Use ansible_facts variable

Without this change the "Import variables specific to distribution"
tasks fail with "Could not find file on the Ansible Controller..."
on environments with inject facts disabled.

This changes the tests to run with ansible with
inject_facts_as_vars = false and fixes other roles and playbooks.

playbooks/vault/vault-is-present-with-password-file.yml

@@ -7,7 +7,7 @@
   tasks:
   - copy:
       src: "{{ playbook_dir }}/password.txt"
-      dest: "{{ ansible_env.HOME }}/password.txt"
+      dest: "{{ ansible_facts['env'].HOME }}/password.txt"
       owner: "{{ ansible_user }}"
       group: "{{ ansible_user }}"
       mode: 0600
@@ -16,7 +16,7 @@
       name: symvault
       username: admin
       vault_type: symmetric
-      vault_password_file: "{{ ansible_env.HOME }}/password.txt"
+      vault_password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
   - file:
-      path: "{{ ansible_env.HOME }}/password.txt"
+      path: "{{ ansible_facts['env'].HOME }}/password.txt"
       state: absent

playbooks/vault/vault-is-present-with-public-key-file.yml

@@ -12,7 +12,7 @@
   tasks:
   - copy:
       src: "{{ playbook_dir }}/public.pem"
-      dest: "{{ ansible_env.HOME }}/public.pem"
+      dest: "{{ ansible_facts['env'].HOME }}/public.pem"
       owner: "{{ ansible_user }}"
       group: "{{ ansible_user }}"
       mode: 0600
@@ -21,7 +21,7 @@
       name: asymvault
       username: admin
       vault_type: asymmetric
-      vault_public_key_file: "{{ ansible_env.HOME }}/public.pem"
+      vault_public_key_file: "{{ ansible_facts['env'].HOME }}/public.pem"
   - file:
-      path: "{{ ansible_env.HOME }}/public.pem"
+      path: "{{ ansible_facts['env'].HOME }}/public.pem"
       state: absent

roles/ipabackup/tasks/copy_backup_from_server.yml

@@ -10,7 +10,7 @@
   set_fact:
     ipabackup_controller_dir:
         "{{ ipabackup_controller_path | default(lookup('env','PWD')) }}/{{
-         ipabackup_name_prefix | default(ansible_fqdn) }}_{{
+         ipabackup_name_prefix | default(ansible_facts['fqdn']) }}_{{
          ipabackup_item }}/"
 
 - name: Stat backup on server

roles/ipabackup/tasks/restore.yml

@@ -6,9 +6,9 @@
 - name: Import variables specific to distribution
   include_vars: "{{ item }}"
   with_first_found:
-    - "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_distribution }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}.yml"
     - "{{ role_path }}/vars/default.yml"
 
 ### GET SERVICES FROM BACKUP

roles/ipaclient/tasks/install.yml

@@ -33,7 +33,7 @@
     domain: "{{ ipaserver_domain | default(ipaclient_domain) | default(omit) }}"
     servers: "{{ ipaclient_servers | default(omit) }}"
     realm: "{{ ipaserver_realm | default(ipaclient_realm) | default(omit) }}"
-    hostname: "{{ ipaclient_hostname | default(ansible_fqdn) }}"
+    hostname: "{{ ipaclient_hostname | default(ansible_facts['fqdn']) }}"
     ntp_servers: "{{ ipaclient_ntp_servers | default(omit) }}"
     ntp_pool: "{{ ipaclient_ntp_pool | default(omit) }}"
     no_ntp: "{{ ipaclient_no_ntp }}"

roles/ipaclient/tasks/main.yml

@@ -4,9 +4,9 @@
 - name: Import variables specific to distribution
   include_vars: "{{ item }}"
   with_first_found:
-    - "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
-    - "{{ role_path }}/vars/{{ ansible_distribution }}.yml"
+    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}.yml"
     - "{{ role_path }}/vars/default.yml"
 
 - name: Install IPA client

roles/ipareplica/tasks/install.yml

@@ -72,7 +72,7 @@
             default(omit) }}"
     servers: "{{ ipareplica_servers | default(omit) }}"
     realm: "{{ ipareplica_realm | default(ipaserver_realm) |default(omit) }}"
-    hostname: "{{ ipareplica_hostname | default(ansible_fqdn) }}"
+    hostname: "{{ ipareplica_hostname | default(ansible_facts['fqdn']) }}"
     ca_cert_files: "{{ ipareplica_ca_cert_files | default([]) }}"
     hidden_replica: "{{ ipareplica_hidden_replica }}"
     skip_mem_check: "{{ not ipareplica_mem_check }}"

roles/ipareplica/tasks/main.yml

@@ -4,9 +4,9 @@
 - name: Import variables specific to distribution
   include_vars: "{{ item }}"
   with_first_found:
-    - "vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
+    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
-    - "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
-    - "vars/{{ ansible_distribution }}.yml"
+    - "vars/{{ ansible_facts['distribution'] }}.yml"
     - "vars/default.yml"
 
 - name: Install IPA replica

roles/ipareplica/tasks/uninstall.yml

@@ -25,7 +25,7 @@
 #  command: >
 #    /usr/sbin/ipa-replica-manage
 #    del
-#    {{ ipareplica_hostname | default(ansible_fqdn) }}
+#    {{ ipareplica_hostname | default(ansible_facts['fqdn']) }}
 #    --force
 #    --password={{ ipadm_password }}
 #  failed_when: False

roles/ipaserver/tasks/install.yml

@@ -65,7 +65,7 @@
     master_password: "{{ ipaserver_master_password | default(omit) }}"
     domain: "{{ ipaserver_domain | default(omit) }}"
     realm: "{{ ipaserver_realm | default(omit) }}"
-    hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
+    hostname: "{{ ipaserver_hostname | default(ansible_facts['fqdn']) }}"
     ca_cert_files: "{{ ipaserver_ca_cert_files | default(omit) }}"
     no_host_dns: "{{ ipaserver_no_host_dns }}"
     pki_config_override: "{{ ipaserver_pki_config_override | default(omit) }}"

roles/ipaserver/tasks/main.yml

@@ -4,9 +4,9 @@
 - name: Import variables specific to distribution
   include_vars: "{{ item }}"
   with_first_found:
-    - "vars/{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
+    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
-    - "vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
-    - "vars/{{ ansible_distribution }}.yml"
+    - "vars/{{ ansible_facts['distribution'] }}.yml"
     - "vars/default.yml"
 
 - name: Install IPA server

tests/ansible.cfg

@@ -3,3 +3,4 @@ roles_path = ../roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/rol
 library = ../plugins/modules:~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
 module_utils = ../plugins/module_utils:~/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
 host_key_checking = false
+inject_facts_as_vars = false

tests/dnsrecord/env_vars.yml

@@ -2,9 +2,9 @@
 # Set common vars and facts for test.
 - name: Set IPv4 address prefix.
   set_fact:
-    ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
+    ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                      join('.') }}"
-    ipv4_reverse_sufix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
+    ipv4_reverse_sufix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                             reverse |
                             join('.') }}"
 

tests/dnsrecord/test_dnsrecord.yml

@@ -564,7 +564,7 @@
       ipaadmin_password: SomeADMINpassword
       name: iron01
       zone_name: "{{ safezone }}"
-      ip_address: "{{ ansible_default_ipv4.address }}"
+      ip_address: "{{ ansible_facts['default_ipv4'].address }}"
     register: result
     failed_when: not result.changed
 

tests/hbacrule/test_hbacrule.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   # CLEANUP TEST ITEMS

tests/host/certificate/test_host_certificate.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Generate self-signed certificates.

tests/host/certificate/test_hosts_certificate.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Host test absent

tests/host/test_host.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn .. host6_fqdn
@@ -33,7 +33,7 @@
 
   - name: Get IPv4 address prefix from server node
     set_fact:
-      ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
+      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                        join('.') }}"
 
   - name: Host "{{ host1_fqdn }}" present

tests/host/test_host_allow_create_keytab.yml

@@ -6,12 +6,12 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Get Realm from server name
     set_fact:
-      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
     when: ipaserver_realm is not defined
 
   - name: Set host1_fqdn .. host3_fqdn

tests/host/test_host_allow_retrieve_keytab.yml

@@ -6,12 +6,12 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Get Realm from server name
     set_fact:
-      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
     when: ipaserver_realm is not defined
 
   - name: Set host1_fqdn .. host3_fqdn

tests/host/test_host_bool_params.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn .. host6_fqdn

tests/host/test_host_ipaddresses.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn .. host6_fqdn
@@ -17,7 +17,7 @@
 
   - name: Get IPv4 address prefix from server node
     set_fact:
-      ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
+      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                        join('.') }}"
 
   - name: Host absent

tests/host/test_host_managedby_host.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn .. host2_fqdn
@@ -55,39 +55,39 @@
     register: result
     failed_when: result.changed
 
-  - name: Host "{{ host1_fqdn }}" managed by "{{ ansible_fqdn }}"
+  - name: Host "{{ host1_fqdn }}" managed by "{{ ansible_facts['fqdn'] }}"
     ipahost:
       ipaadmin_password: SomeADMINpassword
       name: "{{ host1_fqdn }}"
-      managedby_host: "{{ ansible_fqdn }}"
+      managedby_host: "{{ ansible_facts['fqdn'] }}"
       action: member
     register: result
     failed_when: not result.changed
 
-  - name: Host "{{ host1_fqdn }}" managed by "{{ ansible_fqdn }}" again
+  - name: Host "{{ host1_fqdn }}" managed by "{{ ansible_facts['fqdn'] }}" again
     ipahost:
       ipaadmin_password: SomeADMINpassword
       name: "{{ host1_fqdn }}"
-      managedby_host: "{{ ansible_fqdn }}"
+      managedby_host: "{{ ansible_facts['fqdn'] }}"
       action: member
     register: result
     failed_when: result.changed
 
-  - name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_fqdn }}"
+  - name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_facts['fqdn'] }}"
     ipahost:
       ipaadmin_password: SomeADMINpassword
       name: "{{ host1_fqdn }}"
-      managedby_host: "{{ ansible_fqdn }}"
+      managedby_host: "{{ ansible_facts['fqdn'] }}"
       action: member
       state: absent
     register: result
     failed_when: not result.changed
 
-  - name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_fqdn }}" again
+  - name: Host "{{ host1_fqdn }}" not managed by "{{ ansible_facts['fqdn'] }}" again
     ipahost:
       ipaadmin_password: SomeADMINpassword
       name: "{{ host1_fqdn }}"
-      managedby_host: "{{ ansible_fqdn }}"
+      managedby_host: "{{ ansible_facts['fqdn'] }}"
       action: member
       state: absent
     register: result

tests/host/test_host_principal.yml

@@ -6,12 +6,12 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Get Realm from server name
     set_fact:
-      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
     when: ipaserver_realm is not defined
 
   - name: Set host1_fqdn

tests/host/test_host_random.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn and host2_fqdn
@@ -77,11 +77,11 @@
     debug:
       var: ipahost.host["{{host2_fqdn }}"].randompassword
 
-  - name: Enrolled host "{{ ansible_fqdn }}" fails to set random password with update_password always
+  - name: Enrolled host "{{ ansible_facts['fqdn'] }}" fails to set random password with update_password always
     ipahost:
       ipaadmin_password: SomeADMINpassword
       hosts:
-      - name: "{{ ansible_fqdn }}"
+      - name: "{{ ansible_facts['fqdn'] }}"
         random: yes
       update_password: always
     register: ipahost
@@ -89,7 +89,7 @@
 
   - assert:
       that:
-      - ipahost.host["{{ ansible_fqdn }}"].randompassword is
+      - ipahost.host["{{ ansible_facts['fqdn'] }}"].randompassword is
         not defined
       - "'Password cannot be set on enrolled host' in ipahost.msg"
 

tests/host/test_host_reverse.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn
@@ -23,7 +23,7 @@
 
   - name: Get IPv4 address prefix from server node
     set_fact:
-      ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
+      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                        join('.') }}"
 
   - name: Set zone prefixes.

tests/host/test_hosts.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn .. host6_fqdn

tests/host/test_hosts_managedby_host.yml

@@ -6,7 +6,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Set host1_fqdn .. host5_fqdn

tests/host/test_hosts_principal.yml

@@ -6,12 +6,12 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Get Realm from server name
     set_fact:
-      ipaserver_realm: "{{ ansible_fqdn.split('.')[1:] | join ('.') | upper }}"
+      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
     when: ipaserver_realm is not defined
 
   - name: Set host1_fqdn .. host2_fqdn

tests/hostgroup/test_hostgroup.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Ensure host-group databases, mysql-server and oracle-server are absent

tests/role/env_facts.yml

@@ -1,7 +1,7 @@
 ---
 - name: Get Domain from server name
   set_fact:
-    ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+    ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
   when: ipaserver_domain is not defined
 
 - name: Set fact for realm name

tests/service/certificate/test_service_certificate.yml

@@ -29,12 +29,12 @@
   # setup
   - name: Get Domain from server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
     when: ipaserver_domain is not defined
 
   - name: Get IPv4 address prefix from server node
     set_fact:
-      ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] |
+      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                        join('.') }}"
 
   - name: Set test host FQDN

tests/service/env_vars.yml

@@ -1,7 +1,7 @@
 ---
     - name: Get Domain from server name
       set_fact:
-        test_domain: "{{ ansible_fqdn.split('.')[1:] | join('.') }}"
+        test_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join('.') }}"
 
     - name: Set host1, host2 and svc hosts fqdn
       set_fact:
@@ -12,4 +12,4 @@
 
     - name: Get IPv4 address prefix from server node
       set_fact:
-        ipv4_prefix: "{{ ansible_default_ipv4.address.split('.')[:-1] | join('.') }}"
+        ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] | join('.') }}"

tests/service/test_service_disable.yml

@@ -19,13 +19,13 @@
   - name: Ensure service is absent
     ipaservice:
       ipaadmin_password: SomeADMINpassword
-      name: "mysvc1/{{ ansible_fqdn }}"
+      name: "mysvc1/{{ ansible_facts['fqdn'] }}"
       state: absent
 
   - name: Ensure service is present
     ipaservice:
       ipaadmin_password: SomeADMINpassword
-      name: "mysvc1/{{ ansible_fqdn }}"
+      name: "mysvc1/{{ ansible_facts['fqdn'] }}"
       certificate:
         - MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDTALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpHVkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzMLJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIToTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpcxj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+QeNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqicuPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6noobyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
       force: no
@@ -33,51 +33,51 @@
     failed_when: not result.changed
 
   - name: Obtain keytab
-    shell: ipa-getkeytab -s "{{ ansible_fqdn }}" -p "mysvc1/{{ ansible_fqdn }}" -k mysvc1.keytab
+    shell: ipa-getkeytab -s "{{ ansible_facts['fqdn'] }}" -p "mysvc1/{{ ansible_facts['fqdn'] }}" -k mysvc1.keytab
 
   - name: Verify keytab
-    shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
+    shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
     register: result
     failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
 
   - name: Ensure service is disabled
     ipaservice:
       ipaadmin_password: SomeADMINpassword
-      name: "mysvc1/{{ ansible_fqdn }}"
+      name: "mysvc1/{{ ansible_facts['fqdn'] }}"
       state: disabled
     register: result
     failed_when: not result.changed
 
   - name: Verify keytab
-    shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
+    shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
     register: result
     failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
 
   - name: Obtain keytab
-    shell: ipa-getkeytab -s "{{ ansible_fqdn }}" -p "mysvc1/{{ ansible_fqdn }}" -k mysvc1.keytab
+    shell: ipa-getkeytab -s "{{ ansible_facts['fqdn'] }}" -p "mysvc1/{{ ansible_facts['fqdn'] }}" -k mysvc1.keytab
 
   - name: Verify keytab
-    shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
+    shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
     register: result
     failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
 
   - name: Ensure service is disabled
     ipaservice:
       ipaadmin_password: SomeADMINpassword
-      name: "mysvc1/{{ ansible_fqdn }}"
+      name: "mysvc1/{{ ansible_facts['fqdn'] }}"
       state: disabled
     register: result
     failed_when: not result.changed
 
   - name: Verify keytab
-    shell: ipa service-find "mysvc1/{{ ansible_fqdn }}"
+    shell: ipa service-find "mysvc1/{{ ansible_facts['fqdn'] }}"
     register: result
     failed_when: result.failed or result.stdout | regex_search(" Keytab. true")
 
   - name: Ensure service is disabled, with no keytab.
     ipaservice:
       ipaadmin_password: SomeADMINpassword
-      name: "mysvc1/{{ ansible_fqdn }}"
+      name: "mysvc1/{{ ansible_facts['fqdn'] }}"
       state: disabled
     register: result
     failed_when: result.changed
@@ -85,7 +85,7 @@
   - name: Ensure service is absent
     ipaservice:
       ipaadmin_password: SomeADMINpassword
-      name: "mysvc1/{{ ansible_fqdn }}"
+      name: "mysvc1/{{ ansible_facts['fqdn'] }}"
 
   - name: Destroy Kerberos tickets.
     shell: kdestroy -A -q -c ${KRB5CCNAME}

tests/sudorule/test_sudorule.yml

@@ -43,7 +43,7 @@
     ipahostgroup:
       ipaadmin_password: SomeADMINpassword
       name: cluster
-      host: "{{ ansible_fqdn }}"
+      host: "{{ ansible_facts['fqdn'] }}"
 
   - name: Ensure some sudocmds are available
     ipasudocmd:
@@ -500,20 +500,20 @@
     register: result
     failed_when: result.changed
 
-  - name: Ensure host "{{ ansible_fqdn }}" is present in sudorule.
+  - name: Ensure host "{{ ansible_facts['fqdn'] }}" is present in sudorule.
     ipasudorule:
       ipaadmin_password: SomeADMINpassword
       name: testrule1
-      host: "{{ ansible_fqdn }}"
+      host: "{{ ansible_facts['fqdn'] }}"
       action: member
     register: result
     failed_when: not result.changed
 
-  - name: Ensure host "{{ ansible_fqdn }}" is present in sudorule, again.
+  - name: Ensure host "{{ ansible_facts['fqdn'] }}" is present in sudorule, again.
     ipasudorule:
       ipaadmin_password: SomeADMINpassword
       name: testrule1
-      host: "{{ ansible_fqdn }}"
+      host: "{{ ansible_facts['fqdn'] }}"
       action: member
     register: result
     failed_when: result.changed

tests/sudorule/test_sudorule_categories.yml

@@ -7,7 +7,7 @@
   tasks:
   - name: Get Domain from the server name
     set_fact:
-      ipaserver_domain: "{{ ansible_fqdn.split('.')[1:] | join ('.') }}"
+      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
 
   - name: Ensure sudorules are absent
     ipasudorule:

tests/vault/env_cleanup.yml

@@ -40,7 +40,7 @@
 
   - name: Remove files from target host.
     file:
-      path: "{{ ansible_env.HOME }}/{{ item }}"
+      path: "{{ ansible_facts['env'].HOME }}/{{ item }}"
       state: absent
     with_items:
     - A_private.pem

tests/vault/env_setup.yml

@@ -19,7 +19,7 @@
   - name: Copy files to target host.
     copy:
       src: "{{ playbook_dir }}/{{ item }}"
-      dest: "{{ ansible_env.HOME }}/{{ item }}"
+      dest: "{{ ansible_facts['env'].HOME }}/{{ item }}"
     with_items:
     - A_private.pem
     - A_public.pem

tests/vault/tasks_vault_members.yml

@@ -151,7 +151,7 @@
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
       action: member
-      services: "HTTP/{{ ansible_fqdn }}"
+      services: "HTTP/{{ ansible_facts['fqdn'] }}"
     register: result
     failed_when: not result.changed
 
@@ -160,7 +160,7 @@
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
       action: member
-      services: "HTTP/{{ ansible_fqdn }}"
+      services: "HTTP/{{ ansible_facts['fqdn'] }}"
     register: result
     failed_when: result.changed
 
@@ -169,7 +169,7 @@
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
       action: member
-      services: "HTTP/{{ ansible_fqdn }}"
+      services: "HTTP/{{ ansible_facts['fqdn'] }}"
       state: absent
     register: result
     failed_when: not result.changed
@@ -179,7 +179,7 @@
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
       action: member
-      services: "HTTP/{{ ansible_fqdn }}"
+      services: "HTTP/{{ ansible_facts['fqdn'] }}"
       state: absent
     register: result
     failed_when: result.changed
@@ -264,7 +264,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
-      ownerservices: "HTTP/{{ ansible_fqdn }}"
+      ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
       action: member
     register: result
     failed_when: not result.changed
@@ -273,7 +273,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
-      ownerservices: "HTTP/{{ ansible_fqdn }}"
+      ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
       action: member
     register: result
     failed_when: result.changed
@@ -282,7 +282,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
-      ownerservices: "HTTP/{{ ansible_fqdn }}"
+      ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
       state: absent
       action: member
     register: result
@@ -292,7 +292,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: "{{vault.name}}"
-      ownerservices: "HTTP/{{ ansible_fqdn }}"
+      ownerservices: "HTTP/{{ ansible_facts['fqdn'] }}"
       state: absent
       action: member
     register: result

tests/vault/test_vault_asymmetric.yml

@@ -68,7 +68,7 @@
       ipaadmin_password: SomeADMINpassword
       name: asymvault
       vault_type: asymmetric
-      public_key_file: "{{ ansible_env.HOME }}/A_public.pem"
+      public_key_file: "{{ ansible_facts['env'].HOME }}/A_public.pem"
       private_key: "{{ lookup('file', 'B_private.b64') }}"
     register: result
     failed_when: result.failed or not result.changed
@@ -77,7 +77,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: asymvault
-      private_key_file: "{{ ansible_env.HOME }}/A_private.pem"
+      private_key_file: "{{ ansible_facts['env'].HOME }}/A_private.pem"
       state: retrieved
     register: result
     failed_when: result.failed or result.changed or result.vault.data != 'SomeValue'
@@ -87,8 +87,8 @@
       ipaadmin_password: SomeADMINpassword
       name: asymvault
       vault_type: asymmetric
-      public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
+      public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
-      private_key_file: "{{ ansible_env.HOME }}/A_private.pem"
+      private_key_file: "{{ ansible_facts['env'].HOME }}/A_private.pem"
     register: result
     failed_when: result.failed or not result.changed
 
@@ -115,8 +115,8 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: asymvault
-      public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
+      public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
-      private_key_file: "{{ ansible_env.HOME }}/A_private.pem"
+      private_key_file: "{{ ansible_facts['env'].HOME }}/A_private.pem"
     register: result
     failed_when: result.failed or not result.changed
 
@@ -154,11 +154,11 @@
     register: result
     failed_when: result.vault.data != 'Hello World.' or result.changed
 
-  - name: Retrieve data from asymmetric vault into file {{ ansible_env.HOME }}/data.txt.
+  - name: Retrieve data from asymmetric vault into file {{ ansible_facts['env'].HOME }}/data.txt.
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: asymvault
-      out: "{{ ansible_env.HOME }}/data.txt"
+      out: "{{ ansible_facts['env'].HOME }}/data.txt"
       private_key: "{{ lookup('file', 'B_private.b64') }}"
       state: retrieved
     register: result
@@ -166,7 +166,7 @@
 
   - name: Verify retrieved data.
     slurp:
-      src: "{{ ansible_env.HOME }}/data.txt"
+      src: "{{ ansible_facts['env'].HOME }}/data.txt"
     register: slurpfile
     failed_when: slurpfile['content'] | b64decode != 'Hello World.'
 
@@ -192,7 +192,7 @@
       ipaadmin_password: SomeADMINpassword
       name: asymvault
       vault_type: asymmetric
-      in: "{{ ansible_env.HOME }}/in.txt"
+      in: "{{ ansible_facts['env'].HOME }}/in.txt"
     register: result
     failed_when: not result.changed
 
@@ -242,7 +242,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: asymvault
-      public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
+      public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
       vault_type: asymmetric
     register: result
     failed_when: not result.changed
@@ -251,7 +251,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: asymvault
-      public_key_file: "{{ ansible_env.HOME }}/B_public.pem"
+      public_key_file: "{{ ansible_facts['env'].HOME }}/B_public.pem"
       vault_type: asymmetric
     register: result
     failed_when: result.changed
@@ -277,7 +277,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: asymvault
-      private_key_file: "{{ ansible_env.HOME }}/B_private.pem"
+      private_key_file: "{{ ansible_facts['env'].HOME }}/B_private.pem"
       state: retrieved
     register: result
     failed_when: result.vault.data != 'Hello World.' or result.changed

tests/vault/test_vault_standard.yml

@@ -57,18 +57,18 @@
     register: result
     failed_when: result.vault.data != 'Hello World.' or result.changed
 
-  - name: Retrieve data from standard vault into file {{ ansible_env.HOME }}/data.txt.
+  - name: Retrieve data from standard vault into file {{ ansible_facts['env'].HOME }}/data.txt.
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: stdvault
-      out: "{{ ansible_env.HOME }}/data.txt"
+      out: "{{ ansible_facts['env'].HOME }}/data.txt"
       state: retrieved
     register: result
     failed_when: result.changed or result.failed or (result.vault.data | default(false))
 
   - name: Verify retrieved data.
     slurp:
-      src: "{{ ansible_env.HOME }}/data.txt"
+      src: "{{ ansible_facts['env'].HOME }}/data.txt"
     register: slurpfile
     failed_when: slurpfile['content'] | b64decode != 'Hello World.'
 
@@ -93,7 +93,7 @@
       ipaadmin_password: SomeADMINpassword
       name: stdvault
       vault_type: standard
-      in: "{{ ansible_env.HOME }}/in.txt"
+      in: "{{ ansible_facts['env'].HOME }}/in.txt"
     register: result
     failed_when: not result.changed
 

tests/vault/test_vault_symmetric.yml

@@ -63,19 +63,19 @@
     register: result
     failed_when: result.changed or result.failed or result.vault.data != 'Hello World.'
 
-  - name: Retrieve data from symmetric vault into file {{ ansible_env.HOME }}/data.txt.
+  - name: Retrieve data from symmetric vault into file {{ ansible_facts['env'].HOME }}/data.txt.
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: symvault
       password: SomeVAULTpassword
-      out: "{{ ansible_env.HOME }}/data.txt"
+      out: "{{ ansible_facts['env'].HOME }}/data.txt"
       state: retrieved
     register: result
     failed_when: result.changed or result.failed or (result.vault.data | default(false))
 
   - name: Verify retrieved data.
     slurp:
-      src: "{{ ansible_env.HOME }}/data.txt"
+      src: "{{ ansible_facts['env'].HOME }}/data.txt"
     register: slurpfile
     failed_when: slurpfile['content'] | b64decode != 'Hello World.'
 
@@ -101,7 +101,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: symvault
-      in: "{{ ansible_env.HOME }}/in.txt"
+      in: "{{ ansible_facts['env'].HOME }}/in.txt"
       password: SomeVAULTpassword
     register: result
     failed_when: result.failed or not result.changed
@@ -154,7 +154,7 @@
       ipaadmin_password: SomeADMINpassword
       name: symvault
       username: user01
-      password_file: "{{ ansible_env.HOME }}/password.txt"
+      password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
       vault_type: symmetric
     register: result
     failed_when: result.failed or not result.changed
@@ -164,7 +164,7 @@
       ipaadmin_password: SomeADMINpassword
       name: symvault
       username: user01
-      password_file: "{{ ansible_env.HOME }}/password.txt"
+      password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
       vault_type: symmetric
     register: result
     failed_when: result.failed or result.changed
@@ -191,7 +191,7 @@
     ipavault:
       ipaadmin_password: SomeADMINpassword
       name: symvault
-      password_file: "{{ ansible_env.HOME }}/password.txt"
+      password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
       state: retrieved
     register: result
     failed_when: result.failed or result.changed or result.vault.data != 'Hello World.'
@@ -328,7 +328,7 @@
       ipaadmin_password: SomeADMINpassword
       name: symvault
       password: APasswordToChange
-      new_password_file: "{{ ansible_env.HOME }}/password.txt"
+      new_password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
       vault_type: symmetric
     register: result
     failed_when: not result.changed or result.failed