---
- name: install buildkite agent
  pkgng:
    state: latest
    name:
      - devel/buildkite-agent
      - devel/git
      - devel/gmake
      - security/vault
      - www/gurl
  tags: buildkite, pkg

- name: deploy buildkite agent template
  copy:
    content: |
      name='{{ instance.fqdn | default(inventory_hostname_short) }}-%spawn'
      spawn={{ buildkite_concurrency | default(1) }}
      tags='os={{ ansible_distribution }},queue={{ buildkite_queue }}'
      build-path='/var/db/ci/buildkite'
      hooks-path='/usr/local/etc/buildkite/hooks'
      plugins-path='/usr/local/etc/buildkite/plugins'
      debug=false
    dest: /usr/local/etc/buildkite/agent.cfg
    owner: root
    group: '{{ buildkite_group  | default("wheel") }}'
    mode: 0440
  notify: restart buildkite
  tags: buildkite

- name: enable buildkite daemon
  copy:
    content: |
      # https://buildkite.com/docs/agent
      # mandatory parameters
      buildkite_enable=YES
      buildkite_token={{ buildkite_token }}
      buildkite_account={{ ci_user | default("root") }}
      # optional parameters
      buildkite_config=/usr/local/etc/buildkite/agent.cfg
      buildkite_vars='CABAL_HMAC_SECRET={{ cabal_hmac_signing_key }} \
        VAULT_ADDR=https://vault.{{ admin_domain }}/ \
        VAULT_SECRET={{ ci_vault_auth_token }} \
      '
    dest: /etc/rc.conf.d/buildkite
    owner: root
    group: wheel
    mode: 0440
  notify: restart buildkite
  tags: buildkite

- name: deploy buildkite environment script
  template:
    src: buildkite_environment.j2
    dest: /usr/local/etc/buildkite/hooks/environment
    mode: 0750
    owner: root
    group: '{{ buildkite_group  | default("wheel") }}'
  notify: restart buildkite
  tags: buildkite