Hello,
consider the following playbook (it is simplified to show the use case)
- hosts: cp_gaia
gather_facts: false
vars:
enabled_ciphers:
- aes128-ctr
- aes128-gcm@openssh.com
- aes192-ctr
- aes256-ctr
- aes256-gcm@openssh.com
enabled_kex_algorithms:
- curve25519-sha256
- curve25519-sha256@libssh.org
- diffie-hellman-group16-sha512
- diffie-hellman-group18-sha512
- diffie-hellman-group-exchange-sha256
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
enabled_mac_algorithms:
- hmac-sha2-256
- hmac-sha2-256-etm@openssh.com
- hmac-sha2-512
- hmac-sha2-512-etm@openssh.com
tasks:
- name: Set ssh server settings
check_point.gaia.cp_gaia_ssh_server_settings:
enabled_ciphers: "{{ enabled_ciphers }}"
enabled_kex_algorithms: "{{ enabled_kex_algorithms }}"
enabled_mac_algorithms: "{{ enabled_mac_algorithms }}"when run this in check mode twice after each other, I would expect that each playbook run results in changed states, since the first run should not change anything, so the second run should show the same changes. But it do the changes, even when started in check mode
$ ansible-playbook -i inventories/test/ playbooks/dev.yaml --check
PLAY [cp_gaia] *********************************************************************************************************************************************************************************************************************************************************************************
TASK [Set ssh server settings] *****************************************************************************************************************************************************************************************************************************************************************
changed: [fw1]
changed: [fw2]
PLAY RECAP *************************************************************************************************************************************************************************************************************************************************************************************
fw1 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
fw2 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Playbook run took 0 days, 0 hours, 0 minutes, 1 seconds
$ ansible-playbook -i inventories/test/ playbooks/dev.yaml --check
PLAY [cp_gaia] *********************************************************************************************************************************************************************************************************************************************************************************
TASK [Set ssh server settings] *****************************************************************************************************************************************************************************************************************************************************************
ok: [fw1]
ok: [fw2]
PLAY RECAP *************************************************************************************************************************************************************************************************************************************************************************************
fw1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
fw2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Playbook run took 0 days, 0 hours, 0 minutes, 1 seconds
$ ansible-galaxy collection list | grep gaia
check_point.gaia 7.0.0
$ ansible --version
ansible [core 2.16.14]
fw1: R81.20 Jumbo Hotfix Take 84
fw2: R81.20 Jumbo Hotfix Take 98
Hello,
consider the following playbook (it is simplified to show the use case)
when run this in check mode twice after each other, I would expect that each playbook run results in
changedstates, since the first run should not change anything, so the second run should show the same changes. But it do the changes, even when started in check mode