---
- name: create base directory for node-feature-discovery addon
  run_once: true
  delegate_to: "{{ groups['_kubernetes_primary_controlplane_node_'] | first }}"
  file:
    path: /etc/kubernetes/addons/node-feature-discovery
    state: directory

- name: install python-cryptoraphy
  apt:
    name: "{{ python_basename }}-cryptography"
    state: present

- name: generate certificate authority and master certificate
  run_once: true
  delegate_to: "{{ groups['_kubernetes_primary_controlplane_node_'] | first }}"
  import_tasks: tls-ca-master.yml

- name: generate certificate
  import_tasks: tls-worker.yml

- name: deploy node-feature-discovery addon
  run_once: true
  delegate_to: "{{ groups['_kubernetes_primary_controlplane_node_'] | first }}"
  block:
  - name: copy base resources for node-feature-discovery
    template:
      src: "base.{{ kubernetes_node_feature_discovery_version }}.yml.j2"
      dest: /etc/kubernetes/addons/node-feature-discovery/base.yml

  - name: generate kustomization and nfd-worker config files
    loop:
    - kustomization.yml
    - nfd-worker.conf
    template:
      src: "{{ item }}.j2"
      dest: /etc/kubernetes/addons/node-feature-discovery/{{ item }}

  - name: check if node-feature-discovery is already installed
    check_mode: no
    command: kubectl --kubeconfig /etc/kubernetes/admin.conf diff -k /etc/kubernetes/addons/node-feature-discovery/
    failed_when: false
    changed_when: false
    register: kube_node_feature_discovery_diff_result

  - name: install node-feature-discovery onto the cluster
    when: kube_node_feature_discovery_diff_result.rc != 0
    command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -k /etc/kubernetes/addons/node-feature-discovery/