---
- name: check if container apt component of spreadspace repo is enabled
  assert:
    msg: "please enable the 'container' component of spreadspace repo using 'spreadspace_apt_repo_components'"
    that:
    - spreadspace_apt_repo_components is defined
    - "'container' in spreadspace_apt_repo_components"

- name: install container runtime
  include_tasks: "cri_{{ kubernetes_container_runtime }}.yml"

- name: prepare storage volume for /var/lib/kubelet
  when: kubelet_storage is defined
  vars:
    storage_volume: "{{ kubelet_storage | combine({'dest': '/var/lib/kubelet'}) }}"
  include_role:
    name: "storage/{{ kubelet_storage.type }}/volume"

- name: add apt repository for kubernetes packages
  include_role:
    name: apt-repo/kubernetes

- name: generate apt pin file for kubelet
  copy:
    dest: "/etc/apt/preferences.d/kubelet.pref"
    content: |
      Package: kubelet
      Pin: version {{ kubernetes_version }}-*
      Pin-Priority: 1001

## TODO: remove once all servers have been converted
- name: remove apt pin file for cri-tools
  file:
    path: "/etc/apt/preferences.d/cri-tools.pref"
    state: absent

- name: install kubelet and common packages
  apt:
    name:
    - bridge-utils
    - cri-tools
    - "kubelet={{ kubernetes_version }}-*"
    state: present
    allow_downgrade: yes

- name: configure endpoints for crictl
  copy:
    dest: /etc/crictl.yaml
    content: |
      runtime-endpoint: "{{ kubernetes_cri_socket }}"
      image-endpoint: "{{ kubernetes_cri_socket }}"

- name: add crictl config for shells
  loop:
  - zsh
  - bash
  blockinfile:
    path: "/root/.{{ item }}rc"
    create: yes
    marker: "### {mark} ANSIBLE MANAGED BLOCK for crictl ###"
    content: |
      source <(crictl completion {{ item }})

- name: add dummy group with gid 990
  group:
    name: app
    gid: 990

- name: add dummy user with uid 990
  user:
    name: app
    uid: 990
    group: app
    password: "!"