I’m new to Ansible, and trying to wrap my head around the variety of ways to organize playbooks and achieve certain tasks in a DRY way, without duplicating too much logic in several places.
Right now I’m trying to find a way in which I could have with_fileglob consolidate files of a certain pattern from all of the roles that a host belongs to. Specifically, some roles contain apt keys, some roles don’t.
The way I envisioned setting this up is as follows. First, the role hierarchy:
roles/
common/
files/
… # no apt keys for this role
db/
files/
… # no apt keys for this role
rabbitmq/
files/
apt_keys/
some_rabbitmq_specific_key.asc
web/
files/
apt_keys/
some_web_specific_key.asc
The task in roles/common/tasks/main.yml:
- name: add apt keys
apt_key: file=“{{ item }}”
sudo: true
with_fileglob: - apt_keys/*.asc
In my ideal world, if a host belongs to common and web, with_fileglob would add some_web_specific_key.asc. If a host belongs to common, db and rabbitmq, it would add some_rabbitmq_specific_key.asc.
As you’ve probably guessed from the fact that I’m writing this post, this approach doesn’t work. The task, placed inside common, is simply skipped, apparently because the common role contains no apt keys (and even if it did, it would still ignore the keys in rabbitmq and web).
Is this type of cross-role file aggregation possible? I can sort of see why it wouldn’t be, though in my current circumstance it would seem very useful.
The deeper rationale here is that I want a certain other task to get run after all the apt keys that apply to a host through all of its role memberships have been added. Had the approach above worked, I would have simply placed this task right after the apt_key task in common/tasks/main.yml, but since it doesn’t, I don’t know how to achieve this. Suggestions?