diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 4bcc437..6350473 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.provision_ansible_user" ansible.builtin.include_role: diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 7105ce6..e0c5394 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -1,23 +1,9 @@ --- - name: Verify hosts: all - gather_facts: false + gather_facts: true + become: true tasks: - - name: "Test: file /etc/hosts" - block: - - name: "Stat file /etc/hosts" - ansible.builtin.stat: - path: "/etc/hosts" - register: stat_etc_hosts - - - name: "Verify file /etc/hosts" - ansible.builtin.assert: - that: - - stat_etc_hosts.stat.exists - - stat_etc_hosts.stat.isreg - - stat_etc_hosts.stat.pw_name == 'root' - - stat_etc_hosts.stat.gr_name == 'root' - - name: "Test: ansible user and group" block: - name: "Getent user ansible" @@ -48,7 +34,6 @@ ansible.builtin.stat: path: "/etc/sudoers.d/ansible" register: stat_etc_sudoers_d_ansible - become: true - name: "Verify file /etc/sudoers.d/ansible" ansible.builtin.assert: @@ -61,7 +46,6 @@ ansible.builtin.stat: path: "/opt/ansible/.ssh/authorized_keys" register: stat_opt_ansible_ssh_authorized_keys - become: true - name: "Verify file /opt/ansible/.ssh/authorized_keys" ansible.builtin.assert: diff --git a/molecule/default_vagrant/converge.yml b/molecule/default_vagrant/converge.yml index 4bcc437..6350473 100644 --- a/molecule/default_vagrant/converge.yml +++ b/molecule/default_vagrant/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.provision_ansible_user" ansible.builtin.include_role: diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_vagrant/verify.yml index ca1120d..e0c5394 100644 --- a/molecule/default_vagrant/verify.yml +++ b/molecule/default_vagrant/verify.yml @@ -2,26 +2,8 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - - name: "Test: file /etc/hosts" - block: - - name: "Stat file /etc/hosts" - ansible.builtin.stat: - path: "/etc/hosts" - register: stat_etc_hosts - - - name: "Verify file /etc/hosts" - vars: - etc_hosts_group: - ubuntu: "adm" - debian: "root" - ansible.builtin.assert: - that: - - stat_etc_hosts.stat.exists - - stat_etc_hosts.stat.isreg - - stat_etc_hosts.stat.pw_name == 'root' - - stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)] - - name: "Test: ansible user and group" block: - name: "Getent user ansible" @@ -52,7 +34,6 @@ ansible.builtin.stat: path: "/etc/sudoers.d/ansible" register: stat_etc_sudoers_d_ansible - become: true - name: "Verify file /etc/sudoers.d/ansible" ansible.builtin.assert: @@ -65,7 +46,6 @@ ansible.builtin.stat: path: "/opt/ansible/.ssh/authorized_keys" register: stat_opt_ansible_ssh_authorized_keys - become: true - name: "Verify file /opt/ansible/.ssh/authorized_keys" ansible.builtin.assert: diff --git a/molecule/with_ssh_keys/converge.yml b/molecule/with_ssh_keys/converge.yml index 4bcc437..6350473 100644 --- a/molecule/with_ssh_keys/converge.yml +++ b/molecule/with_ssh_keys/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.provision_ansible_user" ansible.builtin.include_role: diff --git a/molecule/with_ssh_keys/verify.yml b/molecule/with_ssh_keys/verify.yml index 8085d31..fd2382e 100644 --- a/molecule/with_ssh_keys/verify.yml +++ b/molecule/with_ssh_keys/verify.yml @@ -1,23 +1,9 @@ --- - name: Verify hosts: all - gather_facts: false + gather_facts: true + become: true tasks: - - name: "Test: file /etc/hosts" - block: - - name: "Stat file /etc/hosts" - ansible.builtin.stat: - path: "/etc/hosts" - register: stat_etc_hosts - - - name: "Verify file /etc/hosts" - ansible.builtin.assert: - that: - - stat_etc_hosts.stat.exists - - stat_etc_hosts.stat.isreg - - stat_etc_hosts.stat.pw_name == 'root' - - stat_etc_hosts.stat.gr_name == 'root' - - name: "Test: ansible user and group" block: - name: "Getent user ansible" @@ -48,13 +34,11 @@ ansible.builtin.stat: path: "/etc/sudoers.d/ansible" register: stat_etc_sudoers_d_ansible - become: true - name: "Slurp file /etc/sudoers.d/ansible" ansible.builtin.slurp: src: "/etc/sudoers.d/ansible" register: slurp_etc_sudoers_d_ansible - become: true - name: "Verify file /etc/sudoers.d/ansible" ansible.builtin.assert: @@ -72,13 +56,11 @@ ansible.builtin.stat: path: "/opt/ansible/.ssh/authorized_keys" register: stat_opt_ansible_ssh_authorized_keys - become: true - name: "Slurp file /opt/ansible/.ssh/authorized_keys" ansible.builtin.slurp: src: "/opt/ansible/.ssh/authorized_keys" register: slurp_opt_ansible_ssh_authorized_keys - become: true - name: "Verify file /opt/ansible/.ssh/authorized_keys" ansible.builtin.assert: diff --git a/molecule/with_ssh_keys_vagrant/converge.yml b/molecule/with_ssh_keys_vagrant/converge.yml index 4bcc437..6350473 100644 --- a/molecule/with_ssh_keys_vagrant/converge.yml +++ b/molecule/with_ssh_keys_vagrant/converge.yml @@ -1,6 +1,7 @@ --- - name: Converge hosts: all + become: true tasks: - name: "Include ednxzu.provision_ansible_user" ansible.builtin.include_role: diff --git a/molecule/with_ssh_keys_vagrant/verify.yml b/molecule/with_ssh_keys_vagrant/verify.yml index d11ee54..fd2382e 100644 --- a/molecule/with_ssh_keys_vagrant/verify.yml +++ b/molecule/with_ssh_keys_vagrant/verify.yml @@ -2,26 +2,8 @@ - name: Verify hosts: all gather_facts: true + become: true tasks: - - name: "Test: file /etc/hosts" - block: - - name: "Stat file /etc/hosts" - ansible.builtin.stat: - path: "/etc/hosts" - register: stat_etc_hosts - - - name: "Verify file /etc/hosts" - vars: - etc_hosts_group: - ubuntu: "adm" - debian: "root" - ansible.builtin.assert: - that: - - stat_etc_hosts.stat.exists - - stat_etc_hosts.stat.isreg - - stat_etc_hosts.stat.pw_name == 'root' - - stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)] - - name: "Test: ansible user and group" block: - name: "Getent user ansible" @@ -52,13 +34,11 @@ ansible.builtin.stat: path: "/etc/sudoers.d/ansible" register: stat_etc_sudoers_d_ansible - become: true - name: "Slurp file /etc/sudoers.d/ansible" ansible.builtin.slurp: src: "/etc/sudoers.d/ansible" register: slurp_etc_sudoers_d_ansible - become: true - name: "Verify file /etc/sudoers.d/ansible" ansible.builtin.assert: @@ -76,13 +56,11 @@ ansible.builtin.stat: path: "/opt/ansible/.ssh/authorized_keys" register: stat_opt_ansible_ssh_authorized_keys - become: true - name: "Slurp file /opt/ansible/.ssh/authorized_keys" ansible.builtin.slurp: src: "/opt/ansible/.ssh/authorized_keys" register: slurp_opt_ansible_ssh_authorized_keys - become: true - name: "Verify file /opt/ansible/.ssh/authorized_keys" ansible.builtin.assert: diff --git a/tasks/add_ssh_keys.yml b/tasks/add_ssh_keys.yml index aa285ef..165bf2e 100644 --- a/tasks/add_ssh_keys.yml +++ b/tasks/add_ssh_keys.yml @@ -7,4 +7,3 @@ comment: "{{ provision_ansible_user_name }}@{{ ansible_hostname }}" key_options: "{{ provision_ansible_user_ssh_key_options }}" exclusive: "{{ provision_ansible_user_ssh_key_exclusive }}" - become: true \ No newline at end of file diff --git a/tasks/create_user.yml b/tasks/create_user.yml index 26fdafd..bfe73d6 100644 --- a/tasks/create_user.yml +++ b/tasks/create_user.yml @@ -5,7 +5,7 @@ name: "{{ provision_ansible_user_group }}" state: present system: "{{ provision_ansible_user_is_system }}" - become: true + - name: "Create user {{ provision_ansible_user_name }}" ansible.builtin.user: @@ -17,7 +17,7 @@ shell: "{{ provision_ansible_user_shell }}" system: "{{ provision_ansible_user_is_system }}" create_home: true - become: true + - name: "Add user to sudoers" community.general.sudoers: @@ -27,4 +27,3 @@ nopassword: true setenv: true when: provision_ansible_user_sudoer - become: true