roles/openshift_node/tasks/apply_machine_config.yml

---
- name: Create temp directory
  tempfile:
    state: directory
  register: temp_dir

- name: Get worker machine current config name
  command: >
    oc get node {{ ansible_nodename | lower }}
    --kubeconfig={{ openshift_node_kubeconfig_path }}
    --output=jsonpath='{.metadata.annotations.machineconfiguration\.openshift\.io/desiredConfig}'
  delegate_to: localhost
  register: oc_get
  until:
  - oc_get.stdout != ''
  retries: 36
  delay: 5

- name: Set l_worker_machine_config_name
  set_fact:
    l_worker_machine_config_name: "{{ oc_get.stdout }}"

- name: Get worker ignition config
  command: >
    oc get machineconfig {{ l_worker_machine_config_name }}
    --kubeconfig={{ openshift_node_kubeconfig_path }}
    --output=json
  delegate_to: localhost
  register: oc_get
  until:
  - oc_get.stdout != ''
  retries: 36
  delay: 5

- name: Write worker ignition config to file
  copy:
    content: "{{ (oc_get.stdout | from_json).spec.config }}"
    dest: "{{ temp_dir.path }}/worker_ignition_config.json"

- name: Get machine-config-operator image
  command: >
    oc get daemonset machine-config-daemon
    --kubeconfig={{ openshift_node_kubeconfig_path }}
    --namespace=openshift-machine-config-operator
    --output=jsonpath='{.spec.template.spec.containers[?(@.name=="machine-config-daemon")].image}'
  delegate_to: localhost
  register: oc_get
  until:
  - oc_get.stdout != ''
  retries: 36
  delay: 5

- name: Set l_mcd_image fact
  set_fact:
    l_mcd_image: "{{ oc_get.stdout }}"

- import_tasks: proxy.yml

- block:
  - name: Pull MCD image
    command: "podman pull --tls-verify={{ openshift_node_tls_verify }} --authfile /var/lib/kubelet/config.json {{ l_mcd_image }}"
    register: podman_pull
    until:
      podman_pull.stdout != ''
    retries: 12
    delay: 10

  - name: Apply machine config
    command: "podman run {{ podman_mounts }} {{ podman_flags }} {{ mcd_command }}"
    vars:
      podman_flags: "--privileged --rm --entrypoint=/usr/bin/machine-config-daemon -ti {{ l_mcd_image }}"
      podman_mounts: "-v /:/rootfs -v /var/run/dbus:/var/run/dbus -v /run/systemd:/run/systemd"
      mcd_command: "start --node-name {{ ansible_nodename | lower }} --once-from {{ temp_dir.path }}/worker_ignition_config.json --skip-reboot"
  environment:
    http_proxy: "{{ http_proxy | default('')}}"
    https_proxy: "{{https_proxy | default('')}}"
    no_proxy: "{{ no_proxy | default('')}}"

- name: Remove temp directory
  file:
    path: "{{ temp_dir.path }}"
    state: absent

- name: Reboot the host and wait for it to come back
  reboot:
  #  reboot_timeout: 600  # default, 10 minutes

- block:
  - name: Wait for node to report ready
    command: >
      oc get node {{ ansible_nodename | lower }}
      --kubeconfig={{ openshift_node_kubeconfig_path }}
      --output=jsonpath='{.status.conditions[?(@.type=="Ready")].status}'
    delegate_to: localhost
    register: oc_get
    until:
    - oc_get.stdout == "True"
    retries: 36
    delay: 5
    changed_when: false

  rescue:
  - import_tasks: gather_debug.yml

  - name: DEBUG - Node failed to report ready
    fail:
      msg: "Node failed to report ready"