diff --git a/tests/tasks/run_role_with_clear_facts.yml b/tests/tasks/run_role_with_clear_facts.yml new file mode 100644 index 0000000..33a0fc2 --- /dev/null +++ b/tests/tasks/run_role_with_clear_facts.yml @@ -0,0 +1,37 @@ +--- +# Task file: clear_facts, run linux-system-roles.sudo. +# Include this with include_tasks or import_tasks +# Input: +# - __sr_tasks_from: tasks_from to run - same as tasks_from in include_role +# - __sr_public: export private vars from role - same as public in include_role +# - __sr_failed_when: set to false to ignore role errors - same as failed_when in include_role +- name: Clear facts + meta: clear_facts + +# note that you can use failed_when with import_role but not with include_role +# so this simulates the __sr_failed_when false case +# Q: Why do we need a separate task to run the role normally? Why not just +# run the role in the block and rethrow the error in the rescue block? +# A: Because you cannot rethrow the error in exactly the same way as the role does. +# It might be possible to exactly reconstruct ansible_failed_result but it's not worth the effort. +- name: Run the role with __sr_failed_when false + when: + - __sr_failed_when is defined + - not __sr_failed_when + block: + - name: Run the role + include_role: + name: linux-system-roles.sudo + tasks_from: "{{ __sr_tasks_from | default('main') }}" + public: "{{ __sr_public | default(false) }}" + rescue: + - name: Ignore the failure when __sr_failed_when is false + debug: + msg: Ignoring failure when __sr_failed_when is false + +- name: Run the role normally + include_role: + name: linux-system-roles.sudo + tasks_from: "{{ __sr_tasks_from | default('main') }}" + public: "{{ __sr_public | default(false) }}" + when: __sr_failed_when | d(true) diff --git a/tests/tests_check_if_configured.yml b/tests/tests_check_if_configured.yml index 168ebaa..6fc37e4 100644 --- a/tests/tests_check_if_configured.yml +++ b/tests/tests_check_if_configured.yml @@ -2,7 +2,6 @@ --- - name: Ensure that the role runs with default parameters hosts: all - gather_facts: false # test that role works in this case tasks: - name: Run tests block: @@ -32,8 +31,7 @@ changed_when: true - name: Run the role - include_role: - name: linux-system-roles.sudo + include_tasks: tasks/run_role_with_clear_facts.yml vars: sudo_check_if_configured: true diff --git a/tests/tests_default.yml b/tests/tests_default.yml index e58871b..dbb1a1b 100644 --- a/tests/tests_default.yml +++ b/tests/tests_default.yml @@ -2,7 +2,6 @@ --- - name: Ensure that the role runs with default parameters hosts: all - gather_facts: false # test that role works in this case tasks: - name: Run tests block: @@ -11,8 +10,7 @@ when: not __bootc_validation | d(false) - name: Run the role - include_role: - name: linux-system-roles.sudo + include_tasks: tasks/run_role_with_clear_facts.yml vars: sudo_check_if_configured: false when: not __bootc_validation | d(false) diff --git a/tests/tests_include_vars_from_parent.yml b/tests/tests_include_vars_from_parent.yml index 5236e90..53b0d1c 100644 --- a/tests/tests_include_vars_from_parent.yml +++ b/tests/tests_include_vars_from_parent.yml @@ -1,7 +1,6 @@ --- - name: Test role include variable override hosts: all - gather_facts: true tasks: - name: Run tests block: diff --git a/tests/tests_large_configuration.yml b/tests/tests_large_configuration.yml index 926c8c1..af58ec6 100644 --- a/tests/tests_large_configuration.yml +++ b/tests/tests_large_configuration.yml @@ -8,8 +8,7 @@ include_tasks: tasks/setup.yml - name: Run the role - include_role: - name: linux-system-roles.sudo + include_tasks: tasks/run_role_with_clear_facts.yml vars: sudo_rewrite_default_sudoers_file: true sudo_remove_unauthorized_included_files: true diff --git a/tests/tests_multiple_sudoers.yml b/tests/tests_multiple_sudoers.yml index 7b87d41..981a750 100644 --- a/tests/tests_multiple_sudoers.yml +++ b/tests/tests_multiple_sudoers.yml @@ -8,8 +8,7 @@ include_tasks: tasks/setup.yml - name: Run the role - include_role: - name: linux-system-roles.sudo + include_tasks: tasks/run_role_with_clear_facts.yml vars: sudo_rewrite_default_sudoers_file: true sudo_remove_unauthorized_included_files: true diff --git a/tests/tests_role_applied.yml b/tests/tests_role_applied.yml index b932cd7..751f2a9 100644 --- a/tests/tests_role_applied.yml +++ b/tests/tests_role_applied.yml @@ -8,8 +8,7 @@ include_tasks: tasks/setup.yml - name: Run the role - include_role: - name: linux-system-roles.sudo + include_tasks: tasks/run_role_with_clear_facts.yml vars: sudo_rewrite_default_sudoers_file: true sudo_remove_unauthorized_included_files: true diff --git a/tests/tests_scan_sudoers.yml b/tests/tests_scan_sudoers.yml index f968273..7e8e917 100644 --- a/tests/tests_scan_sudoers.yml +++ b/tests/tests_scan_sudoers.yml @@ -2,7 +2,6 @@ --- - name: Ensure that the role can parse existing sudoers hosts: all - gather_facts: false # test that role works in this case vars: alias_values: Cmnd_Alias: @@ -55,8 +54,7 @@ mode: preserve - name: Run the role - include_role: - name: linux-system-roles.sudo + include_tasks: tasks/run_role_with_clear_facts.yml vars: sudo_rewrite_default_sudoers_file: true sudo_remove_unauthorized_included_files: true diff --git a/tests/unit/test_scan_sudoers.py b/tests/unit/test_scan_sudoers.py index a98bea7..db13710 100644 --- a/tests/unit/test_scan_sudoers.py +++ b/tests/unit/test_scan_sudoers.py @@ -5,7 +5,6 @@ # """Unit tests for the scan_sudoers module""" - from __future__ import absolute_import, division, print_function __metaclass__ = type