From f20e3bf3557451047a3ab035de503cd2ce35a550 Mon Sep 17 00:00:00 2001
From: Egor Tensin <Egor.Tensin@gmail.com>
Date: Sun, 21 May 2023 19:01:59 +0200
Subject: fix some ansible-lint warnings

---
 roles/pacman/tasks/main.yml | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

(limited to 'roles/pacman/tasks/main.yml')

diff --git a/roles/pacman/tasks/main.yml b/roles/pacman/tasks/main.yml
index e628873..ed9250d 100644
--- a/roles/pacman/tasks/main.yml
+++ b/roles/pacman/tasks/main.yml
@@ -1,4 +1,5 @@
-- become: true
+- name: Upgrade packages or fail gracefully
+  become: true
   block:
     - name: Upgrade packages
       community.general.pacman:
@@ -7,31 +8,35 @@
       register: pacman_result
       notify: reboot
 
-    - debug:
+    - name: Show upgraded packages
+      ansible.builtin.debug:
         var: pacman_result.packages
       when: pacman_result.changed
 
     - name: Flush handlers
-      meta: flush_handlers
+      ansible.builtin.meta: flush_handlers
   rescue:
-    - fail:
+    - name: Fail if /etc is not versioned
+      ansible.builtin.fail:
         msg: Upgrading packages failed for an unknown reason!
       when: not etc_versioned
 
     - name: Check for changes in /etc
-      command: git status --porcelain=v1
+      ansible.builtin.command: git status --porcelain=v1
       args:
         chdir: /etc
       register: git_status
       changed_when: false
       failed_when: false
 
-    - fail:
+    - name: Fail if there're no unstaged changes in /etc
+      ansible.builtin.fail:
         msg: Upgrading packages failed for an unknown reason!
       when: not git_status.stdout
 
     - name: All changes in /etc are in pacman.d/gnupg?
-      shell: |
+      ansible.builtin.shell: |
+        set -o pipefail && \
         git status --porcelain=v1 \
             | cut -c 4- \
             | grep -G -v '^pacman.d/gnupg/'
@@ -42,20 +47,21 @@
       failed_when: false
 
     - name: Commit changes in /etc
-      command: |
+      ansible.builtin.command: |
         etckeeper commit 'pacman: GPG keys'
       when: git_status.stdout and only_gnupg.rc != 0
 
-    - name: Upgrade packages after GPG keys
+    - name: Retry upgrading packages
       community.general.pacman:
         update_cache: true
         upgrade: true
       register: pacman_result
       notify: reboot
 
-    - debug:
+    - name: Show upgraded packages
+      ansible.builtin.debug:
         var: pacman_result.packages
       when: pacman_result.changed
 
     - name: Flush handlers
-      meta: flush_handlers
+      ansible.builtin.meta: flush_handlers
-- 
cgit v1.2.3