---
- block:
    - name: Update apt cache
      apt:
        cache_valid_time: 3600
        update_cache: true
      register: _pre_update_apt_cache
      until: _pre_update_apt_cache is succeeded
      when:
        - ansible_pkg_mgr == "apt"

    - name: Install dependencies
      package:
        name: "{{ gitea_dependencies }}"
        state: present
      register: _install_dep_packages
      until: _install_dep_packages is succeeded
      retries: 5
      delay: 2

- name: Get service facts
  service_facts:

- block:
    - name: Stopping gitea before upgrade
      service:
        name: gitea
        state: stopped

    - name: Backing up gitea before upgrade
      command:
        cmd: "gitea dump -c /etc/gitea/gitea.ini"
        chdir: /var/backups/
      become: true
      become_method: su
      become_user: "{{ gitea_user }}"
      become_flags: "-s /bin/sh"
  when:
    - ansible_facts.services["gitea.service"] is defined
    - ansible_facts.services["gitea.service"].state == "running"
    - gitea_active_version.stdout != gitea_version

- block:
    - name: Download gitea archive
      get_url:
        url: "{{ gitea_dl_url }}.xz"
        dest: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
        checksum: "sha256:{{ gitea_dl_url }}.xz.sha256"
      register: _download_archive
      until: _download_archive is succeeded
      retries: 5
      delay: 2

    - name: Download gitea asc file
      get_url:
        url: "{{ gitea_dl_url }}.xz.asc"
        dest: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz.asc"
      register: _download_asc
      until: _download_asc is succeeded
      retries: 5
      delay: 2

    - name: Check gitea gpg key
      command: "gpg --list-keys 0x{{ gitea_gpg_key }}"
      register: _gitea_gpg_key_status
      changed_when: false
      failed_when: _gitea_gpg_key_status.rc not in (0, 2)

    - name: Import gitea gpg key
      command: "gpg --keyserver {{ gitea_gpg_server }} --recv {{ gitea_gpg_key }}"
      register: _gitea_import_key
      changed_when: '"imported: 1" in _gitea_import_key.stderr'
      when: _gitea_gpg_key_status.rc != 0

    - name: Check archive signature
      command: "gpg --verify /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz.asc /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
      changed_when: false

    - name: Unpack gitea binary
      command:
        cmd: "xz -k -d /tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}.xz"
        creates: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}"

    - name: Propagate gitea binary
      copy:
        src: "/tmp/gitea-{{ gitea_version }}.linux-{{ gitea_arch }}"
        remote_src: true
        dest: "/usr/local/bin/gitea"
        mode: 0755
        owner: root
        group: root
      notify: "Restart gitea"
  when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version))