From dfe2448e8691908e3be5de5938d35967f0edd2f7 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 21 Sep 2023 16:05:08 +0200
Subject: [PATCH] pki: fix conventions and idioms

---
 pki/tasks/main.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/pki/tasks/main.yml b/pki/tasks/main.yml
index f4d78ceb..55ef9be1 100644
--- a/pki/tasks/main.yml
+++ b/pki/tasks/main.yml
@@ -6,27 +6,29 @@
   apt:
     name: python-cryptography
     state: present
-  when: ansible_python['executable'] == "/usr/bin/python"
+  when: ansible_python_version is version('3', '<')
 
 - name: Install python 3 cryptography
   apt:
     name: python3-cryptography
     state: present
-  when: ansible_python['executable'] == "/usr/bin/python3"
+  when: ansible_python_version is version('3', '>=')
 
 - name: Creates PKI tree directories
   file:
     path: "{{ item }}"
-    mode: 0700
+    mode: "0700"
     state: directory
   loop:
     - "{{ pki_dir }}/certs"
     - "{{ pki_dir }}/private"
 
 
-# Create Certificat Authority (CA)
+# Create Certificate Authority (CA)
 - include: ca.yml
-  when: inventory_hostname == pki_ca_host and not ansible_check_mode
+  when:
+    - not ansible_check_mode
+    - inventory_hostname == pki_ca_host
 
 
 # Create a certificate signed by the CA