---

- name: Check if repo public key is in pacman keyring
  ansible.builtin.command:
    argv:
      - pacman-key
      - --list-keys
      - "{{ aur_repo_client_public_key_fingerprint }}"
  register: repo_key_check
  failed_when: repo_key_check.rc not in [0, 1]
  changed_when: false

- name: Add repo public key to pacman keyring
  when: repo_key_check.rc == 1
  block:

    - name: Import the repo public key
      ansible.builtin.command:
        argv:
          - pacman-key
          - --recv-keys
          - "{{ aur_repo_client_public_key_fingerprint }}"
          - --keyserver
          - "{{ aur_repo_client_keyserver }}"
      changed_when: true

    - name: Trust the repo public key
      ansible.builtin.command:
        argv:
          - pacman-key
          - --lsign-key
          - "{{ aur_repo_client_public_key_fingerprint }}"
      changed_when: true

- name: Add home repo block to pacman.conf
  ansible.builtin.blockinfile:
    path: /etc/pacman.conf
    block: |
      [{{ aur_repo_client_repo_name }}]
      SigLevel = Required TrustedOnly
      Server = {{ aur_repo_client_repo_address }}
    create: false
    state: present
    insertafter: EOF
  register: add_pacman_repo

- name: Update pacman database # noqa: no-handler
  when: add_pacman_repo.changed
  community.general.pacman:
    update_cache: true