Refactor delete user playbook to use prefixed variable names for clarity and consistency

playbooks/delete-user.yml

@@ -5,10 +5,11 @@
   gather_facts: true
 
   vars:
-    username: "{{ username }}"
+    # Variables will be passed in from the job template or command line
-    force_removal: "{{ force_removal | default(false) }}"
+    # Set defaults for optional parameters only
-    backup_home: "{{ backup_home | default(false) }}"
+    _force_removal: "{{ force_removal | default(false) | bool }}"
-    backup_location: "{{ backup_location | default('/tmp/user_backups') }}"
+    _backup_home: "{{ backup_home | default(false) | bool }}"
+    _backup_location: "{{ backup_location | default('/tmp/user_backups') }}"
 
   tasks:
     - name: Validate username is provided
@@ -55,7 +56,7 @@
           register: kill_result
           failed_when: false
           when: 
-            - force_removal | bool
+            - _force_removal
             - user_processes.stdout is defined
             - user_processes.stdout.strip() | int > 0
 
@@ -63,7 +64,7 @@
           ansible.builtin.pause:
             seconds: 3
           when: 
-            - force_removal | bool
+            - _force_removal
             - kill_result is changed
 
         - name: Force kill remaining processes (if force_removal is true)
@@ -71,24 +72,24 @@
           register: force_kill_result
           failed_when: false
           when: 
-            - force_removal | bool
+            - _force_removal
             - user_processes.stdout is defined
             - user_processes.stdout.strip() | int > 0
 
         - name: Create backup directory
           ansible.builtin.file:
-            path: "{{ backup_location }}"
+            path: "{{ _backup_location }}"
             state: directory
             mode: '0755'
-          when: backup_home | bool
+          when: _backup_home
 
         - name: Backup user home directory
           ansible.builtin.archive:
             path: "{{ user_home }}"
-            dest: "{{ backup_location }}/{{ username }}_home_{{ ansible_date_time.epoch }}.tar.gz"
+            dest: "{{ _backup_location }}/{{ username }}_home_{{ ansible_date_time.epoch }}.tar.gz"
             format: gz
           when: 
-            - backup_home | bool
+            - _backup_home
             - user_home is defined
             - user_home != ""
             - not ansible_check_mode
@@ -105,7 +106,7 @@
             name: "{{ username }}"
             state: absent
             remove: true
-            force: "{{ force_removal | bool }}"
+            force: "{{ _force_removal }}"
 
         - name: Verify home directory removal
           ansible.builtin.stat:
@@ -175,8 +176,8 @@
               - Cron jobs: removed
               - At jobs: removed
               - Log files: removed
-              {% if backup_home | bool %}
+              {% if _backup_home %}
-              - Home backup: {{ backup_location }}/{{ username }}_home_{{ ansible_date_time.epoch }}.tar.gz
+              - Home backup: {{ _backup_location }}/{{ username }}_home_{{ ansible_date_time.epoch }}.tar.gz
               {% endif %}
 
       when: not user_info.failed