Add a conclusion/todo-list

+ more generic on the gitea username
+ several corrections

roles/jenkins-php-v1/tasks/30_users.yml

@@ -11,12 +11,26 @@
 
 - name: Generate a password for the Gitea user
   set_fact:
-    giteaPassword: "{{ lookup('password', '/dev/null chars=ascii_letters') }}"
+    giteaPassword: "{{ lookup('password', '/dev/null chars=ascii_letters') }}"  # preferably no colons in password, for HTTP's URL simplicity
   when: createGiteaUser
+  no_log: yes
 
-- name: Create Gitea user
-  shell: echo 'jenkins.model.Jenkins.instance.securityRealm.createAccount("gitea", "{{ giteaPassword | quote }}")' | "{{ jenkins_cli_command }}" groovy =
+- name: Retrieve the password for the post_install message
+  slurp:
+    src: "{{ jenkins_gitea_password_file }}"
+  register: tmp
+  when: not createGiteaUser
+  no_log: yes
+- name: Set the password as a fact
+  set_fact:
+    giteaPassword: "{{ tmp.content | b64decode | trim }}"
+  when: not createGiteaUser
+  no_log: yes
+
+- name: Create webhook dedicated user
+  shell: echo 'jenkins.model.Jenkins.instance.securityRealm.createAccount("{{ giteaUsername | quote }}", "{{ giteaPassword | quote }}")' | {{ jenkins_cli_command }} groovy =
   when: createGiteaUser
+  no_log: yes
 
 - name: Upload the new password
   copy:
@@ -26,4 +40,6 @@
     group: jenkins
     mode: 0600
   when: createGiteaUser
-  #no_log: yes  # FIXME: actually, we want to know it to tell the user to set a URL with it in Gitea. Add a debug msg maybe ?
+  # Note : We still need a way to tell the user how to be authenticated for the webhook.
+  #        For the time being, we store it here and display it at the end of the playbook.
+  no_log: yes