From 9f56809bc53a7ef7c5f099255fa03295c412d4e8 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Sat, 28 Oct 2023 17:20:20 +0200
Subject: [PATCH 1/2] add requirements, improve lintin

---
 requirements.yml                              |  4 ++
 .../gopass-install/install-gopass-default.yml | 39 ++++++--------
 tasks/gopass-install/install-on-archlinux.yml | 52 ++++++++-----------
 tasks/gopass-install/install-on-debian.yml    | 51 ++++++++----------
 tasks/main.yml                                | 13 ++---
 tasks/versioncheck.yml                        |  8 +--
 vars/main.yml                                 | 35 +++++++++++--
 7 files changed, 107 insertions(+), 95 deletions(-)
 create mode 100644 requirements.yml

diff --git a/requirements.yml b/requirements.yml
new file mode 100644
index 0000000..a5a1e10
--- /dev/null
+++ b/requirements.yml
@@ -0,0 +1,4 @@
+---
+collections:
+  - name: 'community.general'
+    version: ">=7.5.0,<=8.0.0"
diff --git a/tasks/gopass-install/install-gopass-default.yml b/tasks/gopass-install/install-gopass-default.yml
index 2b9e182..a6ae692 100644
--- a/tasks/gopass-install/install-gopass-default.yml
+++ b/tasks/gopass-install/install-gopass-default.yml
@@ -3,54 +3,49 @@
   become: true
   ansible.builtin.package:
     name: "{{ item }}"
-    state: present
-  with_items:
-    - git
-    - gnupg
-    - rng-tools
-    - xsel
-    - xclip
+    state: 'present'
+  loop: "{{ gopass__required_packages }}"
 
 - name: Install Gopass
   ansible.builtin.package:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - gopass
+  loop:
+    - 'gopass'
 
 - name: Install gopass-jsonapi for browser integration
   ansible.builtin.package:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - gopass-jsonapi
+  loop:
+    - 'gopass-jsonapi'
   when: gopass__install_jsonapi | bool
 
 - name: Install gopass-hibp for haveibeenpwnd.com integration
   ansible.builtin.package:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - gopass-hibp
+  loop:
+    - 'gopass-hibp'
   when: gopass__install_haveibeenpwnd | bool
 
 - name: Install git-credential-gopass as git-credentials helper
   ansible.builtin.package:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - git-credential-gopass
+  loop:
+    - 'git-credential-gopass'
   when: gopass__install_git_credential | bool
 
 - name: Install zbar-tools for QR CodeReading using OTP Secrets
   ansible.builtin.package:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - zbar-tools
+  loop:
+    - 'zbar-tools'
   when: gopass__install_zbar_tools | bool
diff --git a/tasks/gopass-install/install-on-archlinux.yml b/tasks/gopass-install/install-on-archlinux.yml
index 8724e5b..a208bdd 100644
--- a/tasks/gopass-install/install-on-archlinux.yml
+++ b/tasks/gopass-install/install-on-archlinux.yml
@@ -1,58 +1,52 @@
 ---
-- name: Install requirements for gopass
+- name: Install requirements for gopass  # noqa: H1901
   become: true
   community.general.pacman:
     name: "{{ item }}"
-    state: present
+    state: 'present'
     update_cache: true
-  with_items:
-    - git
-    - gnupg
-    - rng-tools
-    - xsel
-    - xclip
-    - xorg-xclipboard
+  loop: "{{ gopass__required_archlinux_packages }}"
 
-- name: Install Gopass
+- name: Install Gopass  # noqa: H1901
   community.general.pacman:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - gopass
+  loop:
+    - 'gopass'
 
-- name: Install gopass-jsonapi for browser integration
+- name: Install gopass-jsonapi for browser integration  # noqa: H1901
   community.general.pacman:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - gopass-jsonapi
+  loop:
+    - 'gopass-jsonapi'
   when: gopass__install_jsonapi | bool
 
-- name: Install gopass-hibp for haveibeenpwnd.com integration
+- name: Install gopass-hibp for haveibeenpwnd.com integration  # noqa: H1901
   community.general.pacman:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - gopass-hibp
+  loop:
+    - 'gopass-hibp'
   when: gopass__install_haveibeenpwnd | bool
 
-- name: Install git-credential-gopass as git-credentials helper
+- name: Install git-credential-gopass as git-credentials helper  # noqa: H1901
   community.general.pacman:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - git-credential-gopass
+  loop:
+    - 'git-credential-gopass'
   when: gopass__install_git_credential | bool
 
-- name: Install zbar-tools for QR CodeReading using OTP Secrets
+- name: Install zbar-tools for QR CodeReading using OTP Secrets  # noqa: H1901
   community.general.pacman:
     name: "{{ item }}"
-    state: present
+    state: 'present'
   become: true
-  with_items:
-    - zbar-tools
+  loop:
+    - 'zbar-tools'
   when: gopass__install_zbar_tools | bool
diff --git a/tasks/gopass-install/install-on-debian.yml b/tasks/gopass-install/install-on-debian.yml
index 6b0dae8..f8a9428 100644
--- a/tasks/gopass-install/install-on-debian.yml
+++ b/tasks/gopass-install/install-on-debian.yml
@@ -9,12 +9,7 @@
   ansible.builtin.apt:
     name: "{{ item }}"
     state: present
-  with_items:
-    - git
-    - gnupg2
-    - rng-tools
-    - xsel
-    - xclip
+  loop: "{{ gopass__required_debian_packages }}"
 
 - name: Adding Gopass Package Repository
   when: gopass__add_apt_repo | bool
@@ -23,9 +18,9 @@
       ansible.builtin.get_url:
         url: https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg
         dest: "{{ gopass__keyring }}"
-        owner: root
-        group: root
-        mode: 0644
+        owner: 'root'
+        group: 'root'
+        mode: '0644'
       become: true
 
     - name: Add Gopass repository source
@@ -33,9 +28,9 @@
       ansible.builtin.template:
         src: "templates/apt.gopass.sources.j2"
         dest: '/etc/apt/sources.list.d/gopass.sources'
-        mode: 0644
-        group: root
-        owner: root
+        mode: '0644'
+        group: 'root'
+        owner: 'root'
       notify: Trigger apt update
 
     - name: Trigger Handlers
@@ -44,44 +39,44 @@
     - name: Install Gopass and Gopass archive keyring
       ansible.builtin.apt:
         name: "{{ item }}"
-        state: present
+        state: 'present'
       become: true
-      with_items:
-        - gopass-archive-keyring
-        - gopass
+      loop:
+        - 'gopass-archive-keyring'
+        - 'gopass'
 
     - name: Install gopass-jsonapi for browser integration
       ansible.builtin.apt:
         name: "{{ item }}"
-        state: present
+        state: 'present'
       become: true
-      with_items:
-        - gopass-jsonapi
+      loop:
+        - 'gopass-jsonapi'
       when: gopass__install_jsonapi | bool
 
     - name: Install gopass-hibp for haveibeenpwnd.com integration
       ansible.builtin.apt:
         name: "{{ item }}"
-        state: present
+        state: 'present'
       become: true
-      with_items:
-        - gopass-hibp
+      loop:
+        - 'gopass-hibp'
       when: gopass__install_haveibeenpwnd | bool
 
     - name: Install git-credential-gopass as git-credentials helper
       ansible.builtin.apt:
         name: "{{ item }}"
-        state: present
+        state: 'present'
       become: true
-      with_items:
-        - git-credential-gopass
+      loop:
+        - 'git-credential-gopass'
       when: gopass__install_git_credential | bool
 
     - name: Install zbar-tools for QR CodeReading using OTP Secrets
       ansible.builtin.apt:
         name: "{{ item }}"
-        state: present
+        state: 'present'
       become: true
-      with_items:
-        - zbar-tools
+      loop:
+        - 'zbar-tools'
       when: gopass__install_zbar_tools | bool
diff --git a/tasks/main.yml b/tasks/main.yml
index e49325e..e086f19 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,14 +1,9 @@
 ---
 - name: Run optional versionscheck
-  ansible.builtin.include_tasks: versioncheck.yml
+  ansible.builtin.include_tasks:
+    file: versioncheck.yml
   when: submodules_versioncheck | bool
 
 - name: Install GoPass Packages
-  ansible.builtin.include_tasks: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"
-  vars:
-    gopass_install:
-      files:
-        - "install-on-{{ ansible_os_family | lower }}.yml"
-        - 'install-gopass-default.yml'
-      paths:
-        - 'tasks/gopass-install'
+  ansible.builtin.include_tasks:
+    file: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"
diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml
index 647f93c..e660e3e 100644
--- a/tasks/versioncheck.yml
+++ b/tasks/versioncheck.yml
@@ -16,15 +16,14 @@
     src: "/etc/.ansible-version/{{ playbook_version_path }}"
   register: playbook_version
   when: submodules_versioncheck | bool
-  ignore_errors: true
   failed_when: false
 
-- name: Print remote role version
+- name: Print remote role version  # noqa: H500
   ansible.builtin.debug:
     msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
   when: submodules_versioncheck | bool
 
-- name: Print locale role version
+- name: Print locale role version  # noqa: H500
   ansible.builtin.debug:
     msg: "Local role version: '{{ playbook_version_number | string }}'."
   when: submodules_versioncheck | bool
@@ -33,7 +32,7 @@
   ansible.builtin.fail:
     msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
   when:
-    - playbook_version.content | default("Mgo=") | b64decode | int - 1 >= playbook_version_number | int and submodules_versioncheck | bool
+    - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool
 
 - name: Write new version to remote disk
   become: true
@@ -42,3 +41,4 @@
     dest: "/etc/.ansible-version/{{ playbook_version_path }}"
     mode: '0644'
   when: submodules_versioncheck | bool
+  tags: skip_ansible_lint_template-instead-of-copy
diff --git a/vars/main.yml b/vars/main.yml
index d0bbe88..5e103ee 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,5 +1,34 @@
 ---
-gopass__keyring: /usr/share/keyrings/gopass-archive-keyring.gpg
-# versionscheck
-playbook_version_number: 03   # should be a integer
+gopass__keyring: '/usr/share/keyrings/gopass-archive-keyring.gpg'
+gopass_install:
+  files:
+    - "install-on-{{ ansible_os_family | lower }}.yml"
+    - 'install-gopass-default.yml'
+  paths:
+    - 'tasks/gopass-install'
+
+gopass__required_packages:
+  - git
+  - gnupg
+  - rng-tools
+  - xsel
+  - xclip
+
+gopass__required_debian_packages:
+  - git
+  - gnupg2
+  - rng-tools
+  - xsel
+  - xclip
+
+gopass__required_archlinux_packages:
+  - git
+  - gnupg
+  - rng-tools
+  - xsel
+  - xclip
+  - xorg-xclipboard
+
+# simple versionscheck
+playbook_version_number: 04
 playbook_version_path: 'l3d.gopass.version'

From f30ae844995fa8de7b4ed658b86f11db0c3e89d4 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Sat, 28 Oct 2023 17:23:21 +0200
Subject: [PATCH 2/2] Adding requirements to README

---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index ab889bf..647707a 100644
--- a/README.md
+++ b/README.md
@@ -17,5 +17,12 @@ This role will only install the gopass passwordmanager. You have to configure an
 | ``gopass__install_zbar_tools`` | ``true`` | Install optional zbar tooling to read qrcodes |
 | ``submodules_versioncheck`` | ``false`` | Run optional versionscheck to prevent old versions of tis ansible |
 
+## Requirements
+The ``community.general`` collection is required for some parts of this ansible role.
+You can install it with this command:
+```bash
+ansible-galaxy collection install -r requirements.yml --upgrade
+```
+
 ## Contributing
 Please feel free to open a issue. Or suggest changes and improvements via Pull-Request. I will be happy to have a look at it.