---

# Put Ansible key into root's authorized_keys to test its removal, but don't
# touch the file if it does not exist in order to properly test for idempotence.
- hosts: parameters-mandatory
  tasks:

    - name: Check if authorized_keys exists already
      stat:
        path: "/root/.ssh/authorized_keys"
      register: "authorized_keys"

    - name: Deploy authorized_keys to mimic set-up via preseed file
      authorized_key:
        user: root
        key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
      when: "not authorized_keys.stat.exists"

# Put Ansible key into root's authorized_keys to test its removal, but don't
# touch the file if it does not exist in order to properly test for idempotence.
- hosts: parameters-optional
  tasks:

    - name: Check if authorized_keys exists already
      stat:
        path: "/root/.ssh/authorized_keys"
      register: "authorized_keys"

    - name: Deploy authorized_keys to mimic set-up via preseed file
      authorized_key:
        user: root
        key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"
      when: "not authorized_keys.stat.exists"

- hosts: parameters-mandatory
  roles:
    - role: bootstrap

- hosts: parameters-optional
  roles:
    - role: bootstrap
      ansible_key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"