I have a action block to add an ssh key to a remote server from an archive:
block:
- name: Create unique tempdir path
local_action:
module: ansible.builtin.tempfile
state: directory
suffix: _sshpub
register: temp_dir
- name: Create the temp directory in the file system
local_action:
module: ansible.builtin.file
path: temp_dir.path
state: directory
mode: '0755'
- name: Extract public key
local_action:
module: ansible.builtin.unarchive
src: "{{ [configs_dir , arc_name] | path_join }}"
dest: "{{ temp_dir.path }}"
- name: Add SSH public key to remote server
ansible.posix.authorized_key:
user: "broleo"
key: "{{ lookup('file', item) }}"
state: present
loop:
- "{{ [temp_dir.path, keyfile_name] | path_join }}"
When I run this the first time I get 3 “changed” actions: “Create unique tempdir path”, “Extract public key” and “Add multiple SSH public keys to remote server”.
When i run it again, the main action “Add multiple SSH public keys to remote server” doesn’t show the “changed” status, which is good, beacsue it does not add the key again.
However the helper actions “Create unique tempdir path” and “Extract public key” still show up as “changed” giving in the summary report 2 changed actions – but nothing really has changed.
Do people care about this? – And what is the best way to clean this block up so that it only shows a “changed” status when really the key store has changed.
Thanks for any comments and suggestions!