---
- hosts: all
  vars:
    __sshd_test_backup_files:
      - /etc/ssh/sshd_config
      - /etc/ssh/sshd_config.d/00-ansible_system_role.conf
  tasks:
    - name: Backup configuration files
      ansible.builtin.include_tasks: tasks/backup.yml

    - name: Find old backups files
      ansible.builtin.find:
        paths: "{{ main_sshd_config_path }}"
        patterns: "{{ main_sshd_config_name }}.*@*~"
      register: backup_files

    - name: Remove old backup files
      ansible.builtin.file:
        path: "{{ item.path }}"
        state: absent
      with_items: "{{ backup_files.files }}"

    - name: Configure sshd without creating backup
      ansible.builtin.include_role:
        name: ansible-sshd
      vars:
        sshd_backup: false

    - name: Find new backups files
      ansible.builtin.find:
        paths: "{{ main_sshd_config_path }}"
        patterns: "{{ main_sshd_config_name }}.*@*~"
      register: no_backup

    - name: Configure sshd again with different configuration and with backup
      ansible.builtin.include_role:
        name: ansible-sshd
      vars:
        sshd_Banner: /tmp/banner  # noqa var-naming
      register: second_run

    - name: Find new backups files
      ansible.builtin.find:
        paths: "{{ main_sshd_config_path }}"
        patterns: "{{ main_sshd_config_name }}.*@*~"
      register: new_backup

    - name: Verify the backup was not done in the first attempt, but in the second one
      ansible.builtin.assert:
        that:
          - no_backup.files == []
          - new_backup.files != []

    - name: Restore configuration files
      ansible.builtin.include_tasks: tasks/restore.yml