--- # Deploys gerrit - name: Deploy gerrit hosts: '{{ host }}' become: true vars_files: - vars/gerrit.yml - vars/internal.yml handlers: - import_tasks: handlers/main.yml pre_tasks: - name: Check if ansible cannot be run here ansible.builtin.stat: path: /etc/no-ansible register: no_ansible - name: Verify if we can run ansible ansible.builtin.assert: that: - "not no_ansible.stat.exists" success_msg: "We are able to run on this node" fail_msg: "/etc/no-ansible exists - skipping run on this node" - name: Verify if we are Rocky Linux 9 or higher ansible.builtin.assert: that: - ansible_distribution_major_version|int >= 9 - ansible_distribution | lower == "rocky" success_msg: "We are on a supported system" fail_msg: "Only Rocky Linux versions 9 or higher are supported." - name: Import vault if available ansible.builtin.include_vars: file: "{{ vault_file }}" vars: vault_file: "{{ lookup('ansible.builtin.first_found', 'vars/vaults/gerrit.yml', errors='ignore') }}" - name: Check that variables are set properly ansible.builtin.assert: that: - gerrit_database_password != "gerrit" success_msg: "Proper password is set." fail_msg: "Please set a proper database password." when: not gerrit_allow_insecure_passwords|bool roles: - role: rockylinux.ipagetcert state: present when: tls_use_internal_freeipa|bool tasks: - name: Deploy gerrit as needed ansible.builtin.import_tasks: tasks/install.yml post_tasks: - name: Touching run file that ansible has ran here ansible.builtin.file: path: /var/log/ansible.run state: touch mode: '0644' owner: root group: root ...