- name: Upgrade kubernetes to specified version
  hosts: root_master
  become: yes
  become_method: sudo
  become_user: root
  tasks:
  - name: Remove apparmor for sanity reasons
    apt:
      name: "apparmor"
      state: absent
      autoremove: yes
      purge: yes
  - name: Check if keyring exists
    stat:
      path: /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg
    register: keyring_file
  - name: Install certificate
    command: "{{ item }} chdir=/tmp"
    with_items:
      - "curl -o Release.key -fsSL https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/Release.key"
      - "gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION }}.gpg Release.key"
      - "rm Release.key"
    when: not keyring_file.stat.exists
  - name: Check if apt repo exists
    stat:
      path: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
    register: apt_repo
  - name: Setup APT repo
    copy:
      dest: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
      content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg] https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/ /"
    when: not apt_repo.stat.exists
  - name: Update cache
    apt:
      update_cache: yes
  - name: Unhold packages
    dpkg_selections:
      name: "{{ item }}"
      selection: install
    with_items:
      # - "kubelet"
      - "kubeadm"
  - name: Upgrading packages
    apt:
      upgrade: yes
  - name: Upgrade plan
    shell: "kubeadm upgrade plan >> /etc/kubernetes/upgrade_plan_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"
    args:
      creates: /etc/kubernetes/upgrade_plan_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}
  - name: Pulling new container images
    shell: "kubeadm config images pull"
  - name: Apply upgrade plan
    shell: "sudo kubeadm upgrade apply -y {{ K8S_TARGET_MINOR }} >> /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"
    args:
      creates: /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}
  - name: Unhold kubelet
    dpkg_selections:
      name: kubelet
      selection: install
  - name: Update kubelet
    apt:
      update_cache: yes
      upgrade: yes
  - name: Restart kubelet
    service:
      name: kubelet
      state: restarted
  - name: Pin new package versions
    dpkg_selections:
      name: "{{ item }}"
      selection: hold
    with_items:
      - "kubelet"
      - "kubeadm"
- name: Upgrade masters
  hosts: masters
  become: yes
  become_method: sudo
  become_user: root
  tasks:
  - name: Remove apparmor for sanity reasons
    apt:
      name: "apparmor"
      state: absent
      autoremove: yes
      purge: yes
  - name: Check if keyring exists
    stat:
      path: /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg
    register: keyring_file
  - name: Install certificate
    command: "{{ item }} chdir=/tmp"
    with_items:
      - "curl -o Release.key -fsSL https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/Release.key"
      - "gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION }}.gpg Release.key"
      - "rm Release.key"
    when: not keyring_file.stat.exists
  - name: Check if apt repo exists
    stat:
      path: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
    register: apt_repo
  - name: Setup APT repo
    copy:
      dest: /etc/apt/sources.list.d/kubernetes_{{ K8S_TARGET_VERSION}}.list
      content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring{{ K8S_TARGET_VERSION}}.gpg] https://pkgs.k8s.io/core:/stable:/{{ K8S_TARGET_VERSION }}/deb/ /"
    when: not apt_repo.stat.exists
  - name: Update cache
    apt:
      update_cache: yes
  - name: Unhold packages
    dpkg_selections:
      name: "{{ item }}"
      selection: install
    with_items:
      # - "kubelet"
      - "kubeadm"
  - name: Upgrading packages
    apt:
      upgrade: yes
  - name: Pulling new container images
    shell: "kubeadm config images pull"
  - name: Apply upgrade for masters
    shell: "sudo kubeadm upgrade node >> /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}"
    args:
      creates: /etc/kubernetes/upgrade_ops_{{ K8S_SOURCE_VERSION}}_{{ K8S_TARGET_VERSION}}
  - name: Unhold kubelet
    dpkg_selections:
      name: kubelet
      selection: install
  - name: Update kubelet
    apt:
      update_cache: yes
      upgrade: yes
  - name: Restart kubelet
    service:
      name: kubelet
      state: restarted
  - name: Pin new package versions
    dpkg_selections:
      name: "{{ item }}"
      selection: hold
    with_items:
      - "kubelet"
      - "kubeadm"