resource "kubectl_manifest" "cm_env_back" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: "${var.instance}-${var.component}-back"
      labels: ${jsonencode(local.common_labels)}
      namespace: ${var.namespace}
    data:
      POSTGRES_DB: ${var.component}
      POSTGRES_USER: ${var.component}
      POSTGRES_HOST: ${var.instance}-${var.component}-pg-rw.${var.namespace}.svc
      TAIGA_URL: https://${local.dns_name}
      TAIGA_SITES_DOMAIN: ${local.dns_name}
      TAIGA_SITES_SCHEME: https
      TAIGA_ASYNC_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
      TAIGA_EVENTS_RABBITMQ_HOST: ${kubectl_manifest.rabbit.name}
      SESSION_COOKIE_SECURE: "True"
      CSRF_COOKIE_SECURE: "True"
      ENABLE_TELEMETRY: "False"
      PUBLIC_REGISTER_ENABLED: "True"
      ENABLE_GITHUB_AUTH: "False"
      ENABLE_GITLAB_AUTH: "False"
      ENABLE_SLACK: "False"
      ENABLE_GITHUB_IMPORTER: "False"
      ENABLE_JIRA_IMPORTER: "False"
      ENABLE_TRELLO_IMPORTER: "False"
      ENABLE_OIDC_AUTH: "False"
      ENABLE_OPENID_AUTH: "True"
      OPENID_SCOPE: "openid email profile"
      OPENID_TOKEN_URL: "${module.oauth2.sso_token_url}"
      OPENID_USER_URL: "${module.oauth2.sso_userinfo_url}"
EOF
}

resource "kubectl_manifest" "cm_env_front" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: "${var.instance}-${var.component}-front"
      labels: ${jsonencode(local.common_labels)}
      namespace: ${var.namespace}
    data:
      TAIGA_URL: https://${local.dns_name}
      TAIGA_SITES_DOMAIN: ${local.dns_name}
      TAIGA_SITES_SCHEME: https
      SESSION_COOKIE_SECURE: "false"
      CSRF_COOKIE_SECURE: "false"
      ENABLE_TELEMETRY: "false"
      PUBLIC_REGISTER_ENABLED: "true"
      ENABLE_GITHUB_AUTH: "false"
      ENABLE_GITLAB_AUTH: "false"
      ENABLE_SLACK: "false"
      ENABLE_GITHUB_IMPORTER: "false"
      ENABLE_JIRA_IMPORTER: "false"
      ENABLE_TRELLO_IMPORTER: "false"
      ENABLE_OIDC_AUTH: "false"
      ENABLE_OPENID_AUTH: "true"
      OPENID_URL: "${module.oauth2.sso_configuration_url}"
      OPENID_SCOPE: "openid email profile"
      OPENID_NAME: "${var.domain}"
EOF
}

# awk '/taiga-events-rabbitmq/||/taiga-async-rabbitmq/' < /taiga-back/settings/config.py
#     EVENTS_PUSH_BACKEND_URL = f"amqp://{ os.getenv('RABBITMQ_USER') }:{ os.getenv('RABBITMQ_PASS') }@taiga-events-rabbitmq:5672/taiga"
#     CELERY_BROKER_URL = f"amqp://{ os.getenv('RABBITMQ_USER') }:{ os.getenv('RABBITMQ_PASS') }@taiga-async-rabbitmq:5672/taiga"


resource "kubectl_manifest" "cm_scripts" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: "${var.instance}-${var.component}-scripts"
      labels: ${jsonencode(local.postcfg_all_labels)}
      namespace: ${var.namespace}
    data:
      certs.sh: |-
        #!/usr/bin/env bash
        if [ -f /etc/local-ca/ca.crt ];then
          export REQUESTS_CA_BUNDLE=/etc/local-ca/ca.crt
        else
          export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
        fi
      postconfig.py: |-
        #!/usr/bin/env python
        import time
        import requests
        import subprocess

        print('Waiting for backend ...')
        while requests.get('http://${kubectl_manifest.svc_back.name}/api/v1/').status_code != 200:
            print('...')
            time.sleep(2)

        if len(str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'projects.projecttemplate']))) < 5:
            print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_project_templates']))

        if str(subprocess.check_output(['python', 'manage.py', 'dumpdata', 'users.user'], cwd='/taiga-back')).find('\"is_superuser\": true') == -1:
            print(subprocess.check_output(['python', 'manage.py', 'loaddata', 'initial_user'], cwd='/taiga-back'))
EOF
}