Add a tag to prevent gpg-related actions during the home bootstrap

[perso/Immae/Config/Ansible.git] / roles / gnupg / tasks / main.yml

diff --git a/roles/gnupg/tasks/main.yml b/roles/gnupg/tasks/main.yml
index 954c02921381fccf28e9b28e8ca0173308d00890..84957cf549ff6c1ec593548b2333481bfcd838f9 100644 (file)
--- a/roles/gnupg/tasks/main.yml
+++ b/roles/gnupg/tasks/main.yml
@@ -22,13 +22,14 @@
   changed_when: false
   check_mode: no
 - name: check existing secret key
+  tags: ["no_bootstrap"]
   shell: "gpg --list-secret-keys | grep '{{ gpg_useremail }}'"
   changed_when: false
   ignore_errors: true
   register: gpgkeys
   check_mode: no
 - name: Ask for gpg password
-  when: gpgkeys.stdout == ""
+  when: gpgkeys is defined and gpgkeys.stdout == ""
   block:
     - name: Ask for gpg password
       pause:
@@ -44,7 +45,7 @@
       assert:
         that: gpg_password_confirm.user_input == gpg_password.user_input
 - name: Generate gpg key
-  when: gpgkeys.stdout == ""
+  when: gpgkeys is defined and gpgkeys.stdout == ""
   block:
     - name: Copy default template for gpg key generation
       template:
@@ -63,7 +64,7 @@
 - name: get keygrip
   shell: "gpg -K --with-colons {{ gpg_useremail }} | grep '^grp' | cut -d':' -f10"
   register: keygrip
-  when: gpgkeys.stdout == ""
+  when: gpgkeys is defined and gpgkeys.stdout == ""
   notify:
     - notify add key to immae@immae.eu
     - send key to immae@immae.eu