Skip downlaoding the gpg if it's already trusted

[alex]

This saves on a network round trip (which increases reliability)

[hut8]

I'm having a lot of reliability issues with the key server which is making deploys less fun:

fatal: [example.com]: FAILED! => {"changed": false, "cmd": ["gpg", "--keyserver", "hkp://keys.gnupg.net", "--recv-keys", "D39DC0E3"], "delta": "0:00:00.060225", "end": "2016-06-21 22:57:35.806555", "failed": true, "rc": 2, "start": "2016-06-21 22:57:35.746330", "stderr": "gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net\ngpg: no valid OpenPGP data found.\ngpg: Total number processed: 0", "stdout": "gpgkeys: key D39DC0E3 can't be retrieved", "stdout_lines": ["gpgkeys: key D39DC0E3 can't be retrieved"], "warnings": []}

I can work on this tomorrow.

[georf]

Do you have an idea to do that?

[pjnagel]

@georf

Note that the workaround for #196 which I posted on that issue also contains an example of not downloading a key when the key is already trusted.

[georf]

Thank you. I lost track of it. I did this at my code:

- name: Check imported GPG keys
  command: 'gpg --no-tty --list-keys {{ item }}'
  changed_when: False
  check_mode: False
  when: not ansible_check_mode
  register: gpg_result
  retries: 5
  delay: 5
  ignore_errors: True
  with_items: '{{ rvm1_gpg_keys }}'

- name: Import GPG keys
  command: 'gpg --no-tty --keyserver {{ rvm1_gpg_key_server }} --recv-keys {{ item.item }}'
  when: not ansible_check_mode and item.rc != 0 
  with_items: '{{ gpg_result.results }}'

For this the rvm1_gpg_keys variable have to be an array.

[mcg]

TASK [rvm : Import GPG keys from keyservers] can be super slow at times. Would love to see this change implemented.