---
- name: Fail containerd setup if distribution is not supported
  fail:
    msg: "{{ ansible_distribution }} is not supported by containerd."
  when:
    - ansible_distribution not in ["CentOS", "OracleLinux", "RedHat", "Ubuntu", "Debian", "Fedora", "AlmaLinux", "Rocky", "Amazon", "Flatcar", "Flatcar Container Linux by Kinvolk", "Suse", "openSUSE Leap", "openSUSE Tumbleweed", "Kylin Linux Advanced Server", "UnionTech", "openEuler"]

- name: containerd | Remove any package manager controlled containerd package
  package:
    name: "{{ containerd_package }}"
    state: absent
  when:
    - not (is_ostree or (ansible_distribution == "Flatcar Container Linux by Kinvolk") or (ansible_distribution == "Flatcar"))

- name: containerd | Remove containerd repository
  file:
    path: "{{ yum_repo_dir }}/containerd.repo"
    state: absent
  when:
    - ansible_os_family in ['RedHat']

- name: containerd | Remove containerd repository
  apt_repository:
    repo: "{{ item }}"
    state: absent
  with_items: "{{ containerd_repo_info.repos }}"
  when: ansible_pkg_mgr == 'apt'

- name: containerd | Download containerd
  include_tasks: "../../../download/tasks/download_file.yml"
  vars:
    download: "{{ download_defaults | combine(downloads.containerd) }}"

- name: containerd | Unpack containerd archive
  unarchive:
    src: "{{ downloads.containerd.dest }}"
    dest: "{{ containerd_bin_dir }}"
    mode: 0755
    remote_src: yes
    extra_opts:
      - --strip-components=1
  notify: restart containerd

- name: containerd | Remove orphaned binary
  file:
    path: "/usr/bin/{{ item }}"
    state: absent
  when:
    - containerd_bin_dir != "/usr/bin"
    - not (is_ostree or (ansible_distribution == "Flatcar Container Linux by Kinvolk") or (ansible_distribution == "Flatcar"))
  ignore_errors: true  # noqa ignore-errors
  with_items:
    - containerd
    - containerd-shim
    - containerd-shim-runc-v1
    - containerd-shim-runc-v2
    - ctr

- name: containerd | Generate systemd service for containerd
  template:
    src: containerd.service.j2
    dest: /etc/systemd/system/containerd.service
    mode: 0644
  notify: restart containerd

- name: containerd | Ensure containerd directories exist
  file:
    dest: "{{ item }}"
    state: directory
    mode: 0755
    owner: root
    group: root
  with_items:
    - "{{ containerd_systemd_dir }}"
    - "{{ containerd_cfg_dir }}"
    - "{{ containerd_storage_dir }}"
    - "{{ containerd_state_dir }}"

- name: containerd | Write containerd proxy drop-in
  template:
    src: http-proxy.conf.j2
    dest: "{{ containerd_systemd_dir }}/http-proxy.conf"
    mode: 0644
  notify: restart containerd
  when: http_proxy is defined or https_proxy is defined

- name: containerd | Generate default base_runtime_spec
  register: ctr_oci_spec
  command: "{{ containerd_bin_dir }}/ctr oci spec"
  check_mode: false
  changed_when: false

- name: containerd | Store generated default base_runtime_spec
  set_fact:
    containerd_default_base_runtime_spec: "{{ ctr_oci_spec.stdout | from_json }}"

- name: containerd | Write base_runtime_specs
  copy:
    content: "{{ item.value }}"
    dest: "{{ containerd_cfg_dir }}/{{ item.key }}"
    owner: "root"
    mode: 0644
  with_dict: "{{ containerd_base_runtime_specs | default({}) }}"
  notify: restart containerd

- name: containerd | Copy containerd config file
  template:
    src: config.toml.j2
    dest: "{{ containerd_cfg_dir }}/config.toml"
    owner: "root"
    mode: 0640
  notify: restart containerd

# you can sometimes end up in a state where everything is installed
# but containerd was not started / enabled
- name: containerd | Flush handlers
  meta: flush_handlers

- name: containerd | Ensure containerd is started and enabled
  systemd:
    name: containerd
    daemon_reload: yes
    enabled: yes
    state: started