---

- set_fact:
    vault_unseal_install_mode: 'none'
  tags: vault

- name: Detect if vault_unseal is installed
  stat: path=/usr/local/bin/vault_unseal
  register: vault_unseal_bin
  tags: vault

- when: not vault_unseal_bin.stat.exists
  set_fact: vault_unseal_install_mode='install'
  tags: vault

- when: vault_unseal_bin.stat.exists
  block:
    - name: Detect installed version
      shell: |
        /usr/local/bin/vault_unseal -v | perl -pe 's/vault-unseal version: (\d+(\.\d+)*).*/$1/'
      changed_when: False
      register: vault_unseal_current_version
    - set_fact:
        vault_current_version: "{{ vault_unseal_current_version.stdout }}"
  tags: vault

- when: vault_unseal_bin.stat.exists and vault_unseal_current_version != vault_unseal_version
  set_fact: vault_unseal_install_mode='upgrade'
  tags: vault

- debug: msg={{ vault_unseal_conf }}
  tags: vault

- debug: msg={{ vault_unseal_conf.vault_nodes }}
  tags: vault

- set_fact: vault_unseal_enabled={{ (vault_unseal_conf.vault_nodes | length > 0 and vault_unseal_conf.unseal_tokens | length > 0) | ternary(true, false) }}
  tags: vault