Before submitting:
Bug description
The Ansible role for deploying the monitoring plugins repo needs root privileges for deploying the repo key on the remote host. Using become on the whole playbook results in the download task (delegated to localhost) also trying to become root, which does not work as a password is required. Giving the password breaks the privilege escalation on the remote host though...
Any help would be appreciated.
Could become: false be added to the specific download task which is delegated to localhost? Why does it need to be delegated in the first place?
Steps to reproduce
I used the following playbook
- name: Install Icinga2
hosts:
- <insert host here>
become: true
become_method: ansible.builtin.sudo
tasks:
- name: Linuxfabrik Monitoring Plugins Repo
ansible.builtin.include_role:
name: linuxfabrik.lfops.repo_monitoring_plugins
Expected behavior
I expected it to work with become: true.
Environment
localhost (Ansible executioner):
Fedora Workstation 44
Python 3.14.3
ansible [core 2.20.4]
Remote Host:
Debian 13
Additional context
Above mentioned playbook results in:
TASK [linuxfabrik.lfops.repo_monitoring_plugins : curl https://repo.linuxfabrik.ch/linuxfabrik.key --output /tmp/ansible.linuxfabrik.key] ******************************************************
[ERROR]: Task failed: Premature end of stream waiting for become success.
>>> Standard Error
sudo: a password is required
Origin: /home/username/.ansible/collections/ansible_collections/linuxfabrik/lfops/roles/repo_monitoring_plugins/tasks/Debian.yml:3:5
1 - block:
2
3 - name: 'curl https://repo.linuxfabrik.ch/linuxfabrik.key --output /tmp/ansible.linuxfabrik.key'
^ column 5
fatal: [<insert host here> -> localhost]: FAILED! => {"changed": false, "msg": "Task failed: Premature end of stream waiting for become success.\n>>> Standard Error\nsudo: a password is required"}
Before submitting:
Bug description
The Ansible role for deploying the monitoring plugins repo needs root privileges for deploying the repo key on the remote host. Using become on the whole playbook results in the download task (delegated to localhost) also trying to become root, which does not work as a password is required. Giving the password breaks the privilege escalation on the remote host though...
Any help would be appreciated.
Could become: false be added to the specific download task which is delegated to localhost? Why does it need to be delegated in the first place?
Steps to reproduce
I used the following playbook
Expected behavior
I expected it to work with become: true.
Environment
localhost (Ansible executioner):
Fedora Workstation 44
Python 3.14.3
ansible [core 2.20.4]
Remote Host:
Debian 13
Additional context
Above mentioned playbook results in: