git: Removing 1pass. Need blockinfile now.

TechDufus · Feb 13, 2025 · 7d750a0 · 7d750a0
1 parent 2a0c825
commit 7d750a0
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 31 deletions.
diff --git a/roles/git/files/allowed_signers b/roles/git/files/allowed_signers
diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml
@@ -114,29 +114,19 @@
     state: directory
     mode: "0755"
 
-- name: "Git | Read allowed_signers secret from 1Password"
-  when: op_installed
-  block:
-    - name: "1Password | Get allowed_signers"
-      ansible.builtin.command: "op read '{{ op.git.allowed_signers }}'"
-      register: op_git_ssh_allowed_signers
-      changed_when: false
-      no_log: true
-
-    - name: "1Password | Configure ~/.config/git/allowed_signers"
-      ansible.builtin.lineinfile:
-        path: "{{ ansible_user_dir }}/.config/git/allowed_signers"
-        line: "{{ op_git_ssh_allowed_signers.stdout }}"
-        mode: "0600"
-        create: true
-      no_log: true
+- name: "1Password | Get allowed_signers"
+  ansible.builtin.command: "op read '{{ op.git.allowed_signers }}'"
+  register: op_git_ssh_allowed_signers
+  changed_when: false
+  no_log: true
 
-- name: "Git | Configure ~/.config/git/allowed_signers"
-  when: not op_installed
-  ansible.builtin.copy:
-    src: allowed_signers
-    dest: "{{ ansible_user_dir }}/.config/git/allowed_signers"
+- name: "1Password | Configure ~/.config/git/allowed_signers"
+  ansible.builtin.blockinfile:
+    path: "{{ ansible_user_dir }}/.config/git/allowed_signers"
+    block: "{{ op_git_ssh_allowed_signers.stdout }}"
     mode: "0600"
+    create: true
+  no_log: true
 
 - name: "Git | Set gpg.ssh.allowedSignersFile"
   community.general.git_config: