Wazuh-ansible: "include_vars" statement overrides variable set elsewhere (e.g., in inventory)
Hello,
I'm not certain this is a proper "issue" or just a matter of taste, but the way that "include_vars" is used in some playbooks leads to unexpected results.
In particular, I've noticed that the file roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml has a handful of tasks such as
- name: Retrieving authd Credentials
include_vars: authd_pass.yml
tags:
- config
that obliterate the variable if it is declared elsewhere; for instance, as a group variable, within inventory, or as a task variable.
My proposal would be to move the contents of authd_pass.yml to a vars/main.yml within the role, and letting standard variable precedence do the work; this proposal would hold for other vars files that are intended to be user-configurable.
dragospe
All 3 comments
Hello dragospe,
I agree that include_vars is probably not what we want with these variables. I believe these should be on role's default, so users of the role have plenty more options regarding where to store such credentials, because include_vars has really high precedence.
I'll take the issue, thanks for reporting !
neonmei
on 12 Nov 2020
Thanks @neonmei , I just added this to the current milestone.
manuasir
on 12 Nov 2020
Thanks!
dragospe
on 13 Nov 2020
Related issues
paulcalabro
·
5Comments
SitoRBJ
·
4Comments
singuliere
·
4Comments
singuliere
·
13Comments
HarishaAmeen
·
5Comments
Most helpful comment
Hello dragospe,
I agree that
include_varsis probably not what we want with these variables. I believe these should be on role's default, so users of the role have plenty more options regarding where to store such credentials, becauseinclude_varshas really high precedence.I'll take the issue, thanks for reporting !