- name: create a tempdir for an SSH key
  local_action: shell mktemp -d
  register: tempdir

- name: Generate a local SSH key
  local_action: "shell ssh-keygen -b 2048 -t rsa -f {{ tempdir.stdout }}/id_rsa -q -N 'passphrase'"

- name: Create a User-specific credential
  tower_credential:
    name: SSH Credential
    organization: Default
    user: admin
    state: present
    kind: ssh
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a User-specific credential
  tower_credential:
    name: SSH Credential
    organization: Default
    user: admin
    state: absent
    kind: ssh
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid SSH credential
  tower_credential:
    name: SSH Credential
    organization: Default
    state: present
    kind: ssh
    description: An example SSH credential
    username: joe
    password: secret
    become_method: sudo
    become_username: superuser
    become_password: supersecret
    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
    ssh_key_unlock: "passphrase"
  register: result

- assert:
    that:
      - "result is changed"

- name: Create an invalid SSH credential (passphrase required)
  tower_credential:
    name: SSH Credential
    organization: Default
    state: present
    kind: ssh
    username: joe
    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
  ignore_errors: yes
  register: result

- assert:
    that:
      - "result is failed"
      - "'must be set when SSH key is encrypted' in result.module_stderr"

- name: Create an invalid SSH credential (ssh_key_data file is missing)
  tower_credential:
    name: SSH Credential
    organization: Default
    state: present
    kind: ssh
    username: joe
    ssh_key_data: "{{ tempdir.stdout }}/not_a_valid_file"
  ignore_errors: yes
  register: result

- assert:
    that:
      - "result is failed"
      - "'file not found' in result.msg"

- name: Create an invalid SSH credential (ssh_key_data is a directory)
  tower_credential:
    name: SSH Credential
    organization: Default
    state: present
    kind: ssh
    username: joe
    ssh_key_data: "{{ tempdir.stdout }}"
  ignore_errors: yes
  register: result

- assert:
    that:
      - "result is failed"
      - "'attempted to read contents of directory' in result.msg"

- name: Create an invalid SSH credential (Organization not found)
  tower_credential:
    name: SSH Credential
    organization: Missing Organization
    state: present
    kind: ssh
    username: joe
  ignore_errors: yes
  register: result

- assert:
    that:
      - "result is failed"
      - "'The requested object could not be found' in result.module_stderr"

- name: Delete an SSH credential
  tower_credential:
    name: SSH Credential
    organization: Default
    state: absent
    kind: ssh
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid Vault credential
  tower_credential:
    name: Vault Credential
    organization: Default
    state: present
    kind: vault
    description: An example Vault credential
    vault_password: secret-vault
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid Vault credential w/ kind=ssh (deprecated)
  tower_credential:
    name: Vault Credential
    organization: Default
    state: present
    kind: ssh
    description: An example Vault credential
    vault_password: secret-vault
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a Vault credential
  tower_credential:
    name: Vault Credential
    organization: Default
    state: absent
    kind: vault
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid Network credential
  tower_credential:
    name: Network Credential
    organization: Default
    state: present
    kind: net
    username: joe
    password: secret
    authorize: true
    authorize_password: authorize-me
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a Network credential
  tower_credential:
    name: Network Credential
    organization: Default
    state: absent
    kind: net
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid SCM credential
  tower_credential:
    name: SCM Credential
    organization: Default
    state: present
    kind: scm
    username: joe
    password: secret
    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
    ssh_key_unlock: "passphrase"
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete an SCM credential
  tower_credential:
    name: SCM Credential
    organization: Default
    state: absent
    kind: scm
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid AWS credential
  tower_credential:
    name: AWS Credential
    organization: Default
    state: present
    kind: aws
    username: joe
    password: secret
    security_token: aws-token
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete an AWS credential
  tower_credential:
    name: AWS Credential
    organization: Default
    state: absent
    kind: aws
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid VMWare credential
  tower_credential:
    name: VMWare Credential
    organization: Default
    state: present
    kind: vmware
    host: https://example.org
    username: joe
    password: secret
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete an VMWare credential
  tower_credential:
    name: VMWare Credential
    organization: Default
    state: absent
    kind: vmware
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid Satellite6 credential
  tower_credential:
    name: Satellite6 Credential
    organization: Default
    state: present
    kind: satellite6
    host: https://example.org
    username: joe
    password: secret
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a Satellite6 credential
  tower_credential:
    name: Satellite6 Credential
    organization: Default
    state: absent
    kind: satellite6
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid CloudForms credential
  tower_credential:
    name: CloudForms Credential
    organization: Default
    state: present
    kind: cloudforms
    host: https://example.org
    username: joe
    password: secret
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a CloudForms credential
  tower_credential:
    name: CloudForms Credential
    organization: Default
    state: absent
    kind: cloudforms
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid GCE credential
  tower_credential:
    name: GCE Credential
    organization: Default
    state: present
    kind: gce
    username: joe
    project: ABC123
    ssh_key_data: "{{ tempdir.stdout }}/id_rsa"
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a GCE credential
  tower_credential:
    name: GCE Credential
    organization: Default
    state: absent
    kind: gce
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid AzureRM credential
  tower_credential:
    name: AzureRM Credential
    organization: Default
    state: present
    kind: azure_rm
    username: joe
    password: secret
    subscription: some-subscription
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid AzureRM credential with a tenant
  tower_credential:
    name: AzureRM Credential
    organization: Default
    state: present
    kind: azure_rm
    client: some-client
    secret: some-secret
    tenant: some-tenant
    subscription: some-subscription
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete an AzureRM credential
  tower_credential:
    name: AzureRM Credential
    organization: Default
    state: absent
    kind: azure_rm
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid OpenStack credential
  tower_credential:
    name: OpenStack Credential
    organization: Default
    state: present
    kind: openstack
    host: https://keystone.example.org
    username: joe
    password: secret
    project: tenant123
    domain: some-domain
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a OpenStack credential
  tower_credential:
    name: OpenStack Credential
    organization: Default
    state: absent
    kind: openstack
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid RHV credential
  tower_credential:
    name: RHV Credential
    organization: Default
    state: present
    kind: rhv
    host: https://example.org
    username: joe
    password: secret
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete an RHV credential
  tower_credential:
    name: RHV Credential
    organization: Default
    state: absent
    kind: rhv
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid Insights credential
  tower_credential:
    name: Insights Credential
    organization: Default
    state: present
    kind: insights
    username: joe
    password: secret
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete an Insights credential
  tower_credential:
    name: Insights Credential
    organization: Default
    state: absent
    kind: insights
  register: result

- assert:
    that:
      - "result is changed"

- name: Create a valid Tower-to-Tower credential
  tower_credential:
    name: Tower Credential
    organization: Default
    state: present
    kind: tower
    host: https://tower.example.org
    username: joe
    password: secret
  register: result

- assert:
    that:
      - "result is changed"

- name: Delete a Tower-to-Tower credential
  tower_credential:
    name: Tower Credential
    organization: Default
    state: absent
    kind: tower
  register: result

- assert:
    that:
      - "result is changed"