name: Run Ansible

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]
  # Ermöglicht manuellen Start des Workflows über die GitHub UI
  workflow_dispatch:

jobs:
  install_ansible:
    runs-on: ubuntu-latest
    
    steps:
      #       - name: Konfiguriere SSH-Schlüssel in den Runner laden
      #         uses: webfactory/ssh-agent@v0.9.0
      #         with: 
      #           ssh-private-key: ${{ secrets.SSHKEY }}
      #       - name: Deaktiviere StrictHostKeyChecking für Gitea Host
      #         run: |
      #           # Ersetze DEIN_GITEA_HOST durch den Hostnamen deines Gitea-Servers
      #           DEIN_GITEA_HOST="gitea.mod.home" 
      #           
      #           # Erstelle oder editiere die globale SSH-Konfiguration
      #           mkdir -p ~/.ssh
      #           echo "Host $DEIN_GITEA_HOST" >> ~/.ssh/config
      #           echo "  StrictHostKeyChecking no" >> ~/.ssh/config
      #           echo "  UserKnownHostsFile /dev/null" >> ~/.ssh/config
      #           
      #           # Optional: Gib die Konfiguration aus, um sie zu prüfen
      #           cat ~/.ssh/config
      - name: Setup SSH for submodules
        run: |
          echo "Key length: ${#SSH_PRIVATE_KEY}"
          mkdir -p $HOME/.ssh
          echo "$SSH_PRIVATE_KEY" | base64 -d > $HOME/.ssh/id_ed25519
          chmod 600 $HOME/.ssh/id_ed25519
          ls -laR
          # ssh-keyscan -t rsa -p 2222 gitlab.mod.home > $HOME/.ssh/known_hosts
          echo "Host *" >> ~/.ssh/config
          echo "  StrictHostKeyChecking no" >> ~/.ssh/config
          echo "  UserKnownHostsFile /dev/null" >> ~/.ssh/config
          echo "Host gitea.mod.home" >> ~/.ssh/config
          echo "  port 2222" >> ~/.ssh/config
        env:
          SSH_PRIVATE_KEY: ${{ secrets.SSHKEY_B64 }}
      - name: Checkout Repository
        uses: actions/checkout@v4
        submodules: recursive
        fetch-depth: 0
      # Python 3 installieren, was für pip und Ansible notwendig ist
      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.x' # Wählt die neueste Python 3 Version
          
      # Abhängigkeiten aktualisieren und Ansible über pip installieren
      - name: Install Ansible via pip
        run: |
          python -m pip install --upgrade pip
          pip install ansible
      
      # vault file anlegen
      - name: create vault file
        run: echo "${{ secrets.ANSIBLE_VAULT_KEY }}" > .vault_pass.txt
      - name: Manuelles Submodule Update
        run: |
          git submodule init
          # Hier wird der SSH-Fehler wahrscheinlich auftreten
          git submodule update --recursive --init --force
      # Optional: Version prüfen, um die erfolgreiche Installation zu bestätigen
      - name: Verify Ansible Installation
        run: ansible --version
      - name: Validate Ansible inventory
        run: |
          SUBMODULE_FOLDER="inventory"
          ansible-inventory --graph
      - name: list inventory directory
        run: ls -R . 
      - name: Install Ansible roles
        run: |
          ansible-galaxy role install -r requirements.yml --roles-path ./roles
      - name: Check Ansible roles exists
        run: |
          ansible-galaxy list
#      - name: Check Ansible Playbook Syntax
#        run: |
#          ansible-playbook --syntax-check ansible-runner/playbooks/site.yml