Hello,
I have written a role create_user which does the following:
- creates a user U
- creates /etc/ssh/authorizedkeys/U with content of user U's
authorizedkeys (copy task)
- creates /etc/ssh/ignores/ignore_U with content U (copy task)
The role needs two variables:
- username
- authorizedkeys
Now when wanted to use the role in another one I have two options.
Say my other rule name is setup_jenkins_build_user where I want to
create a user jenkins, it's authorized keys are specified in
roles/setup_jenkins_build_user/files/authorizedkeys
Option a)
I do this in roles/setup_jenkins_build_user/tasks/main.yml:
- include: "{playbook_dir}/roles/create_user/tasks/main.yml"
vars:
- username: jenkins
- authorizedkeys: "{{lookup('file', role_path + '/files/authorizedkeys')}}"
which I do not like, because {{playbook_dir}} makes an assumption
about where the role create_user resides. Usage of role_path is OK
here, I think, because role_path just points to the role
setup_jenkins_build_user here and does not break encapsulation.
Option b)
I declare create_user as a dependency in
roles/setup_jenkins_build_user/meta/main.yml like this:
dependencies:
- role: create_user
username: jenkins
authorizedkeys: "{{lookup('file', playbook_dir +
'/roles/setup_jenkins_build_user/files/authorizedkeys')}}"
which I do not like, because {{playbook_dir}} now makes an assumption
about where the role setup_jenkins_build_user resides.
I am not able to use role_path here, because role_path is now set to
roles/create_user but not roles/setup_jenkins_build_user
I already did look at the content of the inject parameter in
ansible/runner/lookup_plugins/file.py but could not find any reference
to the role where the dependency stemmed from.
Regards Mirko