Today we use ansible “engine” to deploy our roles to servers.
We have two git repositories :
one for the inventory and variables (to keep an history)
one for all roles (on some other projects we have a git repository for each role which is a good practice)
This works well.
We would like to delegate runs of these playbooks to some support people… So I took a look on AWX
I had success to import in AWX what were in the inventories and variables with an import from git.
I can override variables in AWX and runs playbook that are contained in git
But values of these variables are backup only in AWX, and are not written back in git repository in yaml group_vars files and host_vars files ?
No. AWX keeps its own replica of the inventory and vars in the database.
You could write a playbook that uses the API (or the DB but i wouldn’t recommend fiddling with awx internal stuff) and write the awx vars to your repo.
But there is no out of the box way to write them from AWX to the files. And there is a good reason for that.
How do you know which vars are newer? AWX has no versioning. Since you could update some var in awx then someone else comes and updates the same var in git, then you would write the awx var onto the newer var.
It would break the entire purpose of versioning. You should only use GIT to modify vars and import them to AWX.
Today we use ansible "engine" to deploy our roles to servers.
We have two git repositories :
- one for the inventory and variables (to keep an history)
- one for all roles (on some other projects we have a git repository for
each role which is a good practice)
This works well.
...
But values of these variables are backup only in AWX, and are not
written back in git repository in yaml group_vars files and host_vars
files ?
1. you should add repo with your inventories as a project to AWX
2. create "empty" inventory
3. under that inventory go into "sources"
4. add new source with your project being the source
5. point to the inventory file in your project
considering source is consistently maintained in Git - I fail to see the
necessity to export. Above procedure is *not* an import- it's a
semi-dynamic inventory setup which is different from one-time importing.
I currently run a whole bunch of those and source of inventories is
maintained purely in Git. No additional imports no exports - just
refresh the project to pick up new revision from Git
AWX doesn’t do any writing into git repositories - it strictly reads from your git repos. As others have mentioned, you can write your own Ansible playbook or role that takes the variables in a play, connects to your git server, and updates or creates the file in git with the new variable values.