---
- name: Install CA certificates and gnupg packages
  become: true
  ansible.builtin.apt:
    name:
      - ca-certificates
      - gnupg
    cache_valid_time: "{{ apt_cache_valid_time }}"
    update_cache: true
    state: present

- name: Ensure apt sources list directory exists
  become: true
  ansible.builtin.file:
    path: /etc/apt/sources.list.d
    state: directory
    recurse: true

- name: Ensure apt keyrings directory exists
  ansible.builtin.file:
    path: /etc/apt/keyrings
    state: directory
    recurse: true

- name: Install docker apt gpg key
  become: true
  ansible.builtin.get_url:
    url: "{{ docker_apt_url }}/{{ docker_apt_key_file }}"
    dest: "/etc/apt/keyrings/docker.asc"
    mode: "0644"
    force: true
  environment: "{{ docker_apt_key_env }}"

- name: Install docker apt pin
  become: true
  ansible.builtin.copy:
    dest: "/etc/apt/preferences.d/docker"
    content: |
        Package: {{ docker_apt_package }}
        Pin: version {{ docker_apt_package_pin }}
        Pin-Priority: 1000
    mode: "0644"
  when: docker_apt_package_pin | length > 0

- name: Ensure old docker repository absent
  become: true
  ansible.builtin.file:
    path: /etc/apt/sources.list.d/docker.list
    state: absent

# TODO(mmalchuk): replace with ansible.builtin.deb822_repository module
# when all stable releases moves to the ansible-core >= 2.15
- name: Enable docker apt repository
  become: true
  ansible.builtin.copy:
    dest: /etc/apt/sources.list.d/docker.sources
    content: |
        # Ansible managed

        Types: deb
        URIs: {{ docker_apt_url }}
        Suites: {{ ansible_facts.distribution_release }}
        Components: stable
        Signed-by: /etc/apt/keyrings/docker.asc
    mode: "0644"

- name: Update the apt cache
  become: true
  ansible.builtin.apt:
    update_cache: true