---
- name: Create Hetzner CSI secret
  shell: |
    kubectl -n kube-system create secret generic hcloud-csi \
      --from-literal=token='{{ hcloud_token }}' \
      --from-literal=network='{{ cluster_name }}-network' \
      --dry-run=client -o yaml | kubectl apply -f -
  no_log: true
  when: hcloud_token is defined
  changed_when: true

- name: Deploy Hetzner CSI
  command: kubectl apply -f {{ csi_manifest_url }}
  changed_when: true

- name: Wait for CSI controller rollout
  command: kubectl rollout status deployment/hcloud-csi-controller -n kube-system
  register: csi_controller_rollout
  until: csi_controller_rollout.rc == 0
  retries: 30
  delay: 10
  changed_when: false

- name: Wait for CSI node daemonset rollout
  command: kubectl rollout status daemonset/hcloud-csi-node -n kube-system
  register: csi_node_rollout
  until: csi_node_rollout.rc == 0
  retries: 30
  delay: 10
  changed_when: false