---
- name: "check {{ OS.database.percona.name }} service is started"
  service:
    name: "{{ OS.database.percona.name }}"
    state: started

- name: "check that we need change root password"
  block:
    - name: "check that we dont change root before"
      stat:
        path: "{{ mikbill.dirs.tmp }}/root_changed"
      register: root_changed

    - name: "get temporary password from mysql log"
      shell: "cat {{ OS.database.percona.dirs.logs }}/{{ OS.database.percona.firstrun_pwd }} | sed -n 's/.*temporary password is generated for root@localhost: //p' | tail -n1"
      register: temporary_password

    - name: "[temporary] set new root password"
      shell: mysql -u root -p"{{ temporary_password.stdout }}" --connect-expired-password -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY '{{ hostvars[inventory_hostname].root_passwd }}';"
      when:
        - OS.database.percona.version == 80 or OS.database.percona.version == 8.0
        - root_changed.stat.exists == false
        - temporary_password.stdout | length > 0

    - name: "[temporary] set new root password"
      shell: mysql -u root -p"{{ temporary_password.stdout }}" -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('{{ hostvars[inventory_hostname].root_passwd }}'); FLUSH PRIVILEGES;"
      when:
        - OS.database.percona.version == 56 or OS.database.percona.version == 5.6
        - root_changed.stat.exists == false
        - temporary_password.stdout | length > 0

    - name: "[empty] set new root password"
      shell: mysql -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY '{{ hostvars[inventory_hostname].root_passwd }}';"
      when:
        - OS.database.percona.version == 80 or OS.database.percona.version == 8.0
        - temporary_password.stdout | length == 0
        - root_changed.stat.exists == false

    - name: "[empty] set new root password"
      shell: mysql -u root -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('{{ hostvars[inventory_hostname].root_passwd }}'); FLUSH PRIVILEGES;"
      when:
        - OS.database.percona.version == 56 or OS.database.percona.version == 5.6
        - temporary_password.stdout | length == 0
        - root_changed.stat.exists == false

    - name: "mark root password is changed"
      file:
        path: "{{ mikbill.dirs.tmp }}/root_changed"
        state: touch
      when: root_changed.stat.exists == false
  when: mikbill.database.users.root.password == ''