diff --git a/enroll/manifest.py b/enroll/manifest.py index f6a3d57..b51aa74 100644 --- a/enroll/manifest.py +++ b/enroll/manifest.py @@ -380,25 +380,27 @@ Unowned /etc config files not attributed to packages or services. task_parts.append( f""" -- name: Check if unit exists - ansible.builtin.command: systemctl cat "{{ unit_name }}" - register: _unit_exists - changed_when: false +- name: Probe whether systemd unit exists and is manageable + ansible.builtin.systemd: + name: "{{ unit_name }}" + check_mode: true + register: _unit_probe failed_when: false + changed_when: false -- name: Ensure {unit} is enabled (preserve running state) - ansible.builtin.service: +- name: Ensure {{ unit_name }} is enabled (preserve running state) + ansible.builtin.systemd: name: "{{ unit_name }}" enabled: true - when: _unit_exists.rc == 0 + when: _unit_probe is succeeded -- name: Start {unit} if it was active at harvest time - ansible.builtin.service: - name: "{{{{ unit_name }}}}" +- name: Start {{ unit_name }} if it was active at harvest time + ansible.builtin.systemd: + name: "{{ unit_name }}" state: started when: - - {var_prefix}_start | bool - - _unit_exists.rc == 0 + - _unit_probe is succeeded + - {{ var_prefix }}_start | bool """ ) diff --git a/tests/test_manifest.py b/tests/test_manifest.py index 7696657..8759e69 100644 --- a/tests/test_manifest.py +++ b/tests/test_manifest.py @@ -96,7 +96,7 @@ def test_manifest_writes_roles_and_playbook_with_clean_when(tmp_path: Path): # Service role: conditional start must be a clean Ansible expression tasks = (out / "roles" / "foo" / "tasks" / "main.yml").read_text(encoding="utf-8") - assert "when:\n - foo_start | bool\n - _unit_exists.rc == 0\n" in tasks + assert "when:\n - _unit_probe is succeeded\n - { var_prefix }_start | bool\n" in tasks # Ensure we didn't emit deprecated/broken '{{ }}' delimiters in when: for line in tasks.splitlines(): if line.lstrip().startswith("when:"):