---
- name: install container runtime
  include_tasks: "cri_{{ kubernetes_container_runtime }}.yml"

- name: prepare /var/lib/kubelet as LVM
  when: kubelet_lvm is defined
  import_tasks: lvm.yml

- name: prepare /var/lib/kubelet as ZFS dataset
  when: kubelet_zfs is defined
  import_tasks: zfs.yml

- name: install apt https transport
  apt:
    name: apt-transport-https
    state: present

- name: add repository key
  copy:
    src: apt-key.gpg
    dest: /etc/apt/trusted.gpg.d/kubernetes.gpg
  notify: update apt cache

- name: add repository entry
  copy:
    content: |
      deb https://apt.kubernetes.io/ kubernetes-xenial main
    dest: /etc/apt/sources.list.d/kubernetes.list
  notify: update apt cache

- name: update apt cache
  meta: flush_handlers

- name: install kubelet and utils
  apt:
    name:
    - "kubelet{% if kubernetes_version is defined %}={{ kubernetes_version }}-00{% endif %}"
    - cri-tools
    - bridge-utils
    state: present
    force: yes

- name: disable automatic upgrades for kubelet
  when: kubernetes_version is defined
  loop:
  - kubelet
  dpkg_selections:
    name: "{{ item }}"
    selection: hold

- name: configure crictl to use containerd
  loop:
    - zsh
    - bash
  blockinfile:
    path: "/root/.{{ item }}rc"
    create: yes
    marker: "### {mark} ANSIBLE MANAGED BLOCK for crictl ###"
    content: |
      {% if kubernetes_container_runtime == 'containerd' %}
      alias crictl="crictl --runtime-endpoint unix:///run/containerd/containerd.sock"
      {% endif %}
      {% if item == 'zsh' %}
      ## TODO: see https://github.com/kubernetes-sigs/cri-tools/issues/435
      autoload -U +X bashcompinit && bashcompinit
      {% endif %}
      source <(crictl completion)

- name: add dummy group with gid 998
  group:
    name: app
    gid: 998

- name: add dummy user with uid 998
  user:
    name: app
    uid: 998
    group: app
    password: "!"