From 9330040e008a7fe544e1d337da9840ff9cae8b57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hannes=20K=C3=B6rber?= <hannes@hkoerber.de>
Date: Wed, 2 Oct 2024 23:18:45 +0200
Subject: [PATCH] dotfiles-directory: Rework permission assertion

---
 playbook.yml | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/playbook.yml b/playbook.yml
index cf7e29c..3d6b558 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -136,17 +136,29 @@
           become: true
           become_user: root
 
-        - name: fix permissions for dotfiles directory
+        - name: fix group for dotfiles directory
           shell: |
-            chown --changes --recursive dotfiles:dotfiles .
-            chmod --changes --recursive g+rwX .
+            chgrp --changes --recursive dotfiles . | grep -v "changed group of './.git/index'"
+          args:
+            executable: /bin/bash
+            chdir: /var/lib/dotfiles
+          register: dotfiles_group_change
+          become: true
+          become_user: root
+          failed_when: dotfiles_group_change.rc not in (0, 1)
+          changed_when: dotfiles_group_change.rc == 0 # == lines selected, i.e. some output
+
+        - name: fix group permissions for dotfiles directory
+          shell: |
+            chmod --changes --recursive g+rwX . | grep -v "mode of './.git/index'"
           args:
             executable: /bin/bash
             chdir: /var/lib/dotfiles
           register: dotfiles_permission_change
           become: true
           become_user: root
-          changed_when: dotfiles_permission_change.stdout_lines|length > 0
+          failed_when: dotfiles_permission_change.rc not in (0, 1)
+          changed_when: dotfiles_permission_change.rc == 0 # == lines selected, i.e. some output
 
     - name: packages
       tags: