---
- name: Plumb a tacacs+ instance
  hosts: localhost
  connection: local
  gather_facts: False
  vars:
    awx_host: "https://localhost:8043"
  tasks:
    - name: Load existing and new tacacs+ settings
      ansible.builtin.set_fact:
        existing_tacacs: "{{ lookup('awx.awx.controller_api', 'settings/tacacsplus', host=awx_host, verify_ssl=false) }}"
        new_tacacs: "{{ lookup('template', 'tacacsplus_settings.json.j2') }}"

    - name: Display existing tacacs+ configuration
      ansible.builtin.debug:
        msg:
          - "Here is your existing tacacsplus configuration for reference:"
          - "{{ existing_tacacs }}"

    - ansible.builtin.pause:
        prompt: "Continuing to run this will replace your existing tacacs settings (displayed above). They will all be captured. Be sure that is backed up before continuing"

    - name: Write out the existing content
      ansible.builtin.copy:
        dest: "../_sources/existing_tacacsplus_adapter_settings.json"
        content: "{{ existing_tacacs }}"

    - name: Configure AWX tacacs+ adapter
      awx.awx.settings:
        settings: "{{ new_tacacs }}"
        controller_host: "{{ awx_host }}"
        validate_certs: False