      assert:
        that:
          - ansible_version.major >= 2
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"

#     add virtual server to load stage specific variables as context
    - name: "Add <{{ stage }}-virtual-host-to-read-groups-vars> to hosts"
      add_host:
        name: "{{ stage }}-virtual-host-to-read-groups-vars"
        groups:
        - "stage_{{ stage }}"
      changed_when: False

#############################################################
#   Creating inventory dynamically for given parameters
#############################################################

- hosts: "{{ stage }}-virtual-host-to-read-groups-vars"
  serial: "{{ serial_number | default(1) }}"
  gather_facts: false
  connection: local

  tasks:
    - name: "Setup hcloud firewall via include_role"
      include_role:
        name: hcloud
        tasks_from: configure-firewall2
      loop: "{{ hcloud_firewall_objects }}"
      loop_control:
        loop_var: firewall_object