After some debugging, I finally conclude this is minor bug, but reporting anyway.
molecule converge runs fine:
❯ molecule converge
WARNING Driver podman does not provide a schema.
INFO default scenario test matrix: dependency, create, prepare, converge
INFO Performing prerun with role_name_check=0...
INFO Running default > dependency
[...]
PLAY RECAP *********************************************************************
users-fedora-latest : ok=119 changed=29 unreachable=0 failed=0 skipped=119 rescued=1 ignored=0
molecule converge 55,64s user 24,87s system 50% cpu 2:41,00 total
But molecule verify afterwards shows an error:
❯ molecule verify
WARNING Driver podman does not provide a schema.
INFO default scenario test matrix: verify
INFO Performing prerun with role_name_check=0...
INFO Running default > verify
INFO Running Ansible Verifier
INFO Sanity checks: 'podman'
PLAY [Verify] ******************************************************************
TASK [Get system users data for {{ user.name }}] *******************************
fatal: [users-fedora-latest]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'user' is undefined\n\nThe error appears to be in '/home/jkirk/projects/ansible/ansible-role-users/molecule/default/verify.yml': line 10, column 11, but
may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n block:\n - name: Get system users data for {{ user.name }}\n ^ here\nWe could be wrong, but this one looks like it might be an issue with\nmiss
ing quotes. Always quote template expression brackets when they\nstart a value. For instance:\n\n with_items:\n - {{ foo }}\n\nShould be written as:\n\n with_items:\n - \"{{ foo }}\"\n"}
TASK [User not found, using /home] *********************************************
ok: [users-fedora-latest]
TASK [Record status of .ssh] ***************************************************
ok: [users-fedora-latest]
TASK [Check if user notuser does not exist] ************************************
ok: [users-fedora-latest]
TASK [Check if unauthorized keys are deleted] **********************************
ok: [users-fedora-latest]
PLAY RECAP *********************************************************************
users-fedora-latest : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=1 ignored=0
Please consider a look up of the home directory of user keyuser like something like this:
diff --git molecule/default/verify.yml molecule/default/verify.yml
index 108c1e9..e2ded1b 100644
--- molecule/default/verify.yml
+++ molecule/default/verify.yml
@@ -3,19 +3,21 @@
hosts: all
become: true
gather_facts: false
+ vars:
+ user_name: 'keyuser'
tasks:
- - name: Get or set the home directory for {{ user.name }}
+ - name: Get or set the home directory for {{ user_name }}
block:
- - name: Get system users data for {{ user.name }}
+ - name: Get system users data for {{ user_name }}
ansible.builtin.getent:
database: passwd
- key: "{{ user.name }}"
+ key: "{{ user_name }}"
split: ":"
- - name: Set base home directory to {{ getent_passwd[user.name][4] | dirname }}
+ - name: Set base home directory to {{ getent_passwd[user_name][4] | dirname }}
ansible.builtin.set_fact:
- users_home_base_dir: "{{ getent_passwd[user.name][4] | dirname }}"
+ users_home_base_dir: "{{ getent_passwd[user_name][4] | dirname }}"
rescue:
- name: User not found, using /home
@@ -24,7 +26,7 @@
- name: Record status of .ssh
ansible.builtin.stat:
- path: "{{ users_home_base_dir }}/keyuser/.ssh"
+ path: "{{ users_home_base_dir }}/{{ user_name }}/.ssh"
register: result
failed_when:
- not result.stat.exists
Or setting users_home_base_dir without this block.
I can prepare a PR if you like. Just tell me, if you are fine which solution you prefer.
Describe the bug
After some debugging, I finally conclude this is minor bug, but reporting anyway.
molecule convergeruns fine:But
molecule verifyafterwards shows an error:The fact, that
'user' is undefinedis "rescued" here https://github.com/robertdebock/ansible-role-users/blob/d57497592d3afdc3b06495af632728d9e7f22a27/molecule/default/verify.yml#L20-L23), and we always end up using/homeas the home directory.This kinda "works", but I think, this makes no sense without something like "Loop over users" like here: https://github.com/robertdebock/ansible-role-users/blob/d57497592d3afdc3b06495af632728d9e7f22a27/tasks/main.yml#L33-L41
Please consider a look up of the home directory of user
keyuserlike something like this:Or setting
users_home_base_dirwithout this block.I can prepare a PR if you like. Just tell me, if you are fine which solution you prefer.
Thanks again, for your work and roles!