Hello all! This is a cross-post from the Matrix chat, as recommended to me for visibility.
I’m running a standalone instance of Foreman 3.8.0 / Katello 4.10 / Candlepin 4.3 / Puppet 7 / Pulp 3.28 on Rocky Linux 8 within a disconnected environment. Among others, I’ve got one public Ansible Role (GitHub - ansible-lockdown/RHEL8-STIG: Ansible role for Red Hat 8 STIG Baseline) that I have extracted to /etc/ansible/roles/ on my Foreman host. After extracting the Role content, I run ‘hammer ansible roles import’ (with the proper switches) to import the Roles. I configure a few Ansible Variables using ‘hammer ansible variables create’ that override the default values so that they are defined before performing a mass Variable import (it got mad at me when trying to change their values after the fact, but that’s not the concern right now). After that, I run ‘hammer Ansible variables import’ with only the ‘–organization’ and ‘–proxy-id’ switches. This all works as I would expect it to – the Variables show up in Foreman’s web UI under Configure → Ansible → Variables, and they are associated with the aforementioned ‘stig-hardening-el8’ Role. So far, so good… I think. I then associated the Roles that I need to the relevant Host Group. This all works as expected. When I attempt to ‘Run Ansible Roles’ associated with arbitrary hosts within the Host Group, the Job fails with “ERROR! ‘rhel8stig_firewall_service’ is undefined. ‘rhel8stig_firewall_service’ is undefined”. That specific variable is defined in the Role’s defaults/main.yml file (here’s a direct Link – https://github.com/ansible-lockdown/RHEL8-STIG/blob/f845492af16e128fe04d211426b2bcb4b82dc5eb/defaults/main.yml#L589C1-L589C1). When executing this Role using ‘Ansible-playbook’, even on the Foreman host itself, it works as expected.
I really hope it’s something stupid that I overlooked. I’m trying to move away from Ansible Tower / Ansible Automation Controller, and Foreman’s native Ansible integration seems to be the perfect replacement… Assuming I can get this working. Thanks in advance for reading that wall of text, and for any potential insight!