If you run the role again with the same nbde_client_bindings, will it do all of these steps again, and report that something changed? If so, I'm not sure how to prevent that from happening - how would you know ahead of time that you have already brought the managed hosts to the desired state?
_Originally posted by @richm in https://github.com/linux-system-roles/nbde_client/pull/3/files#r439106448_
passphrase_temporary is definitely not idempotent, because first time it will remove the passphrase and second time it will fail.
If you run the role again with the same
nbde_client_bindings, will it do all of these steps again, and report that something changed? If so, I'm not sure how to prevent that from happening - how would you know ahead of time that you have already brought the managed hosts to the desired state? _Originally posted by @richm in https://github.com/linux-system-roles/nbde_client/pull/3/files#r439106448_passphrase_temporary is definitely not idempotent, because first time it will remove the passphrase and second time it will fail.