The role fails when conditionally included

[BboyKeen]

Hi,

I need to use your role only on specific environments so I'm using a when instruction in my role statement in my playbook like below to choose whether or not I want to deploy security rules :

roles: 
    - { role: security, when: deploy_security_rules }

Then in the task file of my "security" role I use the statements below to include your role

- name: OS hardening
  include_role:
    name: dev-sec.os-hardening

The problem occurs when I don't want to deploy security rules, i.e when deploy_security_rules = false

Here is the output I obtain during failure :

TASK [dev-sec.os-hardening : get all system accounts] **************************
[DEPRECATION WARNING]: always_run is deprecated. Use check_mode = no instead..

This feature will be removed in version 2.4. Deprecation warnings can be 
disabled by setting deprecation_warnings=False in ansible.cfg.
skipping: [vagrant-debian8.6] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}

TASK [dev-sec.os-hardening : remove always ignored system accounts from list] **
skipping: [vagrant-debian8.6] => {"changed": false, "skip_reason": "Conditional check failed", "skipped": true}

TASK [dev-sec.os-hardening : change system accounts not on the user provided ignore-list] ***
fatal: [vagrant-debian8.6]: FAILED! => {"failed": true, "msg": "'sys_accs_cond' is undefined"}

Any idea why the role is failing ?

[BboyKeen]

Sorry guys, I got all mixed up. This one is for the os-hardening repository.