Running the role in dry-run / check mode error

[metabsd]

If I want to run the role in check mode I got an error and I think I know the cause.

TASK [dsglaser.cis_security.cis_security : Determine if /dev/shm has nodev set] ***
skipping: [templates8.saq.qc.ca] => {"changed": false, "msg": "skipped, running in check mode"}
TASK [dsglaser.cis_security.cis_security : 1.1.15 - Report to user] ************
fatal: [templates8.saq.qc.ca]: FAILED! => {"msg": "The conditional check 'devshm_nodev_out is defined and devshm_nodev_out.stdout' failed. The error was: error while evaluating conditional (devshm_nodev_out is defined and devshm_nodev_out.stdout): 'dict object' has no attribute 'stdout'\n\nThe error appears to be in '/tmp/awx_121_fzv6u2ra/requirements_collections/ansible_collections/dsglaser/cis_security/roles/cis_security/tasks/type-files/redhat-8-type.yml': line 352, column 9, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n  # Let the user know if we did not find the option set.\n      - name: 1.1.15 - Report to user\n        ^ here\n"}

I think I got an error because the step dsglaser.cis_security.cis_security : Determine if /dev/shm has nodev set is skipped so dsglaser.cis_security.cis_security : 1.1.15 - Report to user cannont access empty data.

[metabsd]

I think I have to skip 1.7.1.5 because I disable selinux.

[dsglaser]

Yeah, the reports are generated for /dev/shm with a shell command which won't run in check mode. I took a look at it and because it's not making changes, I modified the task so it will run when it's in check mode, so from now on it should work.

For 1.7.1.5, if you don't have selinux installed or it isn't running, the ansible_selinux fact shouldn't be populated and it won't run. Is that what you are seeing?

[dsglaser]

You should be able to run the master branch in check mode on all RHEL type variants.

[metabsd]

Thx a lot!