Change exit code of ansible-playbook if there are any changes

Hi,

is there any sensible option to make ansible-playbook exit with non-0 exit code if there are any changes to be made to target hosts?

The rationale for this is: we want to start using Jenkins to test if our production infrastructure has not diverged from the state described in Ansible roles and playbooks. It seems to be a good idea to run the playbooks in check mode and report any changes, but apart from parsing the playbook run output with shell tools, we haven’t found (yet) any reasonable solution to only detect (successful) changes and not failures.

It’s quite likely the approach is not really the best and there is some simple and elegant option to achieve the same result (e.g. some Jenkins plugin). We’ll be happy with anything that works; thank you in advance for any ideas and comments :slight_smile:

How about detecting the changed task(s) from within the playbook itself and create another task that calls a Jenkins API (assuming that’s possible)?

Eg:
`

  • name: Check for divergence
    command: <check_for_divergence.sh>
    register: is_diverged

  • name: Call Jenkins to un-diverge
    command:
    when: is_diverged | changed

`

It works ok for single tasks, but not for a ‘site’ type playbook run (i.e. hundreds of tasks), unless you sprinkle your playbooks and roles all over with such handlers. I suppose I could venture into writing custom callback plugins and use one to notify some API.

I found a simpler solution though - there’s a Log Parser plugin for Jenkins. It uses regexps for parsing the console output and it’s quite easy to spot changed tasks (say, /^changed: [/) and set the build status to unstable.