---
# TODO: support new create-config command to generate node certs and config
# TODO: recreate master/node configs if settings that affect the configs
# change (hostname, public_hostname, ip, public_ip, etc)

# TODO: create a failed_when condition
- name: Create node server certificates
  command: >
    /usr/bin/openshift admin create-server-cert
    --overwrite=false
    --cert={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/server.crt
    --key={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/server.key
    --hostnames={{ [item.openshift.common.hostname,
                    item.openshift.common.public_hostname]|unique|join(",") }}
  args:
    chdir: "{{ openshift_cert_dir_parent }}"
    creates: "{{ openshift_cert_dir_abs }}/node-{{ item.openshift.common.hostname }}/server.crt"
  with_items: openshift_nodes
  register: server_cert_result

# TODO: create a failed_when condition
- name: Create node client certificates
  command: >
    /usr/bin/openshift admin create-node-cert
    --overwrite=false
    --cert={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/cert.crt
    --key={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/key.key
    --node-name={{ item.openshift.common.hostname }}
  args:
    chdir: "{{ openshift_cert_dir_parent }}"
    creates: "{{ openshift_cert_dir_abs }}/node-{{ item.openshift.common.hostname }}/cert.crt"
  with_items: openshift_nodes
  register: node_cert_result

# TODO: create a failed_when condition
- name: Create kubeconfigs for nodes
  command: >
    /usr/bin/openshift admin create-kubeconfig
    --client-certificate={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/cert.crt
    --client-key={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/key.key
    --kubeconfig={{ openshift_cert_dir }}/node-{{ item.openshift.common.hostname }}/.kubeconfig
    --master={{ openshift.master.api_url }}
    --public-master={{ openshift.master.public_api_url }}
  args:
    chdir: "{{ openshift_cert_dir_parent }}"
    creates: "{{ openshift_cert_dir_abs }}/node-{{ item.openshift.common.hostname }}/.kubeconfig"
  with_items: openshift_nodes
  register: kubeconfig_result

- name: Register unregistered nodes
  kubernetes_register_node:
    client_user: openshift-client
    name: "{{ item.openshift.common.hostname }}"
    api_version: "{{ openshift_kube_api_version }}"
    cpu: "{{ item.openshift.node.resources_cpu | default(None) }}"
    memory: "{{ item.openshift.node.resources_memory | default(None) }}"
    pod_cidr: "{{ item.openshift.node.pod_cidr | default(None) }}"
    host_ip: "{{ item.openshift.common.ip }}"
    labels: "{{ item.openshift.node.labels | default({}) }}"
    annotations: "{{ item.openshift.node.annotations | default({}) }}"
    external_id: "{{ item.openshift.node.external_id }}"
    # TODO: support customizing other attributes such as: client_config,
    # client_cluster, client_context, client_user
    # TODO: update for v1beta3 changes after rebase: hostnames, external_ips,
    # internal_ips, external_id
  with_items: openshift_nodes
  register: register_result