Ansible-playbook does not working with dictionary and with_items loop!

Gittes · September 17, 2025, 10:22pm

ansible-playbook is not working with dictionary and a with_items loop!), here’s part of the role and dictionary:

global_groups:
  production_ansible:
    gid: 10001
  staging_ansible:
    gid: 20001
  grafana:
    gid: 10501
  prometheus:
    gid: 10502
  zookeeper:
    gid: 10503
  rundeck:
    gid: 10504
  nginx:
    gid: 10505
  gnupgserver:
    gid: 10506
  sequoia:
    gid: 10507

  - name: user management set global groups macOS
    tags:
      - user_mgmt
      - admin_accounts
    group:
      name:     "{{ item }}"
#      gid:      "{{ custom_groups[item].gid if custom_groups[item] is defined else global_groups[item].gid | mandatory }}"
      gid:      "{{ global_groups[item].gid | mandatory }}"
      state:    "{{ global_groups[item].state | default('present') }}"
#      gid:      "{{ item.gid | mandatory }}"
#      state:    "{{ item.state | default('present') }}"
    with_list: global_groups
    when:
      - (global_groups[item].state|default('present')) == 'present'
#      - item not in skip_groups

Here is the output:

TASK [common : include_tasks] ******************************************************************************************************************************************************************************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/main.yml:32                                                                                                                                  
included: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml for capsule-v-001-mm038                                                                                                        
                                                                                                                                                                                                                                                
TASK [common : user management set global groups macOS] ****************************************************************************************************************************************************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20                                                                                                                            
[ERROR]: Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'global_groups' not defined.                
                                                                                                                                                                                                                                                
Task failed.                                                                                                                                                                                                                                    
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20:5                                                                                                                             

18 #      - item not in skip_groups
19
20   - name: user management set global groups macOS
       ^ column 5

<<< caused by >>>

Finalization of task args for 'ansible.builtin.group' failed.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:24:5

22       - user_mgmt
23       - admin_accounts
24     group:
       ^ column 5

<<< caused by >>>

Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'global_groups' not defined.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:27:17

25       name:     "{{ item }}"
26 #      gid:      "{{ custom_groups[item].gid if custom_groups[item] is defined else global_groups[item].gid | mand... 
27       gid:      "{{ global_groups[item].gid | mandatory }}"
                   ^ column 17

failed: [capsule-v-001-mm038] (item=global_groups) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "global_groups",
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'global_groups' not defined."
}

Also, it works if I put it in a dedicated playbook:


---

- name: My First Play
  hosts: all
  tasks:
    - name: debug global_groups
      debug:
        var: global_groups
      tags:
        - test
    - name: debug user management set global groups macOS
      tags:
        - user_mgmt
        - admin_accounts
      debug:
        var: "{{ item }}"
      with_items: global_groups
      when:
        - (global_groups[item].state|default('present')) == 'present'
#        - item not in skip_groups

...
# vim:ft=ansible

Output:

TASK [debug global_groups] *********************************************************************************************************************************************************************************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/debug_global_groups.yml:7                                                                                                                             
ok: [capsule-v-001-mm038] => {                                                                                                                                                                                                                  
    "global_groups": {                                                                                                                                                                                                                          
        "gnupgserver": {                                                                                                                                                                                                                        
            "gid": 10506                                                                                                                                                                                                                        
        },                                                                                                                                                                                                                                      
        "grafana": {                                                                                                                                                                                                                            
            "gid": 10501                                                                                                                                                                                                                        
        },                                                                                                                                                                                                                                      
        "nginx": {                                                                                                                                                                                                                              
            "gid": 10505                                                                                                                                                                                                                        
        },                                                                                                                                                                                                                                      
        "production_ansible": {                                                                                                                                                                                                                 
            "gid": 10001                                                                                                                                                                                                                        
        },                                                                                                                                                                                                                                      
        "prometheus": {                                                                                                                                                                                                                         
            "gid": 10502                                                                                                                                                                                                                        
        },                                                                                                                                                                                                                                      
        "rundeck": {                                                                                                                                                                                                                            
            "gid": 10504                                                                                                                                                                                                                        
        },                                                                                                                                                                                                                                      
        "sequoia": {                                                                                                                                                                                                                            
            "gid": 10507
        },
        "staging_ansible": {
            "gid": 20001
        },
        "zookeeper": {
            "gid": 10503
        }
    }
}
                                                                                                                                                                                                                                                
TASK [debug user management set global groups macOS] *******************************************************************************************************************************************************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/debug_global_groups.yml:12
ok: [capsule-v-001-mm038] => (item=global_groups) => {
    "global_groups": {
        "gnupgserver": {
            "gid": 10506
        },
        "grafana": {
            "gid": 10501
        },
        "nginx": {
            "gid": 10505
        },
        "production_ansible": {
            "gid": 10001
        },
        "prometheus": {
            "gid": 10502
        },
        "rundeck": {
            "gid": 10504
        },
        "sequoia": {
            "gid": 10507
        },
        "staging_ansible": {
            "gid": 20001
        },
        "zookeeper": {
            "gid": 10503
        }
    },
    "item": "global_groups"
}

utoddl · September 18, 2025, 1:36am

It’s a bit of a stretch to say “it works” about the above tasks. First of all,

with_list: global_groups

Doesn’t do anything useful. with_list: expects to be given a list. You’ve given it a string which, by irrelevant coincidence, happens to be the name of a dict.

If you want to iterate over the items in that dict, I recommend using

loop: '{{ global_groups | dict2items  }}'

That will loop over your global_groups dict, making item look like this on respective iterations:

(item={'key': 'production_ansible', 'value': {'gid': 10001}})
(item={'key': 'staging_ansible', 'value': {'gid': 20001}})
(item={'key': 'grafana', 'value': {'gid': 10501}})
(item={'key': 'prometheus', 'value': {'gid': 10502}})
(item={'key': 'zookeeper', 'value': {'gid': 10503}})
(item={'key': 'rundeck', 'value': {'gid': 10504}})
(item={'key': 'nginx', 'value': {'gid': 10505}})
(item={'key': 'gnupgserver', 'value': {'gid': 10506}})
(item={'key': 'sequoia', 'value': {'gid': 10507}})

To get your task to work, you could try something like this:

    - name: User management set global groups macOS
      tags:
        - user_mgmt
        - admin_accounts
      ansible.builtin.group:
        name:  "{{ item.key }}"
        gid:   "{{ item.value.gid | mandatory }}"
        state: "{{ item.value.state | default('present') }}"
      loop: '{{ global_groups | dict2items  }}'
      when:
        - (item.value.state | default('present')) == 'present'

Working your custom_groups and skip_groups back in is left as an exercise for the reader.
Good luck!

Gittes · September 18, 2025, 2:27am

I tried putting:

loop: '{{ global_groups | dict2items  }}'

I get the same error too!

Why does it work on my playbook but not my role?

Should I remove the files in ~/.ansible/tmp ?

utoddl · September 18, 2025, 3:04am

It doesn’t work on your playbook. It’s confusing because the result you get is the result you expect, but not for the reasons you think.

Which error is that? Please show a complete input and the actual error so we can help you understand what’s going wrong.

It won’t hurt, but they’ll probably just get re-created / replaced on subsequent runs. If that’s not happening, then there may be a configuration issue, or they may be left over from some error condition. I wouldn’t worry about cleaning up ~/.ansible/tmp until we get the errors with your playbook / tasks worked out.

Gittes · September 19, 2025, 12:45am

It’s still not working?

I even tried to get rid of:

gid:   "{{ item.value.gid | mandatory }}"

to be:

gid:   "{{ item.value.gid }}"

I still get the same error!

utoddl · September 19, 2025, 1:22am

Which error is that? Please show a complete task and the actual error so we can help you understand what’s going wrong.

flowerysong · September 19, 2025, 4:01pm

The only error you’ve shown us is:

The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'global_groups' not defined.

It is impossible to still get this error if you have removed the use of the mandatory filter. If you haven’t corrected the other issue (incorrect loop specification) you should get something more like:

object of type 'dict' has no attribute 'global_groups'

(Note that I only trimmed these errors of context for pedagogical reasons, you should continue to provide the full task output.)

Based on the particular syntax choices made it looks like you might be starting with a very legacy codebase and trying to update it to work with modern Ansible. The task as written would have last worked with…Ansible 2.1, I think? Passing bare variable names to with_ loops was deprecated in 2.0, and the deprecation cycle was shorter back then.

Even though it’s not the most idiomatic way to write it, there’s nothing inherently unworkable about the original structure, . To change it more minimally than @utoddl suggested, you can do:

  - name: user management set global groups macOS
    tags:
      - user_mgmt
      - admin_accounts
    group:
      name:     "{{ item }}"
      gid:      "{{ global_groups[item].gid }}"
      state:    "{{ global_groups[item].state | default('present') }}"
    loop: "{{ global_groups | list }}"
    when:
      - (global_groups[item].state|default('present')) == 'present'

if that makes the necessary changes clearer to you.

utoddl · September 19, 2025, 5:36pm

That’s an interesting idea. I didn’t realize (or had forgotten) you could pass a dict through the list filter and get the dict keys.

Experimenting, it looks like

"{{ global_groups | list }}"

and

"{{ global_groups.keys() }}"

are equivalent.

I used to really chafe at using dict2items, but being able to look at each key and the corresponding value has grown on me. Nice to have several ways to do things.

Gittes · September 21, 2025, 4:24am

I’m having more issues!

I filed a bug with ansible GitHub:

github.com/ansible/ansible

ansible-plabook as issues with dictionary in role but with dedicated playbook

opened 04:19AM - 21 Sep 25 UTC

gittes

### Summary My playbook calling a role doesn't work but when I used a dedicated… playbook not calling a role with only the debug commands and it works. I'm running on MacOS version 15.4! I've ran Disk Utility on all volumes and I even ran with Homebrew: ``` brew reinstall $(brew deps ansible) ansible ``` ### Issue Type Bug Report ### Component Name ansible ### Ansible Version ```console $ ansible --version ansible [core 2.19.2] config file = /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg configured module search path = ['/Users/chris/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible ansible collection location = /Users/chris/.ansible/collections:/usr/share/ansible/collections executable location = /opt/homebrew/bin/ansible python version = 3.13.7 (main, Aug 14 2025, 11:12:11) [Clang 17.0.0 (clang-1700.0.13.3)] (/opt/homebrew/Cellar/ansible/12.0.0/libexec/bin/python) jinja version = 3.1.6 pyyaml version = 6.0.2 (with libyaml v0.2.5) ``` ### Configuration ```console # if using a version older than ansible-core 2.12 you should omit the '-t all' $ ansible-config dump --only-changed -t all ANSIBLE_PIPELINING(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = True CONFIG_FILE() = /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg DEFAULT_ROLES_PATH(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = ['/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles'] DEFAULT_VAULT_PASSWORD_FILE(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = /opt/ChrisWasHere/.secrets/ansible_vault_password.txt EDITOR(env: EDITOR) = vim INTERPRETER_PYTHON(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = auto_silent GALAXY_SERVERS: CONNECTION: ========== local: _____ pipelining(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = True psrp: ____ pipelining(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = True ssh: ___ pipelining(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = True winrm: _____ pipelining(/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg) = True ``` ### OS / Environment CAPSULE-V-001-MM037:MacStadium_ansible chris$ sw_vers ProductName: macOS ProductVersion: 15.4 BuildVersion: 24E248 Mac mini M4.M M4/10cCPU/10cGPU/24GB/512GB/10G ### Steps to Reproduce ```yaml (paste below) --- ## Add/remove users and groups defined in - name: All common roles hosts: renders become: true # var_files: # - ../vault/{{ environment }}_variables.yml #include_vars: # file: "../vault/{{ environment }}_variables.yml" vars: users_manage: true ansible_become_flags: --non-interactive roles: - common ... # vim:ft=ansible: ``` With just playbook: ``` --- - name: My First Play hosts: all tasks: - name: debug global_groups debug: var: global_groups tags: - test - name: debug user management set global groups macOS tags: - user_mgmt - admin_accounts debug: var: item with_items: global_groups when: - (global_groups[item].state|default('present')) == 'present' # - item not in skip_groups ... # vim:ft=ansible ``` Here's also the group_vars/all/group_list file: ``` --- # file: groups_vars/all/group_list [0/1865] # desc: Dictionary of all groups, both global and local. # Any group whose gid doesn't match the user's uid must be declared. # # Example: # (key) dba: # (required) gid: 10019 # (optional) state: present # global_groups: production_ansible: gid: 10001 staging_ansible: gid: 20001 grafana: gid: 10501 prometheus: gid: 10502 zookeeper: gid: 10503 rundeck: gid: 10504 nginx: gid: 10505 gnupgserver: gid: 10506 sequoia: gid: 10507 #group_list: # production_ansible: # gid: 10001 # staging_ansible: # gid: 20001 # grafana: # gid: 10501 # prometheus: # gid: 10502 # zookeeper: # gid: 10503 # rundeck: # gid: 10504 # nginx: # gid: 10505 ## These lists should be declared under group_vars or host_vars. These empty lists ## are here for compatibility. local_groups: [] custom_groups: {} local_remove_groups: [] local_admin_users: [] local_service_users: [] local_remove_users: [] custom_service_users: [] host_local_service_users: [] global_remove_groups: #local_remove_groups: #global_groups: #local_groups: ... # vim:ft=ansible ``` ### Expected Results It should just work! Here's the plain play book working: Command ran and output: ``` ansible-playbook --inventory inventory/staging/staging playbooks/debug_global_groups.yml --private-key ~/.ssh/staging_ansible_id_ed25519 --user staging_ansible --limit capsule-v-001-mm037 -vvvvv --skip-tags to_skip ansible-playbook [core 2.19.2] config file = /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg configured module search path = ['/Users/chris/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible ansible collection location = /Users/chris/.ansible/collections:/usr/share/ansible/collections executable location = /opt/homebrew/bin/ansible-playbook python version = 3.13.7 (main, Aug 14 2025, 11:12:11) [Clang 17.0.0 (clang-1700.0.13.3)] (/opt/homebrew/Cellar/ansible/12.0.0/libexec/bin/python) jinja version = 3.1.6 pyyaml version = 6.0.2 (with libyaml v0.2.5) Using /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg as config file Reading vault password file: /opt/ChrisWasHere/.secrets/ansible_vault_password.txt setting up inventory plugins Loading collection ansible.builtin from host_list declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method script declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method auto declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method Parsed /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging inventory source with yaml plugin Loading callback plugin default of type stdout, v2.0 from /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible/plugins/callback/default.py Attempting to use 'junit' callback. Attempting to use 'minimal' callback. Skipping callback 'minimal', as we already have a stdout callback. Attempting to use 'oneline' callback. Skipping callback 'oneline', as we already have a stdout callback. Attempting to use 'tree' callback. PLAYBOOK: debug_global_groups.yml ********************************************** Positional arguments: playbooks/debug_global_groups.yml verbosity: 5 private_key_file: /Users/chris/.ssh/staging_ansible_id_ed25519 remote_user: staging_ansible connection: ssh become_method: sudo tags: ('all',) skip_tags: ('to_skip',) inventory: ('/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging',) subset: capsule-v-001-mm037 forks: 5 1 plays in playbooks/debug_global_groups.yml PLAY [My First Play] *********************************************************** TASK [Gathering Facts] ********************************************************* task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/debug_global_groups.yml:4 Including module_utils file ansible/__init__.py Including module_utils file ansible/module_utils/__init__.py Including module_utils file ansible/module_utils/_internal/_ansiballz/_loader.py Including module_utils file ansible/module_utils/_internal/__init__.py Including module_utils file ansible/module_utils/_internal/_ansiballz/__init__.py Including module_utils file ansible/module_utils/_internal/_errors.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/_module_legacy_c2m.py Including module_utils file ansible/module_utils/_internal/_json/__init__.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/__init__.py Including module_utils file ansible/module_utils/_internal/_datatag/__init__.py Including module_utils file ansible/module_utils/_internal/_dataclass_validation.py Including module_utils file ansible/module_utils/_internal/_datatag/_tags.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/_module_legacy_m2c.py Including module_utils file ansible/module_utils/_internal/_messages.py Including module_utils file ansible/module_utils/_internal/_patches/_socket_patch.py Including module_utils file ansible/module_utils/_internal/_patches/__init__.py Including module_utils file ansible/module_utils/_internal/_patches/_sys_intern_patch.py Including module_utils file ansible/module_utils/_internal/_traceback.py Including module_utils file ansible/module_utils/_internal/_stack.py Including module_utils file ansible/module_utils/basic.py Including module_utils file ansible/module_utils/_internal/_debugging.py Including module_utils file ansible/module_utils/_internal/_deprecator.py Including module_utils file ansible/module_utils/_internal/_plugin_info.py Including module_utils file ansible/module_utils/_internal/_validation.py Including module_utils file ansible/module_utils/common/_utils.py Including module_utils file ansible/module_utils/common/__init__.py Including module_utils file ansible/module_utils/common/arg_spec.py Including module_utils file ansible/module_utils/common/file.py Including module_utils file ansible/module_utils/common/json.py Including module_utils file ansible/module_utils/_internal/_json/_legacy_encoder.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/_tagless.py Including module_utils file ansible/module_utils/common/locale.py Including module_utils file ansible/module_utils/common/parameters.py Including module_utils file ansible/module_utils/common/collections.py Including module_utils file ansible/module_utils/common/process.py Including module_utils file ansible/module_utils/common/sys_info.py Including module_utils file ansible/module_utils/common/text/converters.py Including module_utils file ansible/module_utils/common/text/__init__.py Including module_utils file ansible/module_utils/common/text/formatters.py Including module_utils file ansible/module_utils/common/validation.py Including module_utils file ansible/module_utils/common/warnings.py Including module_utils file ansible/module_utils/_internal/_event_utils.py Including module_utils file ansible/module_utils/_internal/_text_utils.py Including module_utils file ansible/module_utils/compat/selinux.py Including module_utils file ansible/module_utils/compat/__init__.py Including module_utils file ansible/module_utils/compat/typing.py Including module_utils file ansible/module_utils/_internal/_patches/_dataclass_annotation_patch.py Including module_utils file ansible/module_utils/datatag.py Including module_utils file ansible/module_utils/distro/__init__.py Including module_utils file ansible/module_utils/distro/_distro.py Including module_utils file ansible/module_utils/errors.py Including module_utils file ansible/module_utils/facts/ansible_collector.py Including module_utils file ansible/module_utils/facts/__init__.py Including module_utils file ansible/module_utils/facts/collector.py Including module_utils file ansible/module_utils/facts/compat.py Including module_utils file ansible/module_utils/facts/default_collectors.py Including module_utils file ansible/module_utils/facts/hardware/aix.py Including module_utils file ansible/module_utils/facts/hardware/__init__.py Including module_utils file ansible/module_utils/facts/hardware/base.py Including module_utils file ansible/module_utils/facts/hardware/darwin.py Including module_utils file ansible/module_utils/facts/hardware/dragonfly.py Including module_utils file ansible/module_utils/facts/hardware/freebsd.py Including module_utils file ansible/module_utils/facts/hardware/hpux.py Including module_utils file ansible/module_utils/facts/hardware/hurd.py Including module_utils file ansible/module_utils/facts/hardware/linux.py Including module_utils file ansible/module_utils/_internal/_concurrent/_futures.py Including module_utils file ansible/module_utils/_internal/_concurrent/__init__.py Including module_utils file ansible/module_utils/_internal/_concurrent/_daemon_threading.py Including module_utils file ansible/module_utils/facts/hardware/netbsd.py Including module_utils file ansible/module_utils/facts/hardware/openbsd.py Including module_utils file ansible/module_utils/facts/hardware/sunos.py Including module_utils file ansible/module_utils/facts/namespace.py Including module_utils file ansible/module_utils/facts/network/aix.py Including module_utils file ansible/module_utils/facts/network/__init__.py Including module_utils file ansible/module_utils/facts/network/base.py Including module_utils file ansible/module_utils/facts/network/darwin.py Including module_utils file ansible/module_utils/facts/network/dragonfly.py Including module_utils file ansible/module_utils/facts/network/fc_wwn.py Including module_utils file ansible/module_utils/facts/network/freebsd.py Including module_utils file ansible/module_utils/facts/network/generic_bsd.py Including module_utils file ansible/module_utils/facts/network/hpux.py Including module_utils file ansible/module_utils/facts/network/hurd.py Including module_utils file ansible/module_utils/facts/network/iscsi.py Including module_utils file ansible/module_utils/facts/network/linux.py Including module_utils file ansible/module_utils/facts/network/netbsd.py Including module_utils file ansible/module_utils/facts/network/nvme.py Including module_utils file ansible/module_utils/facts/network/openbsd.py Including module_utils file ansible/module_utils/facts/network/sunos.py Including module_utils file ansible/module_utils/facts/other/facter.py Including module_utils file ansible/module_utils/facts/other/__init__.py Including module_utils file ansible/module_utils/facts/other/ohai.py Including module_utils file ansible/module_utils/facts/sysctl.py Including module_utils file ansible/module_utils/facts/system/apparmor.py Including module_utils file ansible/module_utils/facts/system/__init__.py Including module_utils file ansible/module_utils/facts/system/caps.py Including module_utils file ansible/module_utils/facts/system/chroot.py Including module_utils file ansible/module_utils/facts/system/cmdline.py Including module_utils file ansible/module_utils/facts/system/date_time.py Including module_utils file ansible/module_utils/facts/system/distribution.py Including module_utils file ansible/module_utils/facts/system/dns.py Including module_utils file ansible/module_utils/facts/system/env.py Including module_utils file ansible/module_utils/facts/system/fips.py Including module_utils file ansible/module_utils/facts/system/loadavg.py Including module_utils file ansible/module_utils/facts/system/local.py Including module_utils file ansible/module_utils/facts/system/lsb.py Including module_utils file ansible/module_utils/facts/system/pkg_mgr.py Including module_utils file ansible/module_utils/facts/system/platform.py Including module_utils file ansible/module_utils/facts/system/python.py Including module_utils file ansible/module_utils/facts/system/selinux.py Including module_utils file ansible/module_utils/facts/system/service_mgr.py Including module_utils file ansible/module_utils/compat/version.py Including module_utils file ansible/module_utils/facts/system/ssh_pub_keys.py Including module_utils file ansible/module_utils/facts/system/systemd.py Including module_utils file ansible/module_utils/facts/system/user.py Including module_utils file ansible/module_utils/facts/timeout.py Including module_utils file ansible/module_utils/facts/utils.py Including module_utils file ansible/module_utils/facts/virtual/base.py Including module_utils file ansible/module_utils/facts/virtual/__init__.py Including module_utils file ansible/module_utils/facts/virtual/dragonfly.py Including module_utils file ansible/module_utils/facts/virtual/freebsd.py Including module_utils file ansible/module_utils/facts/virtual/hpux.py Including module_utils file ansible/module_utils/facts/virtual/linux.py Including module_utils file ansible/module_utils/facts/virtual/netbsd.py Including module_utils file ansible/module_utils/facts/virtual/openbsd.py Including module_utils file ansible/module_utils/facts/virtual/sunos.py Including module_utils file ansible/module_utils/facts/virtual/sysctl.py Including module_utils file ansible/module_utils/parsing/convert_bool.py Including module_utils file ansible/module_utils/parsing/__init__.py Including module_utils file ansible/module_utils/six/__init__.py <capsule-v-001-mm037> Attempting python interpreter discovery. <capsule-v-001-mm037> ESTABLISH LOCAL CONNECTION FOR USER: chris <capsule-v-001-mm037> EXEC /bin/sh -c 'echo FOUND; command -v '"'"'python3.13'"'"'; command -v '"'"'python3.12'"'"'; command -v '"'"'python3.11'"'"'; command -v '"'"'python3.10'"'"'; command -v '"'"'python3.9'"'"'; command -v '"'"'python3.8'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python3'"'"'; echo ENDFOUND && sleep 0' Using module file /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible/modules/setup.py Pipelining is enabled. <capsule-v-001-mm037> EXEC /bin/sh -c '/opt/homebrew/bin/python3.13 && sleep 0' ok: [capsule-v-001-mm037] TASK [debug global_groups] ***************************************************** task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/debug_global_groups.yml:7 ok: [capsule-v-001-mm037] => { "global_groups": { "gnupgserver": { "gid": 10506 }, "grafana": { "gid": 10501 }, "nginx": { "gid": 10505 }, "production_ansible": { "gid": 10001 }, "prometheus": { "gid": 10502 }, "rundeck": { "gid": 10504 }, "sequoia": { "gid": 10507 }, "staging_ansible": { "gid": 20001 }, "zookeeper": { "gid": 10503 } } } TASK [debug user management set global groups macOS] *************************** task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/debug_global_groups.yml:12 ok: [capsule-v-001-mm037] => (item=global_groups) => { "item": "global_groups" } PLAY RECAP ********************************************************************* capsule-v-001-mm037 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 ``` ### Actual Results ```console Role playbook that causes the error: ansible-playbook --inventory inventory/staging/staging playbooks/manage_users_and_groups.yml --private-key ~/.ssh/staging_ansible_id_ed25519 --user staging_ansible --limit capsule-v-001-mm038 -vvvvv --skip-tags to_skip ansible-playbook [core 2.19.2] config file = /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg configured module search path = ['/Users/chris/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible ansible collection location = /Users/chris/.ansible/collections:/usr/share/ansible/collections executable location = /opt/homebrew/bin/ansible-playbook python version = 3.13.7 (main, Aug 14 2025, 11:12:11) [Clang 17.0.0 (clang-1700.0.13.3)] (/opt/homebrew/Cellar/ansible/12.0.0/libexec/bin/python) jinja version = 3.1.6 pyyaml version = 6.0.2 (with libyaml v0.2.5) Using /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg as config file Reading vault password file: /opt/ChrisWasHere/.secrets/ansible_vault_password.txt setting up inventory plugins Loading collection ansible.builtin from host_list declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method script declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method auto declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method Parsed /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging inventory source with yaml plugin Loading collection community.general from /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible_collections/community/general Loading callback plugin default of type stdout, v2.0 from /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible/plugins/callback/default.py Attempting to use 'junit' callback. Attempting to use 'minimal' callback. Skipping callback 'minimal', as we already have a stdout callback. Attempting to use 'oneline' callback. Skipping callback 'oneline', as we already have a stdout callback. Attempting to use 'tree' callback. PLAYBOOK: manage_users_and_groups.yml ****************************************** Positional arguments: playbooks/manage_users_and_groups.yml verbosity: 5 private_key_file: /Users/chris/.ssh/staging_ansible_id_ed25519 remote_user: staging_ansible connection: ssh become_method: sudo tags: ('all',) skip_tags: ('to_skip',) inventory: ('/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging',) subset: capsule-v-001-mm038 forks: 5 1 plays in playbooks/manage_users_and_groups.yml PLAY [All common roles] ******************************************************** TASK [Gathering Facts] ********************************************************* task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/manage_users_and_groups.yml:4 Including module_utils file ansible/__init__.py Including module_utils file ansible/module_utils/__init__.py Including module_utils file ansible/module_utils/_internal/_ansiballz/_loader.py Including module_utils file ansible/module_utils/_internal/__init__.py Including module_utils file ansible/module_utils/_internal/_ansiballz/__init__.py Including module_utils file ansible/module_utils/_internal/_errors.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/_module_legacy_c2m.py Including module_utils file ansible/module_utils/_internal/_json/__init__.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/__init__.py Including module_utils file ansible/module_utils/_internal/_datatag/__init__.py Including module_utils file ansible/module_utils/_internal/_dataclass_validation.py Including module_utils file ansible/module_utils/_internal/_datatag/_tags.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/_module_legacy_m2c.py Including module_utils file ansible/module_utils/_internal/_messages.py Including module_utils file ansible/module_utils/_internal/_patches/_socket_patch.py Including module_utils file ansible/module_utils/_internal/_patches/__init__.py Including module_utils file ansible/module_utils/_internal/_patches/_sys_intern_patch.py Including module_utils file ansible/module_utils/_internal/_traceback.py Including module_utils file ansible/module_utils/_internal/_stack.py Including module_utils file ansible/module_utils/basic.py Including module_utils file ansible/module_utils/_internal/_debugging.py Including module_utils file ansible/module_utils/_internal/_deprecator.py Including module_utils file ansible/module_utils/_internal/_plugin_info.py Including module_utils file ansible/module_utils/_internal/_validation.py Including module_utils file ansible/module_utils/common/_utils.py Including module_utils file ansible/module_utils/common/__init__.py Including module_utils file ansible/module_utils/common/arg_spec.py Including module_utils file ansible/module_utils/common/file.py Including module_utils file ansible/module_utils/common/json.py Including module_utils file ansible/module_utils/_internal/_json/_legacy_encoder.py Including module_utils file ansible/module_utils/_internal/_json/_profiles/_tagless.py Including module_utils file ansible/module_utils/common/locale.py Including module_utils file ansible/module_utils/common/parameters.py Including module_utils file ansible/module_utils/common/collections.py Including module_utils file ansible/module_utils/common/process.py Including module_utils file ansible/module_utils/common/sys_info.py Including module_utils file ansible/module_utils/common/text/converters.py Including module_utils file ansible/module_utils/common/text/__init__.py Including module_utils file ansible/module_utils/common/text/formatters.py Including module_utils file ansible/module_utils/common/validation.py Including module_utils file ansible/module_utils/common/warnings.py Including module_utils file ansible/module_utils/_internal/_event_utils.py Including module_utils file ansible/module_utils/_internal/_text_utils.py Including module_utils file ansible/module_utils/compat/selinux.py Including module_utils file ansible/module_utils/compat/__init__.py Including module_utils file ansible/module_utils/compat/typing.py Including module_utils file ansible/module_utils/_internal/_patches/_dataclass_annotation_patch.py Including module_utils file ansible/module_utils/datatag.py Including module_utils file ansible/module_utils/distro/__init__.py Including module_utils file ansible/module_utils/distro/_distro.py Including module_utils file ansible/module_utils/errors.py Including module_utils file ansible/module_utils/facts/ansible_collector.py Including module_utils file ansible/module_utils/facts/__init__.py Including module_utils file ansible/module_utils/facts/collector.py Including module_utils file ansible/module_utils/facts/compat.py Including module_utils file ansible/module_utils/facts/default_collectors.py Including module_utils file ansible/module_utils/facts/hardware/aix.py Including module_utils file ansible/module_utils/facts/hardware/__init__.py Including module_utils file ansible/module_utils/facts/hardware/base.py Including module_utils file ansible/module_utils/facts/hardware/darwin.py Including module_utils file ansible/module_utils/facts/hardware/dragonfly.py Including module_utils file ansible/module_utils/facts/hardware/freebsd.py Including module_utils file ansible/module_utils/facts/hardware/hpux.py Including module_utils file ansible/module_utils/facts/hardware/hurd.py Including module_utils file ansible/module_utils/facts/hardware/linux.py Including module_utils file ansible/module_utils/_internal/_concurrent/_futures.py Including module_utils file ansible/module_utils/_internal/_concurrent/__init__.py Including module_utils file ansible/module_utils/_internal/_concurrent/_daemon_threading.py Including module_utils file ansible/module_utils/facts/hardware/netbsd.py Including module_utils file ansible/module_utils/facts/hardware/openbsd.py Including module_utils file ansible/module_utils/facts/hardware/sunos.py Including module_utils file ansible/module_utils/facts/namespace.py Including module_utils file ansible/module_utils/facts/network/aix.py Including module_utils file ansible/module_utils/facts/network/__init__.py Including module_utils file ansible/module_utils/facts/network/base.py Including module_utils file ansible/module_utils/facts/network/darwin.py Including module_utils file ansible/module_utils/facts/network/dragonfly.py Including module_utils file ansible/module_utils/facts/network/fc_wwn.py Including module_utils file ansible/module_utils/facts/network/freebsd.py Including module_utils file ansible/module_utils/facts/network/generic_bsd.py Including module_utils file ansible/module_utils/facts/network/hpux.py Including module_utils file ansible/module_utils/facts/network/hurd.py Including module_utils file ansible/module_utils/facts/network/iscsi.py Including module_utils file ansible/module_utils/facts/network/linux.py Including module_utils file ansible/module_utils/facts/network/netbsd.py Including module_utils file ansible/module_utils/facts/network/nvme.py Including module_utils file ansible/module_utils/facts/network/openbsd.py Including module_utils file ansible/module_utils/facts/network/sunos.py Including module_utils file ansible/module_utils/facts/other/facter.py Including module_utils file ansible/module_utils/facts/other/__init__.py Including module_utils file ansible/module_utils/facts/other/ohai.py Including module_utils file ansible/module_utils/facts/sysctl.py Including module_utils file ansible/module_utils/facts/system/apparmor.py Including module_utils file ansible/module_utils/facts/system/__init__.py Including module_utils file ansible/module_utils/facts/system/caps.py Including module_utils file ansible/module_utils/facts/system/chroot.py Including module_utils file ansible/module_utils/facts/system/cmdline.py Including module_utils file ansible/module_utils/facts/system/date_time.py Including module_utils file ansible/module_utils/facts/system/distribution.py Including module_utils file ansible/module_utils/facts/system/dns.py Including module_utils file ansible/module_utils/facts/system/env.py Including module_utils file ansible/module_utils/facts/system/fips.py Including module_utils file ansible/module_utils/facts/system/loadavg.py Including module_utils file ansible/module_utils/facts/system/local.py Including module_utils file ansible/module_utils/facts/system/lsb.py Including module_utils file ansible/module_utils/facts/system/pkg_mgr.py Including module_utils file ansible/module_utils/facts/system/platform.py Including module_utils file ansible/module_utils/facts/system/python.py Including module_utils file ansible/module_utils/facts/system/selinux.py Including module_utils file ansible/module_utils/facts/system/service_mgr.py Including module_utils file ansible/module_utils/compat/version.py Including module_utils file ansible/module_utils/facts/system/ssh_pub_keys.py Including module_utils file ansible/module_utils/facts/system/systemd.py Including module_utils file ansible/module_utils/facts/system/user.py Including module_utils file ansible/module_utils/facts/timeout.py Including module_utils file ansible/module_utils/facts/utils.py Including module_utils file ansible/module_utils/facts/virtual/base.py Including module_utils file ansible/module_utils/facts/virtual/__init__.py Including module_utils file ansible/module_utils/facts/virtual/dragonfly.py Including module_utils file ansible/module_utils/facts/virtual/freebsd.py Including module_utils file ansible/module_utils/facts/virtual/hpux.py Including module_utils file ansible/module_utils/facts/virtual/linux.py Including module_utils file ansible/module_utils/facts/virtual/netbsd.py Including module_utils file ansible/module_utils/facts/virtual/openbsd.py Including module_utils file ansible/module_utils/facts/virtual/sunos.py Including module_utils file ansible/module_utils/facts/virtual/sysctl.py Including module_utils file ansible/module_utils/parsing/convert_bool.py Including module_utils file ansible/module_utils/parsing/__init__.py Including module_utils file ansible/module_utils/six/__init__.py <capsule-v-001-mm038> Attempting python interpreter discovery. <10.210.106.48> ESTABLISH SSH CONNECTION FOR USER: staging_ansible <10.210.106.48> SSH: ansible.cfg set ssh_args: (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) <10.210.106.48> SSH: ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set: (-o)(IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519") <10.210.106.48> SSH: ansible_password/ansible_ssh_password not set: (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) <10.210.106.48> SSH: ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User="staging_ansible") <10.210.106.48> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) <10.210.106.48> SSH: Set ssh_common_args: () <10.210.106.48> SSH: Set ssh_extra_args: () <10.210.106.48> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath="/Users/chris/.ansible/cp/e5c04d892f") <10.210.106.48> SSH: Restrict number of password prompts in case incorrect password is provided.: (-o)(NumberOfPasswordPrompts=1) <10.210.106.48> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="staging_ansible"' -o ConnectTimeout=10 -o 'ControlPath="/Users/chris/.ansible/cp/e5c04d892f"' -o NumberOfPasswordPrompts=1 10.210.106.48 '/bin/sh -c '"'"'echo FOUND; command -v '"'"'"'"'"'"'"'"'python3.13'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.12'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.11'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.10'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.9'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.8'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'/usr/bin/python3'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3'"'"'"'"'"'"'"'"'; echo ENDFOUND && sleep 0'"'"'' <10.210.106.48> (0, b'FOUND\n/usr/bin/python3\n/usr/bin/python3\nENDFOUND\n', b'') Using module file /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible/modules/setup.py Pipelining is enabled. <10.210.106.48> ESTABLISH SSH CONNECTION FOR USER: staging_ansible <10.210.106.48> SSH: ansible.cfg set ssh_args: (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) <10.210.106.48> SSH: ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set: (-o)(IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519") <10.210.106.48> SSH: ansible_password/ansible_ssh_password not set: (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) <10.210.106.48> SSH: ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User="staging_ansible") <10.210.106.48> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) <10.210.106.48> SSH: Set ssh_common_args: () <10.210.106.48> SSH: Set ssh_extra_args: () <10.210.106.48> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath="/Users/chris/.ansible/cp/e5c04d892f") <10.210.106.48> SSH: Restrict number of password prompts in case incorrect password is provided.: (-o)(NumberOfPasswordPrompts=1) <10.210.106.48> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="staging_ansible"' -o ConnectTimeout=10 -o 'ControlPath="/Users/chris/.ansible/cp/e5c04d892f"' -o NumberOfPasswordPrompts=1 10.210.106.48 '/bin/sh -c '"'"'sudo --non-interactive -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-goljodyuptvtwkmpeltoglyidowocygl ; /usr/bin/python3'"'"'"'"'"'"'"'"' && sleep 0'"'"'' <10.210.106.48> Escalation succeeded <10.210.106.48> (0, b'\n{"ansible_facts": {"ansible_ssh_host_key_dsa_public": "AAAAB3NzaC1kc3MAAACBALVibQCtJ/SvaYGm+i6p6WmRaMbPOuC5qCKOavfwGQiyTWqN0H1yQeD7RSRlp8TXXhOJCTTK4cWH4eV3yBtZJv7AimDxPtavGU0KSAZXXqHK1PzJW7rp3yX7RF18jrUH0F/CwciDQM4BRFOHgaVAIwJfGOwDNQaFZ+zDscBYcB57AAAAFQD//sfGXahb2K1Jon25O5dXfgSy0wAAAIEAtCui6fkCnJvrodRpv1sF3vPs5QWBlG8uKcf+C6RFMyWYXkOYiw4f4z1gb/QoNWnUaDeEvwXCrKzv5qfZvfvmBEuFlLACyEquKicGbu5pJgwKbr/XtJYf6MFXXCpa5+WYB330euay5vPzb5C7eWdpxi5hWSIKYk87uor0qgAlBTkAAACAR0yoYGNmUOh3gObcJ6SwTuS+qUVr9yReig8hlLQJFiFJJ8mgBNAFEgNKC3UoTnZe0TmS6h8HaQjiY69t7nY2PMYN7CW14Bi5f6zhefzq1/FX84nIn6uD94vU3TpoOK6V1dXKYTwV4B4JYvlJjNAplYbCmhX7S4rvGF5NCN6tM0o=", "ansible_ssh_host_key_dsa_public_keytype": "ssh-dss", "ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABgQCvxwhddW8Rnf3vKIwD1TbYhkbqMURgxVK+9oW/VPudMpj5UwaeHR/XXA6E76gWggzd/Ix0xIQgwXTGHSv2q65FNLyag4IF7hD5sIA+UqwcN1yKl8aX8OtGfGO8iwAk0N+JgTm4kniJ9P6xtGR0nppjVsGMLioMqPJK7adAyQgdIL96p8bUauajxsefaMb+1WNjMmcuj9ogp7icj4F2b3yP/BhlAch+MmePpWpJDO4x0IYN6K9O0vu+ndLeMjYMCEE8LB+Tii5u+UoGKggmoPKnojj0Qz8oHIQHL7fwO+EIgpeieDz57xnLQjwkEqC0kAtbmWxU6aqaZikr9+vPzD3WW0kPuu4Cd+eD/7nEaVwdpt+T6Zg3jnCTarOFBZ7AepJhc7On2rqXByCYNxlbjNRpgFYLZr+a+VMBZaYO5OTS7bhYVWXZ9RUU3OuKaAmvDM0GmBGkUmXJ97cklfAVg1YfDcL1QIQ1M9RGqIGw6kOrXxDnWD7WqGcU0mYXofin0e0=", "ansible_ssh_host_key_rsa_public_keytype": "ssh-rsa", "ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBcOjIObvzu4YBD54XqbOeZx9JHZmwaj9GSzxnp+DJ2wTirT8VJ1Wdb5kX89t2S3R+7Lv3KPen1TLAmasWRwHRM=", "ansible_ssh_host_key_ecdsa_public_keytype": "ecdsa-sha2-nistp256", "ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIILa5PZhLNuYINqjIDZKcpGvpwZ+kl/qDgqA0zrSvyZK", "ansible_ssh_host_key_ed25519_public_keytype": "ssh-ed25519", "ansible_system_capabilities_enforced": "N/A", "ansible_system_capabilities": "N/A", "ansible_system": "Darwin", "ansible_kernel": "24.4.0", "ansible_kernel_version": "Darwin Kernel Version 24.4.0: Wed Mar 19 21:11:02 PDT 2025; root:xnu-11417.101.15~1/RELEASE_ARM64_T8132", "ansible_machine": "arm64", "ansible_python_version": "3.9.6", "ansible_fqdn": "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa", "ansible_hostname": "CAPSULE-V-001-MM038", "ansible_nodename": "CAPSULE-V-001-MM038.local", "ansible_domain": "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa", "ansible_userspace_bits": "64", "ansible_architecture": "arm64", "ansible_lsb": {}, "ansible_distribution": "MacOSX", "ansible_distribution_release": "24.4.0", "ansible_distribution_version": "15.4", "ansible_distribution_major_version": "15", "ansible_os_family": "Darwin", "ansible_model": "Mac16,10", "ansible_product_name": "Mac16,10", "ansible_osversion": "24E248", "ansible_osrevision": "199506", "ansible_processor": "Apple M4", "ansible_processor_cores": "10", "ansible_processor_vcpus": "10", "ansible_memtotal_mb": 24576, "ansible_memfree_mb": 5199, "ansible_uptime_seconds": 1343006, "ansible_date_time": {"year": "2025", "month": "09", "weekday": "Saturday", "weekday_number": "6", "weeknumber": "37", "day": "20", "hour": "20", "minute": "48", "second": "01", "epoch": "1758426481", "epoch_int": "1758426481", "date": "2025-09-20", "time": "20:48:01", "iso8601_micro": "2025-09-21T03:48:01.993480Z", "iso8601": "2025-09-21T03:48:01Z", "iso8601_basic": "20250920T204801993480", "iso8601_basic_short": "20250920T204801", "tz": "PDT", "tz_dst": "PDT", "tz_offset": "-0700"}, "ansible_virtualization_type": "", "ansible_virtualization_role": "", "ansible_virtualization_tech_guest": [], "ansible_virtualization_tech_host": [], "ansible_user_id": "root", "ansible_user_uid": 0, "ansible_user_gid": 0, "ansible_user_gecos": "System Administrator", "ansible_user_dir": "/var/root", "ansible_user_shell": "/bin/zsh", "ansible_real_user_id": 0, "ansible_effective_user_id": 0, "ansible_real_group_id": 0, "ansible_effective_group_id": 0, "ansible_loadavg": {"1m": 1.30517578125, "5m": 1.2568359375, "15m": 1.2421875}, "ansible_selinux": {"status": "Missing selinux Python library"}, "ansible_selinux_python_present": false, "ansible_hostnqn": "", "ansible_apparmor": {"status": "disabled"}, "ansible_interfaces": ["anpi0", "anpi1", "anpi3", "ap1", "awdl0", "bridge0", "en0", "en1", "en2", "en3", "en4", "en5", "en6", "en7", "gif0", "llw0", "lo0", "stf0"], "ansible_lo0": {"device": "lo0", "ipv4": [{"address": "127.0.0.1", "netmask": "255.0.0.0", "network": "127.0.0.0", "broadcast": "127.255.255.255"}], "ipv6": [{"address": "::1", "prefix": "128"}, {"address": "fe80::1%lo0", "prefix": "64", "scope": "0x1"}], "type": "loopback", "flags": ["UP", "LOOPBACK", "RUNNING", "MULTICAST"], "macaddress": "unknown", "mtu": "16384", "options": ["PERFORMNUD", "DAD"]}, "ansible_gif0": {"device": "gif0", "ipv4": [], "ipv6": [], "type": "unknown", "flags": ["POINTOPOINT", "MULTICAST"], "macaddress": "unknown", "mtu": "1280"}, "ansible_stf0": {"device": "stf0", "ipv4": [], "ipv6": [], "type": "unknown", "flags": [], "macaddress": "unknown", "mtu": "1280"}, "ansible_anpi1": {"device": "anpi1", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:b8", "mtu": "1500", "options": ["CHANNEL_IO"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_anpi3": {"device": "anpi3", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:ba", "mtu": "1500", "options": ["CHANNEL_IO"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_anpi0": {"device": "anpi0", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:b7", "mtu": "1500", "options": ["CHANNEL_IO"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en5": {"device": "en5", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:97", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en6": {"device": "en6", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:98", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en7": {"device": "en7", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:9a", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en2": {"device": "en2", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "PROMISC", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:00", "mtu": "1500", "options": ["TSO4", "TSO6", "CHANNEL_IO"], "media": "Unknown", "media_select": "autoselect", "media_type": "full-duplex", "status": "inactive"}, "ansible_en3": {"device": "en3", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "PROMISC", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:04", "mtu": "1500", "options": ["TSO4", "TSO6", "CHANNEL_IO"], "media": "Unknown", "media_select": "autoselect", "media_type": "full-duplex", "status": "inactive"}, "ansible_en4": {"device": "en4", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "PROMISC", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:0c", "mtu": "1500", "options": ["TSO4", "TSO6", "CHANNEL_IO"], "media": "Unknown", "media_select": "autoselect", "media_type": "full-duplex", "status": "inactive"}, "ansible_ap1": {"device": "ap1", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "de:d9:fb:d5:05:22", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "none", "status": "inactive"}, "ansible_en1": {"device": "en1", "ipv4": [], "ipv6": [{"address": "fe80::106e:37d4:4ea7:6669%en1", "prefix": "64"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "46:ca:0d:38:66:8f", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "none"}, "ansible_awdl0": {"device": "awdl0", "ipv4": [], "ipv6": [{"address": "fe80::a03c:b4ff:feac:f4c0%awdl0", "prefix": "64", "scope": "0xf"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "a2:3c:b4:ac:f4:c0", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "status": "active"}, "ansible_llw0": {"device": "llw0", "ipv4": [], "ipv6": [{"address": "fe80::a03c:b4ff:feac:f4c0%llw0", "prefix": "64", "scope": "0x10"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "a2:3c:b4:ac:f4:c0", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "none"}, "ansible_en0": {"device": "en0", "ipv4": [{"address": "10.210.106.48", "netmask": "255.255.255.0", "network": "10.210.106.0", "broadcast": "10.210.106.255"}], "ipv6": [{"address": "fe80::25:9166:827e:2a6f%en0", "prefix": "64"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "d0:11:e5:aa:19:1d", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "10Gbase-", "media_options": ["full-duplex"], "status": "active"}, "ansible_bridge0": {"device": "bridge0", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:00", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "Unknown", "media_type": "unknown type", "status": "inactive"}, "ansible_default_ipv4": {"gateway": "10.210.106.1", "interface": "en0", "device": "en0", "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "d0:11:e5:aa:19:1d", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "10Gbase-", "media_options": ["full-duplex"], "status": "active", "address": "10.210.106.48", "netmask": "255.255.255.0", "network": "10.210.106.0", "broadcast": "10.210.106.255"}, "ansible_default_ipv6": {}, "ansible_all_ipv4_addresses": ["10.210.106.48"], "ansible_all_ipv6_addresses": ["fe80::106e:37d4:4ea7:6669%en1", "fe80::a03c:b4ff:feac:f4c0%awdl0", "fe80::a03c:b4ff:feac:f4c0%llw0", "fe80::25:9166:827e:2a6f%en0"], "ansible_fips": false, "ansible_env": {"TERM": "unknown", "SHELL": "/bin/zsh", "USER": "root", "SUDO_USER": "staging_ansible", "SUDO_UID": "20001", "MAIL": "/var/mail/root", "PATH": "/usr/bin:/bin:/usr/sbin:/sbin", "PWD": "/private/var/home/staging_ansible", "SHLVL": "1", "SUDO_COMMAND": "/bin/sh -c echo BECOME-SUCCESS-goljodyuptvtwkmpeltoglyidowocygl ; /usr/bin/python3", "HOME": "/var/home/staging_ansible", "LOGNAME": "root", "SUDO_GID": "20001", "_": "/usr/bin/python3", "__CF_USER_TEXT_ENCODING": "0x0:0:0", "SDKROOT": "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk", "CPATH": "/usr/local/include", "LIBRARY_PATH": "/usr/local/lib", "MANPATH": "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/share/man:/Library/Developer/CommandLineTools/usr/share/man:/Library/Developer/CommandLineTools/Toolchains/XcodeDefault.xctoolchain/usr/share/man:", "LC_CTYPE": "C.UTF-8"}, "ansible_fibre_channel_wwn": [], "ansible_is_chroot": false, "ansible_python": {"version": {"major": 3, "minor": 9, "micro": 6, "releaselevel": "final", "serial": 0}, "version_info": [3, 9, 6, "final", 0], "executable": "/Library/Developer/CommandLineTools/usr/bin/python3", "has_sslcontext": true, "type": "cpython"}, "ansible_iscsi_iqn": "", "ansible_local": {}, "ansible_dns": {"nameservers": ["8.8.8.8"]}, "ansible_service_mgr": "launchd", "ansible_pkg_mgr": "homebrew", "gather_subset": ["all"], "module_setup": true}, "invocation": {"module_args": {"gather_subset": ["all"], "gather_timeout": 10, "filter": [], "fact_path": "/etc/ansible/facts.d"}}}\n', b'') ok: [capsule-v-001-mm038] TASK [common : include_tasks] ************************************************** task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/main.yml:26 included: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/rm_groups.yml for capsule-v-001-mm038 TASK [common : user management remove global groups linux] ********************* task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/rm_groups.yml:7 skipping: [capsule-v-001-mm038] => (item=None) => { "ansible_loop_var": "item", "changed": false, "false_condition": "(global_groups[item].state|default('present')) == 'absent'", "item": null, "skip_reason": "Conditional result was False" } skipping: [capsule-v-001-mm038] => { "changed": false, "msg": "All items skipped" } TASK [common : user management remove local groups linux] ********************** task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/rm_groups.yml:20 skipping: [capsule-v-001-mm038] => { "changed": false, "skipped_reason": "No items in the list" } TASK [common : include_tasks] ************************************************** task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/main.yml:32 included: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml for capsule-v-001-mm038 TASK [common : user management set global groups macOS] ************************ task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20 [ERROR]: Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined. Task failed. Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20:5 18 # - item not in skip_groups 19 20 - name: user management set global groups macOS ^ column 5 <<< caused by >>> Finalization of task args for 'ansible.builtin.group' failed. Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:24:5 22 - user_mgmt 23 - admin_accounts 24 group: ^ column 5 <<< caused by >>> Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined. Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:29:17 27 # gid: "{{ global_groups[item].gid }}" 28 # state: "{{ global_groups[item].state | default('present') }}" 29 gid: "{{ item.gid | mandatory }}" ^ column 17 failed: [capsule-v-001-mm038] (item={'key': 'production_ansible', 'value': {'gid': 10001}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "production_ansible", "value": { "gid": 10001 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'staging_ansible', 'value': {'gid': 20001}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "staging_ansible", "value": { "gid": 20001 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'grafana', 'value': {'gid': 10501}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "grafana", "value": { "gid": 10501 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'prometheus', 'value': {'gid': 10502}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "prometheus", "value": { "gid": 10502 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'zookeeper', 'value': {'gid': 10503}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "zookeeper", "value": { "gid": 10503 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'rundeck', 'value': {'gid': 10504}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "rundeck", "value": { "gid": 10504 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'nginx', 'value': {'gid': 10505}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "nginx", "value": { "gid": 10505 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'gnupgserver', 'value': {'gid': 10506}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "gnupgserver", "value": { "gid": 10506 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } failed: [capsule-v-001-mm038] (item={'key': 'sequoia', 'value': {'gid': 10507}}) => { "ansible_loop_var": "item", "changed": false, "item": { "key": "sequoia", "value": { "gid": 10507 } }, "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined." } PLAY RECAP ********************************************************************* capsule-v-001-mm038 : ok=3 changed=0 unreachable=0 failed=1 skipped=2 rescued=0 ignored=0 ``` ### Code of Conduct - [x] I agree to follow the Ansible Code of Conduct

I’m running on a MacMin with MacOS 15.4 and I ran Disk Utility on all volumes!

I also ran this for Homebrew to reinstall all ansible and all it’s dependent packages:

brew reinstall $(brew deps ansible) ansible

Details in the ansible GitHub issue! Please comment!

utoddl · September 21, 2025, 1:51pm

This is not a bug in any code provided by the Ansible project. This is straight up user error. I have commented to that effect in the bug report.

Folks here on the Ansible Forum are willing to help you, but it requires you to respond to messages asking for additional information.

Here’s the code you posted in that bug report. I’ve inserted comments containing the output from each of the two tasks.

---

- name: My First Play
  hosts: all
  tasks:
    - name: debug global_groups
      debug:
        var: global_groups
      tags:
        - test
# produces this output:
# TASK [debug global_groups] *****************************
# task path: /home/utoddl/ansible/Gittes_00.yml:29
# ok: [localhost] => {
#     "global_groups": {
#         "gnupgserver": {
#             "gid": 10506
#         },
#         "grafana": {
#             "gid": 10501
#         },
#         "production_ansible": {
#             "gid": 10001
#         },
#         "prometheus": {
#             "gid": 10502
#         },
#         "rundeck": {
#             "gid": 10504
#         },
#         "sequoia": {
#             "gid": 10507
#         },
#         "staging_ansible": {
#             "gid": 20001
#         },
#         "zookeeper": {
#             "gid": 10503
#         }
#     }
# }

    - name: debug user management set global groups macOS
      tags:
        - user_mgmt
        - admin_accounts
      debug:
        var: item
      with_items: global_groups
      when:
        - (global_groups[item].state|default('present')) == 'present'
# produces this output
# TASK [debug user management set global groups macOS] ****
# task path: /home/utoddl/ansible/Gittes_00.yml:35
# ok: [localhost] => (item=global_groups) => {
#     "ansible_loop_var": "item",
#     "item": "global_groups"
# }

There are two tasks here.

The first task works as you would expect. The var: parameter expects to be given a string — in this case, “global_groups” — which is the name of a variable. ansible.builtin.debug displays the value of the variable with that name.

The second tasks does not “work” - that is, it doesn’t loop over the elements of the global_groups dict.
It doesn’t “loop over” at all, it run exactly once, setting item to the string “global_groups”, and it displays the value of the variable named “item”, which is the value “global_groups”.

Of all the problems with these tasks (not using FQCN, using the deprecated with_items: rather than the recommended loop:, …), the one thing that is the fundamental error is using the bare string “global_groups” in

with_items: global_groups

That is never going to do what you want.

Fully functional code is posted up thread; I won’t repeat it here.

If you still run into “the same error”, please indicate which error you mean, and post the text of the tasks producing it. We’ll be happy to help you understand what isn’t working.

flowerysong · September 21, 2025, 4:19pm

While you’re probably finding it frustrating that you keep trying different things and failing, please understand that it’s also frustrating for the people trying to help you when you don’t engage with the conversation. If things we’ve said are unclear or confusing, please ask for clarification here instead of opening yet another invalid bug report and wasting everyone’s time.

You have been given two complete examples of ways to fix your original code. Copy one of them in its entirety into your role, and run it. If it fails, show us the code you ran and the output in a new post. If it works, look at the differences between your original code and the working code to see what you got wrong.

mcen1 · September 21, 2025, 10:13pm

You are being given great, patient advice by two of the smartest users on the forum. You should listen to them and not create “bug” reports.

Gittes · September 22, 2025, 3:54am

I made a new file for my role from scratch:

---
- name: user management set global groups macOS
  tags:
    - user_mgmt
    - admin_accounts
  group:
    name: "{{ item }}"
    gid: "{{ item.gid | mandatory }}"
    state: "{{ item.state | default('present') }}"
  loop: "{{ global_groups | dict2items }}"
  when:
    - (global_groups[item].state|default('present')) == 'present'
    - item not in skip_groups

- name: user managment set local groups macOS
  tags:
    - user_mgmt
  group:
    name: "{{ item }}"
    gid: "{{ item.gid | mandatory }}"
    state: "{{ item.state | default('present') }}"
  with_items: "{{ local_groups }}"
  when: (global_groups[item].state|default('present')) == 'present'

- name: user managment set custom groups macOS
  tags:
    - user_mgmt
  group:
    name: "{{ item }}"
    gid: "{{ custom_groups[item].gid | mandatory }}"
    state: "{{ custom_groups[item].state | default('present') }}"
  with_items: "{{ custom_groups.keys() }}"
  when: custom_groups is defined

...
# vim:ft=ansible

Gittes · September 22, 2025, 3:56am

I had to post a second time so I would not go over the character max!

I still get this error:

CAPSULE-V-001-MM037:MacStadium_ansible chris$ ansible-playbook --inventory inventory/staging/staging playbooks/manage_users_and_groups.yml --private-key ~/.ssh/staging_ansible_id_ed25519 --user staging_ansible --limit capsule-v-001-mm038 -vvvvv --skip-tags to_skip &> ~/Temporary/ansible-playbook.common_role.output.txt

Contents of ansible-playbook.common_role.output.txt:

ansible-playbook [core 2.19.2]
  config file = /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg
  configured module search path = ['/Users/chris/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible
  ansible collection location = /Users/chris/.ansible/collections:/usr/share/ansible/collections
  executable location = /opt/homebrew/bin/ansible-playbook
  python version = 3.13.7 (main, Aug 14 2025, 11:12:11) [Clang 17.0.0 (clang-1700.0.13.3)] (/opt/homebrew/Cellar/ansible/12.0.0/libexec/bin/python)
  jinja version = 3.1.6
  pyyaml version = 6.0.2 (with libyaml v0.2.5)
Using /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/ansible.cfg as config file
Reading vault password file: /opt/ChrisWasHere/.secrets/ansible_vault_password.txt
setting up inventory plugins
Loading collection ansible.builtin from 
host_list declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method
script declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method
auto declined parsing /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging as it did not pass its verify_file() method
Parsed /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging inventory source with yaml plugin
Loading collection community.general from /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible_collections/community/general
Loading callback plugin default of type stdout, v2.0 from /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible/plugins/callback/default.py
Attempting to use 'junit' callback.
Attempting to use 'minimal' callback.
Skipping callback 'minimal', as we already have a stdout callback.
Attempting to use 'oneline' callback.
Skipping callback 'oneline', as we already have a stdout callback.
Attempting to use 'tree' callback.

PLAYBOOK: manage_users_and_groups.yml ******************************************
Positional arguments: playbooks/manage_users_and_groups.yml
verbosity: 5
private_key_file: /Users/chris/.ssh/staging_ansible_id_ed25519
remote_user: staging_ansible
connection: ssh
become_method: sudo
tags: ('all',)
skip_tags: ('to_skip',)
inventory: ('/Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/inventory/staging/staging',)
subset: capsule-v-001-mm038
forks: 5
1 plays in playbooks/manage_users_and_groups.yml

PLAY [All common roles] ********************************************************

TASK [Gathering Facts] *********************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/playbooks/manage_users_and_groups.yml:4
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/_internal/_ansiballz/_loader.py
Including module_utils file ansible/module_utils/_internal/__init__.py
Including module_utils file ansible/module_utils/_internal/_ansiballz/__init__.py
Including module_utils file ansible/module_utils/_internal/_errors.py
Including module_utils file ansible/module_utils/_internal/_json/_profiles/_module_legacy_c2m.py
Including module_utils file ansible/module_utils/_internal/_json/__init__.py
Including module_utils file ansible/module_utils/_internal/_json/_profiles/__init__.py
Including module_utils file ansible/module_utils/_internal/_datatag/__init__.py
Including module_utils file ansible/module_utils/_internal/_dataclass_validation.py
Including module_utils file ansible/module_utils/_internal/_datatag/_tags.py
Including module_utils file ansible/module_utils/_internal/_json/_profiles/_module_legacy_m2c.py
Including module_utils file ansible/module_utils/_internal/_messages.py
Including module_utils file ansible/module_utils/_internal/_patches/_socket_patch.py
Including module_utils file ansible/module_utils/_internal/_patches/__init__.py
Including module_utils file ansible/module_utils/_internal/_patches/_sys_intern_patch.py
Including module_utils file ansible/module_utils/_internal/_traceback.py
Including module_utils file ansible/module_utils/_internal/_stack.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_internal/_debugging.py
Including module_utils file ansible/module_utils/_internal/_deprecator.py
Including module_utils file ansible/module_utils/_internal/_plugin_info.py
Including module_utils file ansible/module_utils/_internal/_validation.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/json.py
Including module_utils file ansible/module_utils/_internal/_json/_legacy_encoder.py
Including module_utils file ansible/module_utils/_internal/_json/_profiles/_tagless.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/_internal/_event_utils.py
Including module_utils file ansible/module_utils/_internal/_text_utils.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/compat/typing.py
Including module_utils file ansible/module_utils/_internal/_patches/_dataclass_annotation_patch.py
Including module_utils file ansible/module_utils/datatag.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/facts/ansible_collector.py
Including module_utils file ansible/module_utils/facts/__init__.py
Including module_utils file ansible/module_utils/facts/collector.py
Including module_utils file ansible/module_utils/facts/compat.py
Including module_utils file ansible/module_utils/facts/default_collectors.py
Including module_utils file ansible/module_utils/facts/hardware/aix.py
Including module_utils file ansible/module_utils/facts/hardware/__init__.py
Including module_utils file ansible/module_utils/facts/hardware/base.py
Including module_utils file ansible/module_utils/facts/hardware/darwin.py
Including module_utils file ansible/module_utils/facts/hardware/dragonfly.py
Including module_utils file ansible/module_utils/facts/hardware/freebsd.py
Including module_utils file ansible/module_utils/facts/hardware/hpux.py
Including module_utils file ansible/module_utils/facts/hardware/hurd.py
Including module_utils file ansible/module_utils/facts/hardware/linux.py
Including module_utils file ansible/module_utils/_internal/_concurrent/_futures.py
Including module_utils file ansible/module_utils/_internal/_concurrent/__init__.py
Including module_utils file ansible/module_utils/_internal/_concurrent/_daemon_threading.py
Including module_utils file ansible/module_utils/facts/hardware/netbsd.py
Including module_utils file ansible/module_utils/facts/hardware/openbsd.py
Including module_utils file ansible/module_utils/facts/hardware/sunos.py
Including module_utils file ansible/module_utils/facts/namespace.py
Including module_utils file ansible/module_utils/facts/network/aix.py
Including module_utils file ansible/module_utils/facts/network/__init__.py
Including module_utils file ansible/module_utils/facts/network/base.py
Including module_utils file ansible/module_utils/facts/network/darwin.py
Including module_utils file ansible/module_utils/facts/network/dragonfly.py
Including module_utils file ansible/module_utils/facts/network/fc_wwn.py
Including module_utils file ansible/module_utils/facts/network/freebsd.py
Including module_utils file ansible/module_utils/facts/network/generic_bsd.py
Including module_utils file ansible/module_utils/facts/network/hpux.py
Including module_utils file ansible/module_utils/facts/network/hurd.py
Including module_utils file ansible/module_utils/facts/network/iscsi.py
Including module_utils file ansible/module_utils/facts/network/linux.py
Including module_utils file ansible/module_utils/facts/network/netbsd.py
Including module_utils file ansible/module_utils/facts/network/nvme.py
Including module_utils file ansible/module_utils/facts/network/openbsd.py
Including module_utils file ansible/module_utils/facts/network/sunos.py
Including module_utils file ansible/module_utils/facts/other/facter.py
Including module_utils file ansible/module_utils/facts/other/__init__.py
Including module_utils file ansible/module_utils/facts/other/ohai.py
Including module_utils file ansible/module_utils/facts/sysctl.py
Including module_utils file ansible/module_utils/facts/system/apparmor.py
Including module_utils file ansible/module_utils/facts/system/__init__.py
Including module_utils file ansible/module_utils/facts/system/caps.py
Including module_utils file ansible/module_utils/facts/system/chroot.py
Including module_utils file ansible/module_utils/facts/system/cmdline.py
Including module_utils file ansible/module_utils/facts/system/date_time.py
Including module_utils file ansible/module_utils/facts/system/distribution.py
Including module_utils file ansible/module_utils/facts/system/dns.py
Including module_utils file ansible/module_utils/facts/system/env.py
Including module_utils file ansible/module_utils/facts/system/fips.py
Including module_utils file ansible/module_utils/facts/system/loadavg.py
Including module_utils file ansible/module_utils/facts/system/local.py
Including module_utils file ansible/module_utils/facts/system/lsb.py
Including module_utils file ansible/module_utils/facts/system/pkg_mgr.py
Including module_utils file ansible/module_utils/facts/system/platform.py
Including module_utils file ansible/module_utils/facts/system/python.py
Including module_utils file ansible/module_utils/facts/system/selinux.py
Including module_utils file ansible/module_utils/facts/system/service_mgr.py
Including module_utils file ansible/module_utils/compat/version.py
Including module_utils file ansible/module_utils/facts/system/ssh_pub_keys.py
Including module_utils file ansible/module_utils/facts/system/systemd.py
Including module_utils file ansible/module_utils/facts/system/user.py
Including module_utils file ansible/module_utils/facts/timeout.py
Including module_utils file ansible/module_utils/facts/utils.py
Including module_utils file ansible/module_utils/facts/virtual/base.py
Including module_utils file ansible/module_utils/facts/virtual/__init__.py
Including module_utils file ansible/module_utils/facts/virtual/dragonfly.py
Including module_utils file ansible/module_utils/facts/virtual/freebsd.py
Including module_utils file ansible/module_utils/facts/virtual/hpux.py
Including module_utils file ansible/module_utils/facts/virtual/linux.py
Including module_utils file ansible/module_utils/facts/virtual/netbsd.py
Including module_utils file ansible/module_utils/facts/virtual/openbsd.py
Including module_utils file ansible/module_utils/facts/virtual/sunos.py
Including module_utils file ansible/module_utils/facts/virtual/sysctl.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/six/__init__.py
<capsule-v-001-mm038> Attempting python interpreter discovery.
<10.210.106.48> ESTABLISH SSH CONNECTION FOR USER: staging_ansible
<10.210.106.48> SSH: ansible.cfg set ssh_args: (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<10.210.106.48> SSH: ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set: (-o)(IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519")
<10.210.106.48> SSH: ansible_password/ansible_ssh_password not set: (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no)
<10.210.106.48> SSH: ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User="staging_ansible")
<10.210.106.48> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<10.210.106.48> SSH: Set ssh_common_args: ()
<10.210.106.48> SSH: Set ssh_extra_args: ()
<10.210.106.48> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath="/Users/chris/.ansible/cp/e5c04d892f")
<10.210.106.48> SSH: Restrict number of password prompts in case incorrect password is provided.: (-o)(NumberOfPasswordPrompts=1)
<10.210.106.48> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="staging_ansible"' -o ConnectTimeout=10 -o 'ControlPath="/Users/chris/.ansible/cp/e5c04d892f"' -o NumberOfPasswordPrompts=1 10.210.106.48 '/bin/sh -c '"'"'echo FOUND; command -v '"'"'"'"'"'"'"'"'python3.13'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.12'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.11'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.10'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.9'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.8'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'/usr/bin/python3'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3'"'"'"'"'"'"'"'"'; echo ENDFOUND && sleep 0'"'"''
<10.210.106.48> (0, b'FOUND\n/usr/bin/python3\n/usr/bin/python3\nENDFOUND\n', b'')
Using module file /opt/homebrew/Cellar/ansible/12.0.0/libexec/lib/python3.13/site-packages/ansible/modules/setup.py
Pipelining is enabled.
<10.210.106.48> ESTABLISH SSH CONNECTION FOR USER: staging_ansible
<10.210.106.48> SSH: ansible.cfg set ssh_args: (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s)
<10.210.106.48> SSH: ANSIBLE_PRIVATE_KEY_FILE/private_key_file/ansible_ssh_private_key_file set: (-o)(IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519")
<10.210.106.48> SSH: ansible_password/ansible_ssh_password not set: (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no)
<10.210.106.48> SSH: ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User="staging_ansible")
<10.210.106.48> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)
<10.210.106.48> SSH: Set ssh_common_args: ()
<10.210.106.48> SSH: Set ssh_extra_args: ()
<10.210.106.48> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath="/Users/chris/.ansible/cp/e5c04d892f")
<10.210.106.48> SSH: Restrict number of password prompts in case incorrect password is provided.: (-o)(NumberOfPasswordPrompts=1)
<10.210.106.48> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/chris/.ssh/staging_ansible_id_ed25519"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="staging_ansible"' -o ConnectTimeout=10 -o 'ControlPath="/Users/chris/.ansible/cp/e5c04d892f"' -o NumberOfPasswordPrompts=1 10.210.106.48 '/bin/sh -c '"'"'sudo --non-interactive  -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-iwkgelpnwwufqxuhguracdsdevvcdyud ; /usr/bin/python3'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<10.210.106.48> Escalation succeeded
<10.210.106.48> (0, b'\n{"ansible_facts": {"ansible_python": {"version": {"major": 3, "minor": 9, "micro": 6, "releaselevel": "final", "serial": 0}, "version_info": [3, 9, 6, "final", 0], "executable": "/Library/Developer/CommandLineTools/usr/bin/python3", "has_sslcontext": true, "type": "cpython"}, "ansible_distribution": "MacOSX", "ansible_distribution_release": "24.4.0", "ansible_distribution_version": "15.4", "ansible_distribution_major_version": "15", "ansible_os_family": "Darwin", "ansible_is_chroot": false, "ansible_ssh_host_key_dsa_public": "AAAAB3NzaC1kc3MAAACBALVibQCtJ/SvaYGm+i6p6WmRaMbPOuC5qCKOavfwGQiyTWqN0H1yQeD7RSRlp8TXXhOJCTTK4cWH4eV3yBtZJv7AimDxPtavGU0KSAZXXqHK1PzJW7rp3yX7RF18jrUH0F/CwciDQM4BRFOHgaVAIwJfGOwDNQaFZ+zDscBYcB57AAAAFQD//sfGXahb2K1Jon25O5dXfgSy0wAAAIEAtCui6fkCnJvrodRpv1sF3vPs5QWBlG8uKcf+C6RFMyWYXkOYiw4f4z1gb/QoNWnUaDeEvwXCrKzv5qfZvfvmBEuFlLACyEquKicGbu5pJgwKbr/XtJYf6MFXXCpa5+WYB330euay5vPzb5C7eWdpxi5hWSIKYk87uor0qgAlBTkAAACAR0yoYGNmUOh3gObcJ6SwTuS+qUVr9yReig8hlLQJFiFJJ8mgBNAFEgNKC3UoTnZe0TmS6h8HaQjiY69t7nY2PMYN7CW14Bi5f6zhefzq1/FX84nIn6uD94vU3TpoOK6V1dXKYTwV4B4JYvlJjNAplYbCmhX7S4rvGF5NCN6tM0o=", "ansible_ssh_host_key_dsa_public_keytype": "ssh-dss", "ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABgQCvxwhddW8Rnf3vKIwD1TbYhkbqMURgxVK+9oW/VPudMpj5UwaeHR/XXA6E76gWggzd/Ix0xIQgwXTGHSv2q65FNLyag4IF7hD5sIA+UqwcN1yKl8aX8OtGfGO8iwAk0N+JgTm4kniJ9P6xtGR0nppjVsGMLioMqPJK7adAyQgdIL96p8bUauajxsefaMb+1WNjMmcuj9ogp7icj4F2b3yP/BhlAch+MmePpWpJDO4x0IYN6K9O0vu+ndLeMjYMCEE8LB+Tii5u+UoGKggmoPKnojj0Qz8oHIQHL7fwO+EIgpeieDz57xnLQjwkEqC0kAtbmWxU6aqaZikr9+vPzD3WW0kPuu4Cd+eD/7nEaVwdpt+T6Zg3jnCTarOFBZ7AepJhc7On2rqXByCYNxlbjNRpgFYLZr+a+VMBZaYO5OTS7bhYVWXZ9RUU3OuKaAmvDM0GmBGkUmXJ97cklfAVg1YfDcL1QIQ1M9RGqIGw6kOrXxDnWD7WqGcU0mYXofin0e0=", "ansible_ssh_host_key_rsa_public_keytype": "ssh-rsa", "ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBcOjIObvzu4YBD54XqbOeZx9JHZmwaj9GSzxnp+DJ2wTirT8VJ1Wdb5kX89t2S3R+7Lv3KPen1TLAmasWRwHRM=", "ansible_ssh_host_key_ecdsa_public_keytype": "ecdsa-sha2-nistp256", "ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIILa5PZhLNuYINqjIDZKcpGvpwZ+kl/qDgqA0zrSvyZK", "ansible_ssh_host_key_ed25519_public_keytype": "ssh-ed25519", "ansible_system": "Darwin", "ansible_kernel": "24.4.0", "ansible_kernel_version": "Darwin Kernel Version 24.4.0: Wed Mar 19 21:11:02 PDT 2025; root:xnu-11417.101.15~1/RELEASE_ARM64_T8132", "ansible_machine": "arm64", "ansible_python_version": "3.9.6", "ansible_fqdn": "CAPSULE-V-001-MM038.local", "ansible_hostname": "CAPSULE-V-001-MM038", "ansible_nodename": "CAPSULE-V-001-MM038.local", "ansible_domain": "local", "ansible_userspace_bits": "64", "ansible_architecture": "arm64", "ansible_user_id": "root", "ansible_user_uid": 0, "ansible_user_gid": 0, "ansible_user_gecos": "System Administrator", "ansible_user_dir": "/var/root", "ansible_user_shell": "/bin/zsh", "ansible_real_user_id": 0, "ansible_effective_user_id": 0, "ansible_real_group_id": 0, "ansible_effective_group_id": 0, "ansible_lsb": {}, "ansible_interfaces": ["anpi0", "anpi1", "anpi3", "ap1", "awdl0", "bridge0", "en0", "en1", "en2", "en3", "en4", "en5", "en6", "en7", "gif0", "llw0", "lo0", "stf0"], "ansible_lo0": {"device": "lo0", "ipv4": [{"address": "127.0.0.1", "netmask": "255.0.0.0", "network": "127.0.0.0", "broadcast": "127.255.255.255"}], "ipv6": [{"address": "::1", "prefix": "128"}, {"address": "fe80::1%lo0", "prefix": "64", "scope": "0x1"}], "type": "loopback", "flags": ["UP", "LOOPBACK", "RUNNING", "MULTICAST"], "macaddress": "unknown", "mtu": "16384", "options": ["PERFORMNUD", "DAD"]}, "ansible_gif0": {"device": "gif0", "ipv4": [], "ipv6": [], "type": "unknown", "flags": ["POINTOPOINT", "MULTICAST"], "macaddress": "unknown", "mtu": "1280"}, "ansible_stf0": {"device": "stf0", "ipv4": [], "ipv6": [], "type": "unknown", "flags": [], "macaddress": "unknown", "mtu": "1280"}, "ansible_anpi1": {"device": "anpi1", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:b8", "mtu": "1500", "options": ["CHANNEL_IO"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_anpi3": {"device": "anpi3", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:ba", "mtu": "1500", "options": ["CHANNEL_IO"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_anpi0": {"device": "anpi0", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:b7", "mtu": "1500", "options": ["CHANNEL_IO"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en5": {"device": "en5", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:97", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en6": {"device": "en6", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:98", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en7": {"device": "en7", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "ee:be:d7:25:95:9a", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "none", "status": "inactive"}, "ansible_en2": {"device": "en2", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "PROMISC", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:00", "mtu": "1500", "options": ["TSO4", "TSO6", "CHANNEL_IO"], "media": "Unknown", "media_select": "autoselect", "media_type": "full-duplex", "status": "inactive"}, "ansible_en3": {"device": "en3", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "PROMISC", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:04", "mtu": "1500", "options": ["TSO4", "TSO6", "CHANNEL_IO"], "media": "Unknown", "media_select": "autoselect", "media_type": "full-duplex", "status": "inactive"}, "ansible_en4": {"device": "en4", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "PROMISC", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:0c", "mtu": "1500", "options": ["TSO4", "TSO6", "CHANNEL_IO"], "media": "Unknown", "media_select": "autoselect", "media_type": "full-duplex", "status": "inactive"}, "ansible_ap1": {"device": "ap1", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "de:d9:fb:d5:05:22", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "none", "status": "inactive"}, "ansible_en1": {"device": "en1", "ipv4": [], "ipv6": [{"address": "fe80::106e:37d4:4ea7:6669%en1", "prefix": "64"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "46:ca:0d:38:66:8f", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "none"}, "ansible_awdl0": {"device": "awdl0", "ipv4": [], "ipv6": [{"address": "fe80::a03c:b4ff:feac:f4c0%awdl0", "prefix": "64", "scope": "0xf"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "a2:3c:b4:ac:f4:c0", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "status": "active"}, "ansible_llw0": {"device": "llw0", "ipv4": [], "ipv6": [{"address": "fe80::a03c:b4ff:feac:f4c0%llw0", "prefix": "64", "scope": "0x10"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "a2:3c:b4:ac:f4:c0", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "none"}, "ansible_en0": {"device": "en0", "ipv4": [{"address": "10.210.106.48", "netmask": "255.255.255.0", "network": "10.210.106.0", "broadcast": "10.210.106.255"}], "ipv6": [{"address": "fe80::25:9166:827e:2a6f%en0", "prefix": "64"}], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "d0:11:e5:aa:19:1d", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "10Gbase-", "media_options": ["full-duplex"], "status": "active"}, "ansible_bridge0": {"device": "bridge0", "ipv4": [], "ipv6": [], "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "36:02:98:14:cb:00", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "Unknown", "media_type": "unknown type", "status": "inactive"}, "ansible_default_ipv4": {"gateway": "10.210.106.1", "interface": "en0", "device": "en0", "type": "ether", "flags": ["UP", "BROADCAST", "SMART", "RUNNING", "SIMPLEX", "MULTICAST"], "macaddress": "d0:11:e5:aa:19:1d", "mtu": "1500", "options": ["PERFORMNUD", "DAD"], "media": "Unknown", "media_select": "autoselect", "media_type": "10Gbase-", "media_options": ["full-duplex"], "status": "active", "address": "10.210.106.48", "netmask": "255.255.255.0", "network": "10.210.106.0", "broadcast": "10.210.106.255"}, "ansible_default_ipv6": {}, "ansible_all_ipv4_addresses": ["10.210.106.48"], "ansible_all_ipv6_addresses": ["fe80::106e:37d4:4ea7:6669%en1", "fe80::a03c:b4ff:feac:f4c0%awdl0", "fe80::a03c:b4ff:feac:f4c0%llw0", "fe80::25:9166:827e:2a6f%en0"], "ansible_model": "Mac16,10", "ansible_product_name": "Mac16,10", "ansible_osversion": "24E248", "ansible_osrevision": "199506", "ansible_processor": "Apple M4", "ansible_processor_cores": "10", "ansible_processor_vcpus": "10", "ansible_memtotal_mb": 24576, "ansible_memfree_mb": 6582, "ansible_uptime_seconds": 1429440, "ansible_env": {"TERM": "unknown", "SHELL": "/bin/zsh", "USER": "root", "SUDO_USER": "staging_ansible", "SUDO_UID": "20001", "MAIL": "/var/mail/root", "PATH": "/usr/bin:/bin:/usr/sbin:/sbin", "PWD": "/private/var/home/staging_ansible", "SHLVL": "1", "SUDO_COMMAND": "/bin/sh -c echo BECOME-SUCCESS-iwkgelpnwwufqxuhguracdsdevvcdyud ; /usr/bin/python3", "HOME": "/var/home/staging_ansible", "LOGNAME": "root", "SUDO_GID": "20001", "_": "/usr/bin/python3", "__CF_USER_TEXT_ENCODING": "0x0:0:0", "SDKROOT": "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk", "CPATH": "/usr/local/include", "LIBRARY_PATH": "/usr/local/lib", "MANPATH": "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/share/man:/Library/Developer/CommandLineTools/usr/share/man:/Library/Developer/CommandLineTools/Toolchains/XcodeDefault.xctoolchain/usr/share/man:", "LC_CTYPE": "C.UTF-8"}, "ansible_local": {}, "ansible_apparmor": {"status": "disabled"}, "ansible_virtualization_type": "", "ansible_virtualization_role": "", "ansible_virtualization_tech_guest": [], "ansible_virtualization_tech_host": [], "ansible_system_capabilities_enforced": "N/A", "ansible_system_capabilities": "N/A", "ansible_hostnqn": "", "ansible_selinux": {"status": "Missing selinux Python library"}, "ansible_selinux_python_present": false, "ansible_fips": false, "ansible_iscsi_iqn": "", "ansible_dns": {"nameservers": ["8.8.8.8"]}, "ansible_loadavg": {"1m": 1.318359375, "5m": 1.22216796875, "15m": 1.18310546875}, "ansible_fibre_channel_wwn": [], "ansible_date_time": {"year": "2025", "month": "09", "weekday": "Sunday", "weekday_number": "0", "weeknumber": "37", "day": "21", "hour": "20", "minute": "48", "second": "35", "epoch": "1758512915", "epoch_int": "1758512915", "date": "2025-09-21", "time": "20:48:35", "iso8601_micro": "2025-09-22T03:48:35.523881Z", "iso8601": "2025-09-22T03:48:35Z", "iso8601_basic": "20250921T204835523881", "iso8601_basic_short": "20250921T204835", "tz": "PDT", "tz_dst": "PDT", "tz_offset": "-0700"}, "ansible_pkg_mgr": "homebrew", "ansible_service_mgr": "launchd", "gather_subset": ["all"], "module_setup": true}, "invocation": {"module_args": {"gather_subset": ["all"], "gather_timeout": 10, "filter": [], "fact_path": "/etc/ansible/facts.d"}}}\n', b'')
ok: [capsule-v-001-mm038]

TASK [common : include_tasks] **************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/main.yml:26
included: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/rm_groups.yml for capsule-v-001-mm038

TASK [common : user management remove global groups linux] *********************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/rm_groups.yml:7
skipping: [capsule-v-001-mm038] => (item=None)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "(global_groups[item].state|default('present')) == 'absent'",
    "item": null,
    "skip_reason": "Conditional result was False"
}
skipping: [capsule-v-001-mm038] => {
    "changed": false,
    "msg": "All items skipped"
}

TASK [common : user management remove local groups linux] **********************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/rm_groups.yml:20
skipping: [capsule-v-001-mm038] => {
    "changed": false,
    "skipped_reason": "No items in the list"
}

TASK [common : include_tasks] **************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/main.yml:32
included: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml for capsule-v-001-mm038

TASK [common : user management set global groups macOS] ************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20
[ERROR]: Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined.

Still too big for character post!

Gittes · September 22, 2025, 3:57am

Again, here is the rest of the error output:

Task failed.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20:3

18 #      - item not in skip_groups
19
20 - name: user management set global groups macOS
     ^ column 3

<<< caused by >>>

Finalization of task args for 'ansible.builtin.group' failed.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:24:3

22     - user_mgmt
23     - admin_accounts
24   group:
     ^ column 3

<<< caused by >>>

Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:26:10

24   group:
25     name: "{{ item }}"
26     gid: "{{ item.gid | mandatory }}"
            ^ column 10

failed: [capsule-v-001-mm038] (item={'key': 'production_ansible', 'value': {'gid': 10001}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "production_ansible",
        "value": {
            "gid": 10001
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'staging_ansible', 'value': {'gid': 20001}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "staging_ansible",
        "value": {
            "gid": 20001
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'grafana', 'value': {'gid': 10501}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "grafana",
        "value": {
            "gid": 10501
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'prometheus', 'value': {'gid': 10502}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "prometheus",
        "value": {
            "gid": 10502
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'zookeeper', 'value': {'gid': 10503}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "zookeeper",
        "value": {
            "gid": 10503
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'rundeck', 'value': {'gid': 10504}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "rundeck",
        "value": {
            "gid": 10504
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'nginx', 'value': {'gid': 10505}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "nginx",
        "value": {
            "gid": 10505
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'gnupgserver', 'value': {'gid': 10506}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "gnupgserver",
        "value": {
            "gid": 10506
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}
failed: [capsule-v-001-mm038] (item={'key': 'sequoia', 'value': {'gid': 10507}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "sequoia",
        "value": {
            "gid": 10507
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}

PLAY RECAP *********************************************************************
capsule-v-001-mm038        : ok=3    changed=0    unreachable=0    failed=1    skipped=2    rescued=0    ignored=0

I was told it was a syntax error! I think it might be something else!

Any ideas to try?

utoddl · September 22, 2025, 11:51am

Gittes:

24   group:
25     name: "{{ item }}"
26     gid: "{{ item.gid | mandatory }}"
            ^ column 10

failed: [capsule-v-001-mm038] (item={'key': 'production_ansible', 'value': {'gid': 10001}}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": {
        "key": "production_ansible",
        "value": {
            "gid": 10001
        }
    },
    "msg": "Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined."
}

This error is telling you that item doesn’t have a gid, so your expression gid: "{{ item.gid | mandatory }}" fails.

It’s also showing you what item does have, specifically key and value, and that item.value does contain a gid.

So your expression should be gid: "{{ item.value.gid | mandatory }}". (To be honest, I don’t see that “| mandatory” is gaining you anything; the task will fail with some sort of “undefined variable” message anyway.)

Also, name: "{{ item }}" isn’t going to do what you want. You need to say name: "{{ item.key }}".

Similar changes will be required in the following task, too.

chris · September 22, 2025, 11:51am

This does not look like a syntax error:

Gittes:

[ERROR]: Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': The filter plugin 'ansible.builtin.mandatory' failed: Mandatory variable 'gid' not defined.

It looks like the ansible.builtin.group task is failing because a ID number for the group, gid, is not defined.

flowerysong · September 22, 2025, 3:58pm

Okay, so you went with the dict2items option. Here is the code you were given for that:

    - name: User management set global groups macOS
      tags:
        - user_mgmt
        - admin_accounts
      ansible.builtin.group:
        name:  "{{ item.key }}"
        gid:   "{{ item.value.gid | mandatory }}"
        state: "{{ item.value.state | default('present') }}"
      loop: '{{ global_groups | dict2items  }}'
      when:
        - (item.value.state | default('present')) == 'present'

This is the code you tried:

- name: user management set global groups macOS
  tags:
    - user_mgmt
    - admin_accounts
  group:
    name: "{{ item }}"
    gid: "{{ item.gid | mandatory }}"
    state: "{{ item.state | default('present') }}"
  loop: "{{ global_groups | dict2items }}"
  when:
    - (global_groups[item].state|default('present')) == 'present'

You see how they’re different? This is why I said to “copy one of them in its entirety.” You only made one of the necessary changes, so it’s not surprising that it still produces an error.

Gittes · September 23, 2025, 12:33am

I added a this to the role:

- name: debug global_groups
  debug:
    var: test_global_groups

- name: user management set global groups macOS
  tags:
    - user_mgmt
    - admin_accounts
  group:
    name: "{{ item.key }}"
    gid: "{{ item.gid }}"
    state: "{{ item.state | default('present') }}"
  loop: "{{ test_global_groups | dict2items }}"
  when:
    - (test_global_groups[item].state|default('present')) == 'present'
    - item not in skip_groups

I tried to take out “| mandatory” and I added .key too but I don’t think it matters!

The debug still works and sees the gid or the items in the dictionary but the group module still says it can’t find it:

TASK [common : debug global_groups] ************************************************************************************************************************************************************************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:20                                                                                                                            
ok: [capsule-v-001-mm038] => {                                                                                                                                                                                                                  
    "test_global_groups": {                                                                                                                                                                                                                     
        "gnupgserver": {                                                                                                                                                                                                                        
            "gid": 10506
        },
        "grafana": {
            "gid": 10501
        },
        "nginx": {
            "gid": 10505
        },
        "production_ansible": {
            "gid": 10001
        },
        "prometheus": {
            "gid": 10502
        },
        "rundeck": {
            "gid": 10504
        },
        "sequoia": {
            "gid": 10507
        },
        "staging_ansible": {
            "gid": 20001
        },
        "zookeeper": {
            "gid": 10503
        }
    }
}

TASK [common : user management set global groups macOS] ****************************************************************************************************************************************************************************************
task path: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:24
[ERROR]: Task failed: Finalization of task args for 'ansible.builtin.group' failed: Error while resolving value for 'gid': object of type 'dict' has no attribute 'gid'

Task failed.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:24:3

22     var: test_global_groups
23
24 - name: user management set global groups macOS
     ^ column 3

<<< caused by >>>

Finalization of task args for 'ansible.builtin.group' failed.
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:28:3

26     - user_mgmt
27     - admin_accounts
28   group:
     ^ column 3

<<< caused by >>>

Error while resolving value for 'gid': object of type 'dict' has no attribute 'gid'
Origin: /Users/chris/Projects/checkouts/capsule-cloud-ops/MacStadium_ansible/roles/common/tasks/add_groups.yml:30:10
...

Gittes · September 23, 2025, 1:13am

I even put in the playbook:

debugger: on_failed

How else can I debug ansible-playbook?

Topic		Replies	Views
looping over group_vars in a task include results in mis-interpolation of $item Ansible Project	18	43	February 27, 2013
with_items/iterations over dictionary for a sysctl task. Ansible Project	7	32	February 24, 2014
help on loop over list of dicts Ansible Project	3	36	December 18, 2015
bug in "with_items" or misunderstanding? Ansible Project	3	12	November 20, 2014
Variable for loop in playbook Ansible Project	10	16	April 23, 2013

Ansible-playbook does not working with dictionary and with_items loop!

Related topics