How to adjust variables in ansible role dependency of a role dependency?

[dweipert]

I posted this on stackoverflow as well: https://stackoverflow.com/questions/67130834/how-to-adjust-variables-in-ansible-role-dependency-of-a-role-dependency

--

So I got two roles, one depending on the other, and a playbook. The playbook uses the second role.

The first role is `base-server-setup` the second role is `base-server-setup-with-docker`.  
The second role has the first role as dependency in `meta/main.yml`.  
The first role has other, public roles as dependency in its `meta/main.yml` with some options passed to those roles.  
The second role needs to adjust some of the options passed to the first role's dependencies.


If I organize the roles like below, the adjustments from the second role aren't passed down to the first role's dependencies. Meaning, that the `unattended_origins_patterns` don't include `Docker` like I want them to.

**playbook.yml**
```
---
- hosts: vagrant

  vars:
    base_server_setup__user: test
    base_server_setup__password: 123456
    base_server_setup__mail: te...@example.org

  roles:
    - role: base-server-setup-with-docker
      become: true
```

**base-server-setup-with-docker/meta/main.yml** (second role)
```
---
dependencies:
  - role: base-server-setup
    vars:
      # jnv.unattended-upgrades
      unattended_origins_patterns:
        - 'o=${distro_id},a=${distro_codename}'
        - 'o=${distro_id},a=${distro_codename}-security'
        - 'o=Docker,a=${distro_codename}'
```

**base-server-setup/meta/main.yml** (first role)
```
---
dependencies:
  - role: jnv.unattended-upgrades
    vars:
      unattended_origins_patterns:
        - 'o=${distro_id},a=${distro_codename}'
        - 'o=${distro_id},a=${distro_codename}-security'
      unattended_mail: "{{ base_server_setup__mail }}"
      unattended_automatic_reboot: true
      unattended_syslog_enable: true
```

*But* if I use `include_role` **instead of setting it as a dependency** to include the first role into the second role, then the second role's adjustments to the `unattended-upgrades` dependency of the first role are passed down and `Docker` is included.

For consistency I thought it would be a good idea to use `include_role` for the `unattended-upgrades` in the first role as well. But when I do that, then the adjustments from the second role are not getting passed down to the first role's dependecies again.  
Also when having more roles that have some sort of inheritance dependency as well, then I don't know whether I could adjust the vars for dependencies of dependencies either way.

So what would be the **correct and consistent** way to do what I try to?  
Or do I go about this all wrong and the ansible way is completely different? (or if I'm better off using Chef or Puppet)