Delegated to localhost tasks should be "become: false"
Closed this issue · 1 comments
darlaam commented
SUMMARY
When running the keycloak_quakus playbook, it fails in the Check downloaded archive step, asking for a password.
I am able to install keycloak if I add become: false to the Check downloaded archive step :
- name: Check downloaded archive
ansible.builtin.stat:
path: "{{ local_path.stat.path }}/{{ keycloak.bundle }}"
register: local_archive_path
delegate_to: localhost
become: falseISSUE TYPE
- Bug Report
ANSIBLE VERSION
ansible [core 2.16.6]
config file = /[redacted]/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /[redacted]/.venv/lib/python3.11/site-packages/ansible
ansible collection location = /[redacted]/collections
executable location = /[redacted]/.venv/bin/ansible
python version = 3.11.8 (main, Mar 26 2024, 12:26:07) [GCC 13.2.0] (/[redacted].venv/bin/python3)
jinja version = 3.1.2
libyaml = True
COLLECTION VERSION
- geerlingguy.ntp, 2.3.1
- gitlab, 3.2.0
- lae.proxmox, v1.7.0
- gitalyCluster, master
- pgadddb, master
STEPS TO REPRODUCE
---
- name: Install keycloak
hosts: service_keycloak
roles:
- name: 'Deploy keycloak'
vars:
keycloak_quarkus_admin_pass: "{{ kc_admin_password }}"
keycloak_quarkus_host: "{{ keycloak_domain }}"
keycloak_quarkus_db_user: "{{ db_kc_user }}"
keycloak_quarkus_db_pass: "{{ db_kc_password }}"
keycloak_quarkus_jdbc_url: "jdbc:postgresql://{{ postgres_ip_1 }}:5432/keycloak"
keycloak_quarkus_jdbc_engine: "postgres"
keycloak_version: "{{ keycloak_version }}"
role: middleware_automation.keycloak.keycloak_quarkus
EXPECTED RESULTS
Keycloak to be installed
ACTUAL RESULTS
TASK [middleware_automation.keycloak.keycloak_quarkus : Download keycloak archive] ********************************************************************************************************************************
TASK [middleware_automation.keycloak.keycloak_quarkus : Download keycloak archive] ********************************************************************************************************************************
task path: /[redacted]/iac-ansible/collections/ansible_collections/middleware_automation/keycloak/roles/keycloak_quarkus/tasks/install.yml:62
ok: [10.1.0.59 -> localhost] => {"changed": false, "dest": "/[redacted]/iac-ansible/keycloak-24.0.3.zip", "elapsed": 1, "gid": 168000513, "group": "domain users", "mode": "0640", "msg": "HTTP Error 304: Not Modified", "owner": "user", "size": 176490353, "state": "file", "status_code": 304, "uid": 168001104, "url": "https://github.com/keycloak/keycloak/releases/download/24.0.3/keycloak-24.0.3.zip"}
TASK [middleware_automation.keycloak.keycloak_quarkus : Retrieve product download using JBoss Network API] ********************************************************************************************************
task path: /[redacted]/iac-ansible/collections/ansible_collections/middleware_automation/keycloak/roles/keycloak_quarkus/tasks/install.yml:87
skipping: [10.1.0.59] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
TASK [middleware_automation.keycloak.keycloak_quarkus : Determine install zipfile from search results] ************************************************************************************************************
task path: /[redacted]/iac-ansible/collections/ansible_collections/middleware_automation/keycloak/roles/keycloak_quarkus/tasks/install.yml:99
skipping: [10.1.0.59] => {"changed": false, "false_condition": "rhbk_enable is defined and rhbk_enable", "skip_reason": "Conditional result was False"}
TASK [middleware_automation.keycloak.keycloak_quarkus : Download Red Hat Build of Keycloak] ***********************************************************************************************************************
task path: /[redacted]/iac-ansible/collections/ansible_collections/middleware_automation/keycloak/roles/keycloak_quarkus/tasks/install.yml:105
skipping: [10.1.0.59] => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
TASK [middleware_automation.keycloak.keycloak_quarkus : Check downloaded archive] *********************************************************************************************************************************
task path: /[redacted]/iac-ansible/collections/ansible_collections/middleware_automation/keycloak/roles/keycloak_quarkus/tasks/install.yml:115
fatal: [10.1.0.59 -> localhost]: FAILED! => {"changed": false, "module_stderr": "sudo: password required\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
guidograzioli commented
Thanks for reporting; I am adding the missing become, however, mind that hitting the issue could be caused by running the whole playbook with become: true (I'd advise to not run it with escalation at the playbook level)