I have a task that is supposed to use a template to create a sudoers.d file and validate it. When the play runs it fails because of the validation. But when I create the file without validation and then validate the file myself it passes. In the template it uses variables to populate part of the sudoers file. I have a feeling it is related to these variables. But, when I removed the validate it populates the file correctly using those variables. I am attaching the error, task and template.
error:
`
visudo: >>> /home/vagrant/.ansible/tmp/ansible-tmp-1503552876.43-124832201376320/source: syntax error near line 1 <<<
`
template:
`
dd-agent ALL=(root) NOPASSWD:{{ ddagent_sudo_commands | join(',') }}
`
task with variables:
`
- name: Add DataDog Agent Sudoers
template:
src: etc/sudoers.d/ddagent.j2
dest: /etc/sudoers.d/ddagent
group: root
owner: root
mode: ‘0440’
validate: ‘/usr/sbin/visudo -cf %s’
when: ddagent_sudo_commands | default(None) != None
`
playbook:
`
- name: Deploy DataDog Raid Checks
hosts: myhosts
become: yes
vars: - ddagent_sudo_commands:
- ‘/etc/dd-agent/checks.d/megarc.bin’
- ‘/usr/sbin/mpt-status’
roles: - common
- Datadog.datadog
- cccom-datadog-checks
`