- name: Test if secret exists in file for {{ item.name }}
  shell: grep -c "^{{ item.name }}_secret" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
  register: secret_test_grep
  
- name: Create secret for {{ item.name }}
  shell: "openssl rand -hex 32"
  register: secret
  when: secret_test_grep.stdout == '0'

- name: Show secret json for {{ item.name }}
  debug:
    msg: "{{ secret }}"
    verbosity: 2
  when: secret_test_grep.stdout == '0'

- name: Write secret for {{ item.name }}
  lineinfile:
    path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
    line: "{{ item.name }}_secret: \"{{ secret.stdout }}\""
  when: secret_test_grep.stdout == '0'