---
- name: Upgrade Nomad
  hosts: nomad_servers
  vars:
    nomad_version: "{{ lookup('env','NOMAD_VERSION') }}"
    env_name: "{{ lookup('env','ENV_NAME') }}"
    domain_name: "{{ lookup('env','DOMAIN_NAME') }}"
    nomad_token: "{{ lookup('env','NOMAD_TOKEN') }}"
  environment:
    NOMAD_CLIENT_KEY: "/etc/nomad/ssl/private.key"
    NOMAD_CLIENT_CERT: "/etc/nomad/ssl/public.crt"
    NOMAD_CACERT: "/etc/nomad/ssl/ca.crt"
  tasks:
    - name: Check current nomad version
      ansible.builtin.shell: nomad --version | awk '{print $2}' | sed 's/v//'
      register: current_nomad_version
      check_mode: false
    
    - name: Gathering the service facts
      ansible.builtin.service_facts:

    - name: Install jq
      ansible.builtin.apt:
        name: jq
        state: present

    - name: Prepare for Raft upgrade
      environment:
        NOMAD_ADDR: "https://nomad1.p81zero.{{ env_name }}.{{ domain_name }}:4646"
        NOMAD_TOKEN: "{{ nomad_token }}"
      ansible.builtin.script: ./create_peers.sh
      when: current_nomad_version.stdout is version('1.3.0', '<') and ansible_facts.services['nomad.service']['state'] == 'running'

    - name: Upgrade Nomad
      include_role:
        name: services/nomad
        tasks_from: "install.yml"
    
    - name: Flush handlers
      meta: flush_handlers
    
    - name: Check cluster status
      uri:
        url: "https://nomad1.p81zero.{{ env_name }}.{{ domain_name }}:4646/v1/status/peers"
        method: "GET"
        client_cert: "/etc/nomad/ssl/public.crt"
        client_key: "/etc/nomad/ssl/private.key"
        ca_path: "/etc/nomad/ssl/ca.crt"
        validate_certs: false
      register: nomad_peers
      until: "nomad_peers.json | length == 1"
      retries: 10
      delay: 30