---

- name: 'apply setup to {{ host | default("all") }}'
  hosts: '{{ host | default("all") }}'
  serial: "{{ serial_number | default(1) }}"
  gather_facts: no
  become: no

  pre_tasks:
    - name: "Check if ansible version is at least 2.10.x"
      assert:
        that:
          - ansible_version.major >= 2
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"

    - name: Get all Firewalls from Hetzner
      uri:
        url: "https://api.hetzner.cloud/v1/firewalls"
        headers:
          accept: application/json
          authorization: Bearer {{ hetzner_authentication_token }}
        return_content: yes
      register: hetzner_firewalls_response
      delegate_to: 127.0.0.1
      run_once: true
      tags:
        - update_networks

    - name: Save firewall entries as variable (fact)
      set_fact: 
        hetzner_firewalls_response_json: "{{ hetzner_firewalls_response.json }}"
      run_once: true
      tags:
        - update_networks

    - name: Parse firewall entries
      set_fact:  
        firewall_records: "{{ hetzner_firewalls_response_json.firewalls | json_query(jmesquery) }}"
      vars:
        jmesquery: '[*].{id: id, name: name}'
      run_once: true
      tags:
        - update_networks
    
    - name: Print firewall entries
      debug:
        msg: "{{ firewall_records }}"
      run_once: true
      tags:
        - update_networks

  roles:
    - role: hcloud
      when: "'hcloud' in group_names"