---
- name: Check if ssh secret exists
  run_once: true
  delegate_to: "{{ groups.masters[0] }}"
  command: oc -n "{{ openshift_namespace }}" get secret/ands-ssh
  register: result
  changed_when: (result | failed)
  failed_when: false

- include_tasks: ssh_keygen.yml
  run_once: true
  delegate_to: "{{ groups.masters[0] }}"
  when: (result | changed)

- name: Read SSH public key
  shell: cat "{{ ssh_template_path }}/id_rsa.pub"
  changed_when: false
  register: result

- name: Distribute public keys
  authorized_key: user="root" key="{{result.stdout}}" state=present manage_dir=yes exclusive=no