# Verify passwordful sudo behaviour - name: integration/become/sudo_password.yml hosts: test-targets any_errors_fatal: true tasks: - name: Ensure sudo password absent but required. shell: whoami become: true become_user: mitogen__pw_required register: out ignore_errors: true when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] or ansible_version.full is version("2.11", ">=", strict=True) or is_mitogen - assert: that: | out.failed and ( ('password is required' in out.msg) or ('Missing sudo password' in out.msg) or ('password is required' in out.module_stderr) ) fail_msg: out={{out}} when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] or ansible_version.full is version("2.11", ">=", strict=True) or is_mitogen - name: Ensure password sudo incorrect. shell: whoami become: true become_user: mitogen__pw_required register: out vars: ansible_become_pass: nopes ignore_errors: true when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] or ansible_version.full is version("2.11", ">=", strict=True) or is_mitogen - assert: that: | out.failed and ( ('Incorrect sudo password' in out.msg) or ('sudo password is incorrect' in out.msg) ) fail_msg: out={{out}} when: # https://github.com/ansible/ansible/pull/70785 - ansible_facts.distribution not in ["MacOSX"] or ansible_version.full is version("2.11", ">=", strict=True) or is_mitogen # TODO: https://github.com/dw/mitogen/issues/692 # - name: Ensure password sudo succeeds. # shell: whoami # become: true # become_user: mitogen__pw_required # register: out # vars: # ansible_become_pass: pw_required_password # - assert: # that: # - out.stdout == 'mitogen__pw_required' tags: - sudo - sudo_password