awx-operator/roles/restore/tasks/initialize_django.yml

---

- name: Get the new deployment resource pod information.
  k8s_info:
    api_version: v1
    kind: Pod
    namespace: '{{ backup_pvc_namespace }}'
    label_selectors:
      - "app.kubernetes.io/name={{ deployment_name }}"
      - "app.kubernetes.io/managed-by=awx-operator"
      - "app.kubernetes.io/component=awx"
    field_selectors:
      - status.phase=Running
  register: tower_pods

- name: Set the resource pod name as a variable.
  set_fact:
    tower_pod_name: "{{ tower_pods['resources'][0]['metadata']['name'] | default('') }}"

- name: Check if there are any super users defined.
  k8s_exec:
    namespace: "{{ meta.namespace }}"
    pod: "{{ tower_pod_name }}"
    container: "{{ meta.name }}-task"
    command: >-
      bash -c "echo 'from django.contrib.auth.models import User;
      nsu = User.objects.filter(is_superuser=True, username='{{ tower_admin_user }}').count();
      exit(0 if nsu > 0 else 1)'
      | awx-manage shell"
  ignore_errors: true
  register: users_result
  changed_when: users_result.return_code > 0

- name: Update super user password via Django if it does exist (same password is a noop)
  k8s_exec:
    namespace: "{{ meta.namespace }}"
    pod: "{{ tower_pod_name }}"
    container: "{{ meta.name }}-task"
    command: >-
      bash -c "awx-manage update_password --username '{{ tower_admin_user }}' --password '{{ tower_admin_password }}'"
  register: update_pw_result
  changed_when: users_result.stdout == 'Password not updated'
  when: users_result.return_code == 0

- name: Create super user via Django if it doesn't exist.
  k8s_exec:
    namespace: "{{ meta.namespace }}"
    pod: "{{ tower_pod_name }}"
    container: "{{ meta.name }}-task"
    command: >-
      bash -c "echo \"from django.contrib.auth.models import User;
      User.objects.create_superuser('{{ tower_admin_user }}', '{{ tower_admin_email }}', '{{ tower_admin_password }}')\"
      | awx-manage shell"
  when: users_result.return_code > 0