---
- name: Podman Host | AUDIT | Gather rootless user facts
  ansible.builtin.getent:
    database: passwd
    key: "{{ _podman_host_rootless_user }}"
  register: _podman_host_rootless_user_facts

- name: Podman Host | AUDIT | Ensure the rootless user exists
  ansible.builtin.assert:
    that:
      - _podman_host_rootless_user in _podman_host_rootless_user_facts.ansible_facts.getent_passwd.keys()
    fail_msg: "User '{{ _podman_host_rootless_user }}' does not exist on this host."

- name: Podman Host | AUDIT | Ensure the rootless user has subuids defined
  ansible.builtin.command:
    cmd: "getsubids {{ _podman_host_rootless_user }}"
  changed_when: false

- name: Podman Host | AUDIT | Ensure the rootless user has subgids defined
  ansible.builtin.command:
    cmd: "getsubids -g {{ _podman_host_rootless_user }}"
  changed_when: false