--- - name: Verify hosts: all gather_facts: true tasks: - name: "Test: file /etc/hosts" block: - name: "Stat file /etc/hosts" ansible.builtin.stat: path: "/etc/hosts" register: stat_etc_hosts - name: "Verify file /etc/hosts" ansible.builtin.assert: that: - stat_etc_hosts.stat.exists - stat_etc_hosts.stat.isreg - stat_etc_hosts.stat.pw_name == 'root' - stat_etc_hosts.stat.gr_name == 'root' - name: "Test: file /etc/apt/sources.list" block: - name: "Stat file /etc/apt/sources.list" ansible.builtin.stat: path: "/etc/apt/sources.list" register: stat_etc_apt_sources_list - name: "Slurp file /etc/apt/sources.list" ansible.builtin.slurp: src: "/etc/apt/sources.list" register: slurp_etc_apt_sources_list - name: "Verify file /etc/apt/sources.list" ansible.builtin.assert: that: - stat_etc_apt_sources_list.stat.exists - stat_etc_apt_sources_list.stat.isreg - stat_etc_apt_sources_list.stat.pw_name == 'root' - stat_etc_apt_sources_list.stat.gr_name == 'root' - stat_etc_apt_sources_list.stat.mode == '0644' - name: "Verify file /etc/apt/sources.list" vars: expected_source_list_content: | # See /etc/apt/sources.list.d/{{ ansible_distribution|lower }}.sources ansible.builtin.assert: that: - "(slurp_etc_apt_sources_list.content|b64decode) == expected_source_list_content" - name: "Test: file /etc/apt/sources.list.d/{{ ansible_distribution|lower }}" block: - name: "Stat /etc/apt/sources.list.d/{{ ansible_distribution|lower }}" ansible.builtin.stat: path: "/etc/apt/sources.list.d/{{ ansible_distribution|lower }}.sources" register: stat_etc_apt_sources_list_d - name: "Slurp file /etc/apt/sources.list.d/{{ ansible_distribution|lower }}" ansible.builtin.slurp: src: "/etc/apt/sources.list.d/{{ ansible_distribution|lower }}.sources" register: slurp_etc_apt_sources_list_d - name: "Verify file /etc/apt/sources.list.d/{{ ansible_distribution|lower }}" ansible.builtin.assert: that: - stat_etc_apt_sources_list_d.stat.exists - stat_etc_apt_sources_list_d.stat.isreg - stat_etc_apt_sources_list_d.stat.pw_name == 'root' - stat_etc_apt_sources_list_d.stat.gr_name == 'root' - stat_etc_apt_sources_list_d.stat.mode == '0644' - name: test debug: msg: "{{ slurp_etc_apt_sources_list_d.content|b64decode }}" - name: "Verify file /etc/apt/sources.list.d/{{ ansible_distribution|lower }}" vars: expected_source_list_content: ubuntu: | X-Repolib-Name: ubuntu Types: deb URIs: http://fr.archive.ubuntu.com/ubuntu Suites: {{ ansible_distribution_release }} {{ ansible_distribution_release }}-security {{ ansible_distribution_release }}-updates {{ ansible_distribution_release }}-backports Components: main restricted universe multiverse debian: | X-Repolib-Name: debian Types: deb URIs: http://deb.debian.org/debian Suites: {{ ansible_distribution_release }} {{ ansible_distribution_release }}-updates {{ ansible_distribution_release }}-backports Components: main ansible.builtin.assert: that: - "(slurp_etc_apt_sources_list_d.content|b64decode) == expected_source_list_content[ansible_distribution|lower]" - name: "Test: directory /etc/apt/sources.list.d" block: - name: "Find in directory /etc/apt/sources.list.d" ansible.builtin.find: paths: /etc/apt/sources.list.d file_type: file register: find_etc_apt_sources_list_d - name: "Stat in directory /etc/apt/sources.list.d" ansible.builtin.stat: path: "{{ item.path }}" loop: "{{ find_etc_apt_sources_list_d.files }}" register: stat_etc_apt_sources_list_d - name: "Slurp in directory /etc/apt/sources.list.d" ansible.builtin.slurp: src: "{{ item.path }}" loop: "{{ find_etc_apt_sources_list_d.files }}" register: slurp_etc_apt_sources_list_d - name: "Verify file /etc/apt/sources.list.d/docker.list" vars: expected_source_list_docker_content: | # Ansible managed: Do NOT edit this file manually! # {{ ansible_distribution|lower }} docker repository X-Repolib-Name: docker Types: deb URIs: https://download.docker.com/linux/{{ ansible_distribution|lower }} Suites: {{ ansible_distribution_release }} Components: stable Signed-By: /usr/share/keyrings/docker-archive-keyring.asc ansible.builtin.assert: that: - item.item.isreg - item.item.pw_name == 'root' - item.item.gr_name == 'root' - item.item.mode == '0644' - "(item.content|b64decode) == expected_source_list_docker_content" loop: "{{ slurp_etc_apt_sources_list_d.results }}" when: (item.item.path | basename | splitext | first) == 'docker' - name: "Verify file /etc/apt/sources.list.d/hashicorp.list" vars: expected_source_list_hashicorp_content: | # Ansible managed: Do NOT edit this file manually! # hashicorp repository X-Repolib-Name: hashicorp Types: deb URIs: https://apt.releases.hashicorp.com Suites: {{ ansible_distribution_release }} Components: main Signed-By: /usr/share/keyrings/hashicorp-archive-keyring.asc ansible.builtin.assert: that: - item.item.isreg - item.item.pw_name == 'root' - item.item.gr_name == 'root' - item.item.mode == '0644' - "(item.content|b64decode) == expected_source_list_hashicorp_content" loop: "{{ slurp_etc_apt_sources_list_d.results }}" when: (item.item.path | basename | splitext | first) == 'hashicorp'