---

- name: Get secret_key
  k8s_info:
    kind: Secret
    namespace: '{{ meta.namespace }}'
    name: "{{ this_awx['resources'][0]['status']['towerSecretKeySecret'] }}"
  register: _secret_key

- name: Set secret key
  set_fact:
    secret_key: "{{ _secret_key['resources'][0]['data']['secret_key'] | b64decode }}"

- name: Get admin_password
  k8s_info:
    kind: Secret
    namespace: '{{ meta.namespace }}'
    name: "{{ this_awx['resources'][0]['status']['towerAdminPasswordSecret'] }}"
  register: _admin_password

- name: Set admin_password
  set_fact:
    admin_password: "{{ _admin_password['resources'][0]['data']['password'] | b64decode }}"

- name: Get broadcast_websocket
  k8s_info:
    kind: Secret
    namespace: '{{ meta.namespace }}'
    name: "{{ this_awx['resources'][0]['status']['towerBroadcastWebsocketSecret'] }}"
  register: _broadcast_websocket

- name: Set broadcast_websocket key
  set_fact:
    broadcast_websocket: "{{ _broadcast_websocket['resources'][0]['data']['secret'] | b64decode }}"

- name: Get postgres configuration
  k8s_info:
    kind: Secret
    namespace: '{{ meta.namespace }}'
    name: "{{ this_awx['resources'][0]['status']['towerPostgresConfigurationSecret'] }}"
  register: _postgres_configuration

- name: Set postgres configuration
  set_fact:
    database_password: "{{ _postgres_configuration['resources'][0]['data']['password'] | b64decode }}"
    database_username: "{{ _postgres_configuration['resources'][0]['data']['username'] | b64decode }}"
    database_name: "{{ _postgres_configuration['resources'][0]['data']['database'] | b64decode }}"
    database_port: "{{ _postgres_configuration['resources'][0]['data']['port'] | b64decode }}"
    database_host: "{{ _postgres_configuration['resources'][0]['data']['host'] | b64decode }}"
    database_type: "{{ _postgres_configuration['resources'][0]['data']['type'] | b64decode | default('unmanaged') }}"

- name: Template secrets into yaml
  set_fact:
    secrets_file: "{{ lookup('template', 'secrets.yml.j2') }}"

- name: Write postgres configuration to pvc
  k8s_exec:
    namespace: "{{ backup_pvc_namespace }}"
    pod: "{{ meta.name }}-db-management"
    command: >-
      bash -c "echo '{{ secrets_file }}' > {{ backup_dir }}/secrets.yml"