Use block in common role for become variables

roles/common/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+common_become: true
+common_become_user: root

roles/common/tasks/main.yml

@@ -1,27 +1,32 @@
 ---
-- name: check if hardware random number generator exists
-  stat:
-    path: /dev/hwrng
-  register: dev_hwrng
+- block:
 
-- name: install haveged
-  apt:
-    name: haveged
-    update_cache: true
-    cache_valid_time: 3600
-  when: not dev_hwrng.stat.exists
+  - name: check if hardware random number generator exists
+    stat:
+      path: /dev/hwrng
+    register: dev_hwrng
 
-- name: install rng-tools
-  apt:
-    name: rng-tools
-  when: dev_hwrng.stat.exists
+  - name: install haveged
+    apt:
+      name: haveged
+      update_cache: true
+      cache_valid_time: 3600
+    when: not dev_hwrng.stat.exists
 
-- name: install ca-certificates
-  apt:
-    name: ca-certificates
+  - name: install rng-tools
+    apt:
+      name: rng-tools
+    when: dev_hwrng.stat.exists
 
-- name: install apparmor
-  apt:
-    name:
-      - apparmor-profiles
-      - apparmor-utils
+  - name: install ca-certificates
+    apt:
+      name: ca-certificates
+
+  - name: install apparmor
+    apt:
+      name:
+        - apparmor-profiles
+        - apparmor-utils
+
+  become: "{{ common_become }}"
+  become_user: "{{ common_become_user }}"

tests/test.yml

@@ -15,7 +15,7 @@
       - example
   roles:
     # - ../roles/apt_dist_upgrade
-    - {role: ../roles/common, become: true}
+    - ../roles/common
     - ../roles/hostname
     # The easy ports sequece is just for test. Also don't disable strict IP
     # filtering on production.