I'm new to Ansible, and trying to wrap my head around the variety of ways
to organize playbooks and achieve certain tasks in a DRY way, without
duplicating too much logic in several places.
Right now I'm trying to find a way in which I could have with_fileglob
consolidate
files of a certain pattern from all of the roles that a host belongs to.
Specifically, some roles contain apt keys, some roles don't.
The way I envisioned setting this up is as follows. First, the role
hierarchy:
roles/
common/
files/
... # no apt keys for this role
db/
files/
... # no apt keys for this role
rabbitmq/
files/
apt_keys/
some_rabbitmq_specific_key.asc
web/
files/
apt_keys/
some_web_specific_key.asc
The task in roles/common/tasks/main.yml:
- name: add apt keys
apt_key: file="{{ item }}"
sudo: true
with_fileglob:
- apt_keys/*.asc
In my ideal world, if a host belongs to common and web, with_fileglob would
add some_web_specific_key.asc. If a host belongs to common, db and rabbitmq,
it would add some_rabbitmq_specific_key.asc.
As you've probably guessed from the fact that I'm writing this post, this
approach doesn't work. The task, placed inside common, is simply skipped,
apparently because the common role contains no apt keys (and even if it
did, it would still ignore the keys in rabbitmq and web).
Is this type of cross-role file aggregation possible? I can sort of see why
it wouldn't be, though in my current circumstance it would seem very useful.
The deeper rationale here is that I want a certain other task to get run
after *all* the apt keys that apply to a host through *all of its role
memberships* have been added. Had the approach above worked, I would have
simply placed this task right after the apt_key task in
common/tasks/main.yml, but since it doesn't, I don't know how to achieve
this. Suggestions?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/d8dfcf1b-501c-4808-87a5-2ffc8153b05e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
