---

## @see https://gist.github.com/shirou/6928012
## @todo known_hosts.py has a `add_host_key` function. Could we use that instead of this shell script?
- name: Scan for SSH host keys.
  delegate_to: localhost
  ansible.builtin.shell:
    cmd: ssh-keyscan -q -p 22 {{ ansible_host }} 2>/dev/null
  changed_when: false
  register: ssh_scan
  retries: 2 # it always fails the first time
  until: ssh_scan.rc == 0


# - debug:
#     var: ssh_scan

- name: Update known_hosts.
  ansible.builtin.known_hosts:
    key: "{{ item }}"
    name: "{{ ansible_host }}"
  with_items: "{{ ssh_scan.stdout_lines }}"
  delegate_to: localhost

- name: Install python3
  become: true
  ansible.builtin.raw: >
    test -e /usr/bin/python3 || (test -e /usr/bin/apt-get && (apt-get -y update && apt-get install -y python3))
  args:
    creates: /usr/bin/python3