Is there any best practice around the use and/or documentation of sudo/become with roles? These are the questions I’m unsure about and have not seen any related guidelines:
-
If a role requires sudo priviledges for one or more tasks, should it apply it just for those tasks? Or not use “become” at all and let the playbook calling the role apply it?
-
If priviledges are required but not applied in the role, would it be good practice to document the need as part of the role docs?
thanks!