---

### tags:
###   prometheus


- name: Create empty htpswd file
  file:
    path: "{{ htpasswd_file_path }}"
    state: touch
  tags:
    - prometheus

- name: Install latest passlib with pip
  pip: name=passlib

- name: Add a user and password to empty htpswd file
  community.general.htpasswd:
    path: "{{ htpasswd_file_path }}"
    name: "{{ k8s_prometheus_basic_auth_username }}"
    password: "{{ k8s_prometheus_basic_auth_password }}"
  tags:
    - prometheus

- name: read credentials out of htpasswd file
  ansible.builtin.slurp:
    src: "{{ htpasswd_file_path }}"
  register: prometheus_credentials
  tags:
    - prometheus

- name: "Create prometheus secrets"
  become: yes
  kubernetes.core.k8s:
    definition:
      api_version: v1
      kind: Secret
      metadata:
        namespace: "{{ k8s_prometheus_helm__release_namespace  }}"
        name: "{{ k8s_prometheus_basic_auth_secret_name }}"
      type: Opaque
      data: 
        auth: "{{ prometheus_credentials['content'] }}"
  tags:
    - prometheus

- name: "delete htpasswd file"
  become: yes
  file:
    path: "{{ htpasswd_file_path }}"
    state: absent


- name: Deploy kube-prometheus-stack inside monitoring namespace
  become: yes
  kubernetes.core.helm:
    name: "{{ k8s_prometheus_helm__name }}"
    chart_repo_url: "{{ k8s_prometheus_helm__chart_repo_url | default('https://prometheus-community.github.io/helm-charts') }}"
    chart_ref: "{{ k8s_prometheus_helm__chart_ref | default('kube-prometheus-stack') }}"
    chart_version: 40.1.0
    release_namespace: "{{ k8s_prometheus_helm__release_namespace }}"
    create_namespace: yes
    release_values: "{{ k8s_prometheus_helm__release_values }}"
  when:
  - inventory_hostname == groups['kube_control_plane'][0]
  tags:
    - prometheus