I have defined a role : say A
another role B which includes role A
in role B when I try to use variables defined in A, I get var undefined error.
I tried using public: yes when including role A. Still same issue.
This is correct behaviour?
Or I should be able to use variables defined in a role in my tasks/ role tasks after including it?
This behavior is expected.
The variables defined in Role A should be scoped for A unless defined within your inventory or any of the other places outside the role that variables are defined.
If variables from a role were implicitly available broadly through their declaration, you can have nasty side effects and potential security problems.
Recommend looking at https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html for more info.
Yeah, I will assume so.
But the confusing was https://docs.ansible.com/ansible/latest/modules/include_role_module.html
The public option while including role that is described as
This option dictates whether the role’s vars and defaults are exposed to the playbook. If set to yes the variables will be available to tasks following the include_role task. This functionality differs from standard variable exposure for roles listed under the rolesheader or import_role as they are exposed at playbook parsing time, and available to earlier roles and tasks as well.
Ah, so the documentation in this regard might be very literal where the role variables are only available to the playbook and not the role importing the role:
This option dictates whether the role’s
varsanddefaultsare exposed to the playbook. If set toyesthe variables will be available to tasks following theinclude_roletask. This functionality differs from standard variable exposure for roles listed under therolesheader orimport_roleas they are exposed at playbook parsing time, and available to earlier roles and tasks as well.
You might look more at source code with the variable manager to see where your issue might be as I wasn’t considering this particular case in your initial question; I thought you were talking about a role listing another as a dependency via meta/main.yml
role “vars” are scoped to the play, not the role. role “params”, which are different than vars, are scoped to the role. include_role and import_role do not support params, only vars.