---
- name: Playbook to automate a manual k8s installation
  hosts: localhost
  become: true
  tasks:
  - name: Download and install the cfssl utility
    get_url:
      url: https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
      dest: /usr/local/bin/cfssl
      mode: 0755
  - name: Download and install the cfssljson utility
    get_url:
      url: https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
      dest: /usr/local/bin/cfssljson
      mode: 0755
  - name: Put the seed key material files in place
    file:
      path: /var/tmp/kubernetes
      state: directory
  - copy:
      src: files/{{ item }}
      dest: /var/tmp/kubernetes/
    with_items:
      - ca-csr.json
      - admin-csr.json
      - ca-config.json
  - name: Create the CA
    shell: /usr/local/bin/cfssl gencert -initca ca-csr.json | /usr/local/bin/cfssljson -bare ca
    args:
      chdir: /var/tmp/kubernetes
  - name: Create the admin KMOs
    shell: /usr/local/bin/cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes admin-csr.json | /usr/local/bin/cfssljson -bare admin
    args:
      chdir: /var/tmp/kubernetes