---
- include_tasks: vsphere-credentials-check.yml
  tags: vsphere-csi-driver

- name: vSphere CSI Driver | Generate CSI cloud-config
  template:
    src: "{{ item }}.j2"
    dest: "{{ kube_config_dir }}/{{ item }}"
    mode: 0640
  with_items:
    - vsphere-csi-cloud-config
  when: inventory_hostname == groups['kube-master'][0]
  tags: vsphere-csi-driver

- name: vSphere CSI Driver | Generate Manifests
  template:
    src: "{{ item }}.j2"
    dest: "{{ kube_config_dir }}/{{ item }}"
  with_items:
    - vsphere-csi-controller-rbac.yml
    - vsphere-csi-controller-ss.yml
    - vsphere-csi-node.yml
  register: vsphere_csi_manifests
  when: inventory_hostname == groups['kube-master'][0]
  tags: vsphere-csi-driver

- name: vSphere CSI Driver | Create a CSI secret
  command: "{{ bin_dir }}/kubectl create secret generic vsphere-config-secret --from-file=csi-vsphere.conf={{ kube_config_dir }}/vsphere-csi-cloud-config -n kube-system"
  when: inventory_hostname == groups['kube-master'][0]
  tags: vsphere-csi-driver

- name: vSphere CSI Driver | Apply Manifests
  kube:
    kubectl: "{{ bin_dir }}/kubectl"
    filename: "{{ kube_config_dir }}/{{ item.item }}"
    state: "latest"
  with_items:
    - "{{ vsphere_csi_manifests.results }}"
  when:
    - inventory_hostname == groups['kube-master'][0]
    - not item is skipped
  loop_control:
    label: "{{ item.item }}"
  tags: vsphere-csi-driver