Rework Molecule prepare phase to install sudo only if root on target

molecule/prepare.yml

@@ -3,28 +3,31 @@
   ansible.builtin.debug:
     msg: "Ansible version is  {{ ansible_version.full }}"
 
+- name: "Set package name for sudo"
+  ansible.builtin.set_fact:
+    sudo_pkg_name: sudo
 
 - name: "Ensure {{ sudo_pkg_name }} is installed (if user is root)."
   ansible.builtin.yum:
     name: "{{ sudo_pkg_name }}"
+    state: present
   when:
     - ansible_user_id == 'root'
 
-
 - name: Gather the package facts
   ansible.builtin.package_facts:
     manager: auto
 
-- name: "Check if {{ sudo_pkg_name }} is installed."
+- name: "Check if sudo is installed."
   ansible.builtin.assert:
     that:
       - sudo_pkg_name in ansible_facts.packages
+    fail_msg: "sudo is not installed on target system"
 
-- name: Install sudo
+- name: "Install iproute"
   become: yes
   ansible.builtin.yum:
     name:
-      - sudo
       - iproute
     state: present
 
@@ -36,6 +39,8 @@
   when:
     - assets_server is defined
     - assets_server | length > 0
+    - assets is defined
+    - assets | length > 0
   block:
     - name: "Set offline when assets server from env is defined"
       ansible.builtin.set_fact:

molecule/quarkus-devmode/prepare.yml

@@ -2,20 +2,20 @@
 - name: Prepare
   hosts: all
   tasks:
-    - name: Install sudo
+    - name: "Ensure common prepare phase are set."
+      ansible.builtin.include_tasks: ../prepare.yml
+
+    - name: Install JDK17
+      become: yes
       ansible.builtin.yum:
         name:
-          - sudo
           - java-17-openjdk-headless
         state: present
 
     - name: Link default logs directory
+      become: yes
       ansible.builtin.file:
         state: link
         src: /usr/lib/jvm/jre-17-openjdk
         dest: /opt/openjdk
         force: true
-
-    - name: "Display hera_home if defined."
-      ansible.builtin.set_fact:
-        hera_home: "{{ lookup('env', 'HERA_HOME') }}"

molecule/quarkus/prepare.yml

@@ -2,14 +2,8 @@
 - name: Prepare
   hosts: all
   tasks:
-    - name: Install sudo
-      ansible.builtin.yum:
-        name: sudo
-        state: present
-
-    - name: "Display hera_home if defined."
-      ansible.builtin.set_fact:
-        hera_home: "{{ lookup('env', 'HERA_HOME') }}"
+    - name: "Ensure common prepare phase are set."
+      ansible.builtin.include_tasks: ../prepare.yml
 
     - name: Create certificate request
       ansible.builtin.command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -nodes -subj '/CN=instance'
@@ -17,12 +11,14 @@
       changed_when: False
 
     - name: Create conf directory # risky-file-permissions in test user account does not exist yet
+      become: yes
       ansible.builtin.file:
         state: directory
         path: "/opt/keycloak/certs/"
         mode: 0755
 
     - name: Copy certificates
+      become: yes
       ansible.builtin.copy:
         src: "{{ item }}"
         dest: "/opt/keycloak/certs/{{ item }}"

molecule/quarkus/verify.yml

@@ -49,8 +49,9 @@
           - keycloak_log_folder.stat.exists
           - not keycloak_log_folder.stat.isdir
           - keycloak_log_folder.stat.islnk
-          
+
     - name: Check log file
+      become: yes
       ansible.builtin.stat:
         path: "/tmp/keycloak/keycloak.log"
       register: keycloak_log_file
@@ -62,6 +63,7 @@
           - not keycloak_log_file.stat.isdir
 
     - name: Check default log folder
+      become: yes
       ansible.builtin.stat:
         path: "/var/log/keycloak"
       register: keycloak_default_log_folder