Set check_mode variable every time

In check mode, the security role will fail when tags are used. This is because the check_mode variable wasn't being set when tags were provided. This patch ensures that the tasks that check for check mode and set the subsequent check_mode variable will run every time. Closes-bug: 1590086 Change-Id: Ib6a29ee4c36632cd6d982ce87105f0ddec4a891d
2016-06-07 13:05:49 -05:00 · 2016-06-07 13:05:49 -05:00 · d8ae1e3b04
parent 41260da8ac
commit d8ae1e3b04
2 changed files with 13 additions and 1 deletions
--- a/releasenotes/notes/fix-check-mode-with-tags-bf798856a27c53eb.yaml
+++ b/releasenotes/notes/fix-check-mode-with-tags-bf798856a27c53eb.yaml
@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    When the security role was run in Ansible's check mode and a tag was
+    provided, the ``check_mode`` variable was not being set. Any tasks which
+    depend on that variable would fail. This `bug is fixed <https://bugs.launchpad.net/openstack-ansible/+bug/1590086>`_
+    and the ``check_mode`` variable is now set properly on every playbook run.
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -27,18 +27,23 @@
  - name: Check if we're in check/audit mode
    command: /bin/true
    register: noop_result
+    tags:
+      - always

  - name: Check to see if systemd is in use
    command: systemctl status
    register: systemd_check
    failed_when: False
-    always_run: True
+    tags:
+      - always

  - name: Set facts
    set_fact:
      check_mode: "{{ noop_result | skipped }}"
      systemd_running: "{{ systemd_check | success }}"
      linux_security_module: "{{ (ansible_os_family == 'Debian') | ternary('apparmor','selinux') }}"
+    tags:
+      - always

  - include: apt.yml
    when: ansible_pkg_mgr == 'apt'