- name: Add prometheus-community helm chart repo
  kubernetes.core.helm_repository:
    name: prometheus-community
    repo_url: "https://prometheus-community.github.io/helm-charts"

- name: Install Prometheus Operator (Kube Prometheus Stack)
  kubernetes.core.helm:
    name: prometheus-operator
    chart_ref: prometheus-community/kube-prometheus-stack
    release_namespace: monitoring
    create_namespace: true
    values: 
      grafana:
        enabled: false  
      prometheus:
        prometheusSpec:
          enableAdminAPI: true
  loop:
    - karpenter
    - cas
  environment:
    KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_EKS_' ~ (item | upper)) }}" 
    AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID }}"
    AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY }}"
    AWS_DEFAULT_REGION: "us-east-1"

- name: Add cluster autoscaler chart repo
  kubernetes.core.helm_repository:
    name: autoscaler_eks
    repo_url: "https://kubernetes.github.io/autoscaler"

- name: Deploy Cluster Autoscaler (EKS)
  kubernetes.core.helm:
    name: cas
    chart_ref: autoscaler_eks/cluster-autoscaler
    release_namespace: cas
    create_namespace: true
    set_values:
      - value: "autoDiscovery.clusterName=cas-eks"
        value_type: string
    values:
      workerpools:
        - default:
            enabled: true
            max: 3
            min: 1
  environment:
    KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_EKS_CAS') }}" 
    AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID }}"
    AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY }}"
    AWS_DEFAULT_REGION: "us-east-1"

- name: Create service account for Prometheus
  kubernetes.core.k8s:
    api_version: v1
    kind: ServiceAccount
    namespace: monitoring
    name: prometheus-sa
  environment:
    KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_EKS_' ~ (item | upper)) }}"
    AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID }}"
    AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY }}"
    AWS_DEFAULT_REGION: "us-east-1"
  loop:
    - karpenter
    - cas

- name: Create service account token secret for Prometheus
  kubernetes.core.k8s:
    resource_definition:
      api_version: v1
      kind: Secret
      metadata:
        name: prometheus-sa-token
        namespace: monitoring
        annotations:
          kubernetes.io/service-account.name: prometheus-sa
      type: kubernetes.io/service-account-token
  environment:
    KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_EKS_' ~ (item | upper)) }}"
    AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID }}"
    AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY }}"
    AWS_DEFAULT_REGION: "us-east-1"
  loop:
    - karpenter
    - cas
    
- name: Retrieve the token for Prometheus SA
  kubernetes.core.k8s_info:
    api_version: v1
    kind: Secret
    namespace: monitoring
    name: prometheus-sa-token
  register: prometheus_sa_token
  environment:
    KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_EKS_' ~ (item | upper)) }}" 
    AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID }}"
    AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY }}"
    AWS_DEFAULT_REGION: "us-east-1"
  loop:
    - karpenter
    - cas

- name: Set Prometheus token fact
  set_fact:
    "PROM_TOKEN_EKS_{{ item.item | upper }}": "{{ item.resources[0].data.token | b64decode }}"
  loop: "{{ prometheus_sa_token.results }}"

- name: Set Prometheus endpoint facts for port-forwarded services
  set_fact:
    "PROM_ENDPOINT_EKS_{{ item.cluster | upper }}": "http://127.0.0.1:{{ item.port }}"
  loop:
    - { cluster: 'karpenter', port: 9093 }
    - { cluster: 'cas', port: 9094 }