---
- name: Update S3 Delivery Airflow Connection
  hosts: airflow_master
  vars_files:
    - "{{ inventory_dir }}/group_vars/all/vault.yml"
    - "{{ inventory_dir }}/group_vars/all/generated_vars.yml"
  tasks:
    - name: Delete existing s3_delivery_connection to ensure an idempotent update
      ansible.builtin.command: >
        docker compose exec -T airflow-scheduler
        airflow connections delete s3_delivery_connection
      args:
        chdir: "{{ airflow_master_dir }}"
      register: delete_s3_conn
      retries: 5
      delay: 10
      until: delete_s3_conn.rc == 0 or 'Did not find a connection' in delete_s3_conn.stderr
      changed_when: "'was deleted successfully' in delete_s3_conn.stdout"
      failed_when:
        - delete_s3_conn.rc != 0
        - "'Did not find a connection' not in delete_s3_conn.stderr"
      become: yes
      become_user: "{{ ansible_user }}"

    - name: Add/Update s3_delivery_connection
      ansible.builtin.command:
        argv:
          - docker
          - compose
          - exec
          - -T
          - airflow-scheduler
          - airflow
          - connections
          - add
          - s3_delivery_connection
          - --conn-type
          - aws
          - --conn-login
          - "{{ vault_s3_delivery_access_key_id }}"
          - --conn-password
          - "{{ vault_s3_delivery_secret_access_key }}"
          - --conn-host
          - "{{ vault_s3_delivery_endpoint }}"
          - --conn-extra
          - "{{ s3_extra_dict | to_json }}"
        chdir: "{{ airflow_master_dir }}"
      vars:
        s3_extra_dict:
          bucket: "{{ vault_s3_delivery_bucket }}"
          region_name: "{{ vault_s3_delivery_aws_region }}"
      register: add_s3_conn
      retries: 5
      delay: 10
      until: add_s3_conn.rc == 0
      changed_when: "'was successfully added' in add_s3_conn.stdout"
      become: yes
      become_user: "{{ ansible_user }}"