keytab: ansible-lint fixes

roles/keytab/tasks/main.yml

@@ -1,14 +1,12 @@
 ---
-- name: check if keytab exists
+- name: Check if keytab exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ keytab }}"
   register: keytab_status
   check_mode: false
 
-- block:
+- name: Add principal to keytab
-    - block:
+  ansible.builtin.command:
-        - name: "add principal to keytab"
-          command:
     argv:
       - kadmin.local
       - -x
@@ -18,22 +16,33 @@
       - "/tmp/{{ inventory_hostname }}.kt"
       - "{{ item }}"
   with_items: "{{ principals }}"
-        - name: get keytab
+  delegate_to: ldap01.home.foo.sh
-          command: "base64 /tmp/{{ inventory_hostname }}.kt"
+  when: not keytab_status.stat.exists
+
+- name: Get keytab
+  ansible.builtin.command:
+    argv:
+      - base64
+      - "/tmp/{{ inventory_hostname }}.kt"
     register: keytab_data
-        - name: delete temporary file
+  delegate_to: ldap01.home.foo.sh
-          file:
+  when: not keytab_status.stat.exists
+
+- name: Delete temporary file
+  ansible.builtin.file:
     path: "/tmp/{{ inventory_hostname }}.kt"
     state: absent
   delegate_to: ldap01.home.foo.sh
-    - name: deploy keytab file
+  when: not keytab_status.stat.exists
-      shell: >-
+
+- name: Deploy keytab file
+  ansible.builtin.shell: >-
     umask 077 &&
     echo '{{ keytab_data.stdout }}' | base64 -d > {{ keytab }}
   when: not keytab_status.stat.exists
 
-- name: check keytab permissions
+- name: Check keytab permissions
-  file:
+  ansible.builtin.file:
     path: "{{ keytab }}"
     mode: "{% if group == ansible_wheel %}0600{% else %}0640{% endif %}"
     owner: root