From 60f6342682e62f72e31b2737966de9c45c3e485f Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Fri, 18 Nov 2022 21:53:12 -0800
Subject: [PATCH] basessh: try and only act on items with a /etc/ssh path

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/basessh/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/basessh/tasks/main.yml b/roles/basessh/tasks/main.yml
index e4140ba519..2fd3ad4a21 100644
--- a/roles/basessh/tasks/main.yml
+++ b/roles/basessh/tasks/main.yml
@@ -122,7 +122,7 @@
   set_fact:
     certs_to_sign: "{{certs_to_sign}} + [ '{{item.item.path}}' ]"
   with_items: "{{ssh_cert_files.results}}"
-  when: not item.stat.exists
+  when: not item.stat.exists and item.item.path.startswith('/etc/ssh')
   tags:
   - basessh
   - sshd_cert