Merci Ghislain, I ve tried it and it works as you described it, here my
files:
├── main.yml
├── role_a
│ ├── meta
│ │ └── main.yml
│ └── tasks
│ └── main.yml
└── role_handler
├── handlers
│ ├── do_certs.yml
│ └── main.yml
└── tasks
├── do_certs.yml
└── main.yml
# role_a/tasks/main.yml
- debug:
msg="Starting Role a"
- command: /bin/false
failed_when: False
changed_when: True
notify:
- do certs
# role_handler/handlers/main.yml
- name: do certs
include: do_certs.yml
# role_handler/*tasks*/do_certs.yml
- name: copy certs
debug:
msg="Copy Certs"
- name: insert certs
debug:
msg="{{ item }}"
with_items:
- cert1
- cert2
# main.yml
- hosts: localhost
connection: local
roles:
- role_a
Yields
PLAY
> ***************************************************************************
>
> TASK [setup]
> *******************************************************************
> ok: [localhost]
>
> TASK [role_handler : debug]
> ****************************************************
> ok: [localhost] => {
> "msg": "handler role included"
> }
>
> TASK [role_a : debug]
> **********************************************************
> ok: [localhost] => {
> "msg": "Starting Role a"
> }
>
> TASK [role_a : command]
> ********************************************************
> changed: [localhost]
>
> RUNNING HANDLER [role_handler : do certs]
> **************************************
> included:
> /home/ilya/spielwiese/ansible/post_roles/role_handler/tasks/do_certs.yml
> for localhost
>
> RUNNING HANDLER [role_handler : copy certs]
> ************************************
> ok: [localhost] => {
> "msg": "Copy Certs"
> }
>
> RUNNING HANDLER [role_handler : insert certs]
> **********************************
> ok: [localhost] => (item=cert1) => {
> "item": "cert1",
> "msg": "cert1"
> }
> ok: [localhost] => (item=cert2) => {
> "item": "cert2",
> "msg": "cert2"
> }
>
> PLAY RECAP
> *********************************************************************
> localhost : ok=7 changed=1 unreachable=0
> failed=0
>
>
> Compilation finished at Sat Feb 20 12:45:07
> PLAY
> ***************************************************************************
>
> TASK [setup]
> *******************************************************************
> ok: [localhost]
>
> TASK [role_handler : debug]
> ****************************************************
> ok: [localhost] => {
> "msg": "handler role included"
> }
>
> TASK [role_a : debug]
> **********************************************************
> ok: [localhost] => {
> "msg": "Starting Role a"
> }
>
> TASK [role_a : command]
> ********************************************************
> changed: [localhost]
>
> RUNNING HANDLER [role_handler : do certs]
> **************************************
> included:
> /home/ilya/spielwiese/ansible/post_roles/role_handler/tasks/do_certs.yml
> for localhost
>
> RUNNING HANDLER [role_handler : copy certs]
> ************************************
> ok: [localhost] => {
> "msg": "Copy Certs"
> }
>
> RUNNING HANDLER [role_handler : insert certs]
> **********************************
> ok: [localhost] => (item=cert1) => {
> "item": "cert1",
> "msg": "cert1"
> }
> ok: [localhost] => (item=cert2) => {
> "item": "cert2",
> "msg": "cert2"
> }
>
> PLAY RECAP
> *********************************************************************
> localhost : ok=7 changed=1 unreachable=0
> failed=0
>
>
> Compilation finished at Sat Feb 20 12:45:07
>
>
Am Donnerstag, 18. Februar 2016 15:02:10 UTC+1 schrieb Ghislain Bourgeois:
>
> This looks to me like a use case for handlers, but instead of the handler
> being in a single role, it would apply after many roles. I am not sure this
> is feasible yet, but would be interested in finding out the solution.
>
> I would have to test, but I think something like this might work:
>
> Role our-cacerts - Containing handler to replace ca-certs if they were
> changed
> Role java - depending on our-cacerts and notifying the handler
> Role x - depending on our-cacerts and notifying the handler
>
> I will try to test this today, as we have a use case that would also be
> solved by this.
>
> Regards,
>
> Ghislain
>
> From: [email protected] <javascript:> [mailto:
> [email protected] <javascript:>] On Behalf Of ProfHase
> Sent: February-18-16 5:22 AM
> To: Ansible Project
> Subject: [ansible-project] Re: Ansible Role dependencies After Role
>
> Actually everything is idempotent:
>
> The role I consider does upgrade java to a certain release. Of course the
> cacarts file gets overridden (since some certs might have been revoked
> etc.).
> After each call of this role I need my company certificates to be
> reincluded into the new cacerts file.
>
> Of course I could simply paste the tasks into this role. Unfortunately,
> there are some other roles (for e.g. patching some software) which also
> override the cacerts file.
> In this case I will have redundand code in multiple roles.
>
>
>
> Am Mittwoch, 17. Februar 2016 13:40:34 UTC+1 schrieb Alexey Vazhnov:
> May be the better way for you is make one playbook for
> non-idempotent installer role and one for idempotent configuring.
>
> On Wednesday, February 3, 2016 at 5:25:35 PM UTC+5, ProfHase wrote:
> Hello,
>
> how do I declare a role dependency which is executed after the role, e.g.
> :
>
> After every execution of role A, role B is executed
>
> According to this ons:
>
> http://docs.ansible.com/ansible/playbooks_roles.html#roles
>
> the roles in 'dependencies' are executed before.
>
> The Background:
> My Role A starts an installer that always overrides the certificates. I
> also got a certificate deployment role Role B which should always be called
> after role A.
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:>.
> To post to this group, send email to [email protected]
> <javascript:>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/614d2ccd-b50f-4fcd-b125-11b7ac2021bc%40googlegroups.com.
>
>
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/93f00158-c2d1-4fd3-b5ac-7db80631ac3f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
