---
- name: Verify
  hosts: all
  gather_facts: false
  tasks:
    - name: Ensure https://localhost returns 200
      ansible.builtin.uri:
        url: https://localhost
        validate_certs: false
        return_content: true
      register: get_localhost

    - name: Assert caddy responded on https://localhost
      ansible.builtin.assert:
        that: "(get_localhost.server | split(', '))[0] == 'Caddy'"
    - name: Assert nginx responded on https://localhost
      ansible.builtin.assert:
        that: "(get_localhost.server | split(', '))[1].startswith('nginx')"

    - name: Get /opt/nginx directory info
      ansible.builtin.stat:
        path: /opt/nginx
      register: opt_nginx_stat
    - name: Assert /opt/nginx doesn't exist
      ansible.builtin.assert:
        that: not opt_nginx_stat.stat.exists
        msg: /opt/nginx should not have been created but it was

    - name: Get host passwd nginx user
      ansible.builtin.getent:
        database: passwd
        key: nginx
        fail_key: false
    - name: Assert nginx user does not exist
      ansible.builtin.assert:
        that: getent_passwd.nginx == None
        msg: "nginx user should not exist but it does ({{ getent_passwd }})"

    - name: Get nginx container info
      community.docker.docker_container_info:
        name: nginx
      register: container_out

    - name: Assert container port 80 forwarded to host 28001
      ansible.builtin.assert:
        that:
          - "container_out.container.HostConfig.PortBindings['80/tcp'] is defined"
          - "container_out.container.HostConfig.PortBindings['80/tcp'][0].HostPort == '28001'"
        msg: "Container port 80 not correctly forwarded to host port. Port bindings output was {{ container_out.container.HostConfig.PortBindings }}"

    - name: Assert container user not set
      ansible.builtin.assert:
        that: container_out.container.Config.User == ""

    - name: Get container image info
      community.docker.docker_image_info:
        name: "{{ container_out.container.Image }}"
      register: container_image_out
    - name: Assert nginx image not built locally
      assert:
        that: container_image_out.images[0].RepoTags[0] == 'nginx:latest'
        msg: "Nginx image tag incorrect. It should have been nginx:latest but it was {{ container_image_out.images[0].RepoTags }}"

    - name: Get docker host info
      community.docker.docker_host_info:
        volumes: true
      register: docker_host_out
    - name: Assert all containers are running
      ansible.builtin.assert:
        that: docker_host_out.host_info.Containers == docker_host_out.host_info.ContainersRunning
        msg: There should have been {{ docker_host_out.host_info.Containers }} containers running but there were {{ docker_host_out.host_info.Containers }}
    - name: Assert no extra containers were created
      ansible.builtin.assert:
        that: docker_host_out.host_info.Containers == 1
        msg: There should have been 1 container created but there were {{ docker_host_out.host_info.Containers }}
    - name: Assert no extra images were pulled
      ansible.builtin.assert:
        that: docker_host_out.host_info.Images == 1
        msg: There should have been 1 image present but there were {{ docker_host_out.host_info.Images }}
    - name: Assert no volumes were created
      ansible.builtin.assert:
        that: docker_host_out.volumes | length == 0
        msg: There should have been no volumes present but there were {{ docker_host_out.volumes | length }}