up.yml

---
- name: Create an EC2 instance in AWS
  hosts: localhost
  gather_facts: yes
  vars_files:
    - ../aap-project.yml
    - ../aap-site.yml

  tasks:
    - name: Validate project variable p
      block:
        - name: Fail if no project name is defined
          ansible.builtin.assert:
            that:
              - p is string
      rescue:
        - name: Display error message
          ansible.builtin.fail:
            msg: "ERROR: project must be defined with -e p=<project>"

    - name: Validate that project exits in vars file
      block:
        - name: Construct new variable from the selected project dictionary
          ansible.builtin.set_fact:
            project: "{{ lookup('ansible.builtin.vars', p, errors='strict') }}"
      rescue:
        - name: Display error message
          ansible.builtin.fail:
            msg: "ERROR: project {{ p }} does not exist in variable file!"

    - name: Validate mandatory parameters
      ansible.builtin.assert:
        that:
          - region is string
          - subnet_id is string
          - security_group_ids is not string and security_group_ids is not mapping and security_group_ids is iterable
          - vpc_id is string
          - project.ami_id is string
          - project.distro is string
          - project.instance_name is string
          - project.instance_type is string
          - project.login_user is string

    - name: Validate list of files to provision
      ansible.builtin.assert:
        that:
          - project.files is not string and project.files is iterable and project.files is mapping
      when: project.files is defined

    - name: Validate list of commands to run
      ansible.builtin.assert:
        that:
          - project.commands is not string and project.commands is not mapping and project.commands is iterable
      when: project.commands is defined

    - name: Construct instance name
      ansible.builtin.set_fact:
        my_instance_name: "{{ project.instance_name }}-{{ ansible_user_id }}"

    - name: Show constructed instance name
      ansible.builtin.debug:
        var: my_instance_name

    - name: Create EC2 instance
      amazon.aws.ec2_instance:
        state: present
        name: "{{ my_instance_name }}"
        key_name: "{{ keypair_name }}"
        vpc_subnet_id: "{{ subnet_id }}"
        instance_type: "{{ project.instance_type }}"
        security_groups: "{{ security_group_ids }}"
        network:
          assign_public_ip: true
        image_id: "{{ project.ami_id }}"
        tags:
          tostop: true
          environment: testing
          distro: "{{ project.distro }}"
          role: "{{ p }}"
      register: ec2_info

    - name: Create EC2 instance ID, name and public IP facts
      ansible.builtin.set_fact:
        instance_id: "{{ ec2_info.instances[0].instance_id }}"
        my_instance_name: "{{ my_instance_name }}"
        my_instance_public_ip: "{{ ec2_info.instances[0].public_ip_address }}"

    - name: Add new EC2 instance to inventory
      ansible.builtin.add_host:
        name: "{{ my_instance_name }}"
        ansible_user: "{{ project.login_user }}"
        ansible_ssh_host: "{{ ec2_info.instances[0].public_ip_address }}"
        ansible_ssh_private_key_file: "{{ ssh_private_key_file }}"

    -  name: Wait for port 22 to become open and contain "OpenSSH"
       ansible.builtin.wait_for:
         port: 22
         host: "{{ ec2_info.instances[0].public_ip_address }}"
         search_regex: OpenSSH
         delay: 10
       connection: local

    - name: Stop playbook for a while before attempting to login with SSH
      ansible.builtin.pause:
        seconds: 10

- name: Provision EC2 instance
  hosts: "{{ hostvars['localhost'].my_instance_name }}"
  become: true
  gather_facts: yes
  vars_files:
    - ../aap-project.yml
    - ../aap-site.yml

  tasks:
    - name: Show inventory hostname
      ansible.builtin.debug:
        msg: "{{ inventory_hostname }}"

    - name: Construct new variable from the selected project dictionary
      ansible.builtin.set_fact:
        project: "{{ lookup('ansible.builtin.vars', p, errors='strict') }}"

    - name: Attempt provisioning
      block:
        - name: Provision files
          ansible.builtin.copy:
            src: "{{ item.key }}"
            dest: "{{ item.value }}"
            mode: preserve
          loop: "{{ project.files | dict2items }}"
          when: project.files is defined

        - name: Run provisioning scripts
          ansible.builtin.shell:
            cmd: "{{ item }}"
          loop: "{{ project.commands }}"
          when: project.commands is defined

        - name: Mark provisioning as successful
          ansible.builtin.set_fact:
            provisioning_failed: false

        - name: Output public IP address
          ansible.builtin.debug:
            msg: "{{ hostvars['localhost'].my_instance_public_ip }}"

        - name: Output EC2 instance_id
          ansible.builtin.debug:
            msg: "{{ hostvars['localhost'].instance_id }}"

      rescue:
        - name: Mark provisioning as failed
          ansible.builtin.set_fact:
            provisioning_failed: true

- name: Remove an EC2 instance in AWS
  hosts: localhost
  gather_facts: yes
  vars_files:
    - ../aap-project.yml
    - ../aap-site.yml

  tasks:
    - name: Remove EC2 instance
      amazon.aws.ec2_instance:
        state: absent
        wait: false
        filters:
          instance-id: "{{ hostvars['localhost'].instance_id }}"
          instance-state-name: running
          "tag:Name": "{{ hostvars['localhost'].my_instance_name }}"
          "tag:tostop": "true"
      when: hostvars[my_instance_name].provisioning_failed == true