From 752188a208d1f5bf46d5ffa54e7084838c760d26 Mon Sep 17 00:00:00 2001
From: Chris Croome <chris@webarchitects.co.uk>
Date: Wed, 6 Jul 2022 17:20:44 +0100
Subject: [PATCH] Use jc to extract GPG fingerprints

---
 README.md     |  9 +++++++--
 tasks/apt.yml | 10 +---------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 73f0590..3f6f1d3 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,6 @@
 
 Ansible Role to install [Docker CE](https://docs.docker.com/engine/installation/linux/docker-ce/debian/) on Debian and Ubuntu.
 
-
 This role can also optionally install the last version of `docker-compose` version 1, [Docker Compose 1.29.2 ](https://github.com/docker/compose/tree/5becea4ca9f68875334c92f191a13482bcd6e5cf#docker-compose) and [Compose Switch](https://github.com/docker/compose-switch).
 
 See the [defaults/main.yml](defaults/main.yml) for the default settings and [vars/main.yml](vars/main.yml) for the `gpg` and `apt` variables.
@@ -71,7 +70,13 @@ docker_daemon:
     - 9.9.9.9
 ```
 
-The role uses `.sources` rather than `.list` files for `apt` and it also checks the `gpg` public key used to sign packages and limits what packages can be installed from the Docker repo.
+The role uses `.sources` rather than `.list` files for `apt`, see the Debian wiki page with [instructions to connect to a third-party repository](https://wiki.debian.org/DebianRepository/UseThirdParty) and it also checks the `gpg` public key used to sign packages and limits what packages can be installed from the Docker repo.
+
+This role requires [jc](https://github.com/kellyjonbrazil/jc) version `1.20.2` or later to be installed on the Ansible controller using `pip` for the parsing of GPG command output, `jc` can be [installed using Ansible](https://git.coop/webarch/jc/), or simply run:
+
+```bash
+pip3 install jc
+```
 
 The primary URL of this repo is [`https://git.coop/webarch/docker`](https://git.coop/webarch/docker) however it is also [mirrored to GitHub](https://github.com/webarch-coop/ansible-role-docker) and [available via Ansible Galaxy](https://galaxy.ansible.com/chriscroome/docker).
 
diff --git a/tasks/apt.yml b/tasks/apt.yml
index 751aa3a..4fa823f 100644
--- a/tasks/apt.yml
+++ b/tasks/apt.yml
@@ -92,19 +92,11 @@
           ansible.builtin.set_fact:
             docker_gpg_fingerprints_found: "{{ docker_gpg.stdout | community.general.jc('gpg') | community.general.json_query('[?type==`fpr`].user_id') | list }}"
 
-        - name: Debug vars
-          debug:
-            var: docker_gpg_fingerprints_found
-
-        - name: Debug vars
-          debug:
-            var: docker_gpg_fingerprints[0]
-
         - name: Docker gpg key check first fingerprint for GPG versions less that 2.2.12
           ansible.builtin.assert:
             that:
               - docker_gpg_fingerprints_found[0] == docker_gpg_fingerprints[0]
-          # when: ansible_local.gpg.version is version('2.2.12', '<')
+          when: ansible_local.gpg.version is version('2.2.12', '<')
 
         - name: Docker gpg key check all fingerprints
           ansible.builtin.assert:
-- 
GitLab