os_env_umask has no effect

[sprat]

Describe the bug

The os_env_umask variable described in the README has no effect on the role execution

Expected behavior

The variable should be taken into account

Actual behavior

The variable is not taken into account: no change when the variable is set between 2 executions

Example Playbook

---
- name: NAS
  hosts: nas
  become: true
  tasks:
    - import_role:
        name: devsec.hardening.os_hardening
      vars:
        os_env_umask: '022'

OS / Environment

Ubuntu 20.04
Linux nas-test 5.4.0-42-generic #46-Ubuntu SMP Fri Jul 10 00:24:02 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Ansible Version

ansible 2.10.3
  config file = /home/sylvain/Dev/ansible-nas/ansible.cfg
  configured module search path = ['/home/sylvain/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/sylvain/.virtualenvs/ansible-nas/lib/python3.8/site-packages/ansible
  executable location = /home/sylvain/.virtualenvs/ansible-nas/bin/ansible
  python version = 3.8.5 (default, Jul 28 2020, 12:59:40) [GCC 9.3.0]

Role Version

devsec.hardening:7.0.0

Additional context

I think it's a variable priority issue

[rndmh3ro]

I think it's a variable priority issue

Yes, that's the same problem as described here: #177

We should probably do something about it..

[sprat]

Sorry for the duplicate.

I would probably solve the problem by defining a os_env_umask_default variable per platform, and using {{ os_env_umask | default(os_env_umask_default) }} in the templates