when: ansible_virtualization_role != "guest" or
ansible_virtualization_type != "docker" is the same as
when: not (ansible_virtualization_role == "guest" and
ansible_virtualization_type == "docker"),
i.e. it means that the task is not executed only and only on Docker
containers. It is
Not fully true. The intent is such, but the code does more than just
containers. Setting ansible_virtualization_role != "guest" applies to
virtual machines AND any undefined container technology that Ansible facts
do not understand or know about.
On Wed, Feb 12, 2020 at 3:33 AM Jan Cerny wrote:
Hi,
The "when" statement is used to prevent execution of certain Ansible
tasks on Docker containers. It's unrelated to virtual machines. I
admit the variable name is confusing, but they're embedded in Ansible.
I think we need a comment or document this somewhere.
Regards
On Tue, Feb 11, 2020 at
ansible_virtualization_role != "guest" should never have been added as all
of the rules of a physical machine apply to a virtual machine.
However, keeping `ansible_virtualization_type != "docker"` makes sense
because many of controls don't make sense for containers themselves.
There is a bug open
Good afternoon! I am new to this list, and would normally lurk a bit more
first, but I have a question I am hoping the community might be able to help me
with.
I have been reviewing the ansible playbook content for the NIAP OSPP for RHEL 8
on the following site:
