---
# helm uses some undecipherable configmaps, so we need to use the binary
- name: helm chart check
  ansible.builtin.command:
    argv:
      - /usr/bin/env
      - KUBECONFIG={{ ansible_facts['user_dir'] }}/kubeconfig-{{ cluster }}
      - /usr/local/bin/helm
      - -n
      - stackrox
      - list
      - -o
      - json
      - --filter
      - stackrox.*services
    chdir: "{{ ansible_facts['user_dir'] }}"
  register: helm_chart_status

- name: assert chart isn't there
  set_fact:
    helm_chart_present: false

- name: unless proven otherwise
  set_fact:
    helm_chart_present: true
  when:
    - helm_chart_status.stdout | from_json | list | length > 0
    - (helm_chart_status.stdout | from_json | list)[0].status == "deployed"

- name: create helm vars
  template:
    src: templates/helm-vars.yml
    dest: "{{ ansible_facts['user_dir'] }}/{{ clusters[cluster].name }}-helm-vars.yaml"
    mode: 0600
    owner: "{{ ansible_user }}"
    group: "{{ ansible_user }}"
  when:
    - not helm_chart_present

- name: check the repo
  ansible.builtin.command:
    argv:
      - /usr/bin/env
      - KUBECONFIG={{ ansible_facts['user_dir'] }}/kubeconfig-{{ cluster }}
      - /usr/local/bin/helm
      - repo
      - list
      - -o
      - json
    chdir: "{{ ansible_facts['user_dir'] }}"
  ignore_errors: yes
  register: repo_is_there

- name: add the repo
  ansible.builtin.command:
    argv:
      - /usr/bin/env
      - KUBECONFIG={{ ansible_facts['user_dir'] }}/kubeconfig-{{ cluster }}
      - /usr/local/bin/helm
      - repo
      - add
      - rhacs
      - https://mirror.openshift.com/pub/rhacs/charts/
    chdir: "{{ ansible_facts['user_dir'] }}"
  when: repo_is_there.failed or (repo_is_there.stdout | from_json | list | length) == 0

- name: apply helm chart
  ansible.builtin.command:
    argv:
      - /usr/bin/env
      - KUBECONFIG={{ ansible_facts['user_dir'] }}/kubeconfig-{{ cluster }}
      - /usr/local/bin/helm
      - install
      - -n
      - stackrox
      - --create-namespace
      - stackrox-secured-cluster-services
      - rhacs/secured-cluster-services
      - -f 
      - "{{ ansible_facts['user_dir'] }}/{{ clusters[cluster].name }}-helm-bundle.yaml"
      - -f 
      - "{{ ansible_facts['user_dir'] }}/{{ clusters[cluster].name }}-helm-vars.yaml"
    chdir: "{{ ansible_facts['user_dir'] }}"
  when:
    - not helm_chart_present
...