Hey;
I’m having difficulty coming up with the right syntax to add/include roles, with tags, from a loop such that I can limit execution to specific tags.
In the tasks section, this syntax works:
Hey;
I'm having difficulty coming up with the right syntax to add/include roles, with tags, from a loop such that I can limit execution to specific tags.
Hello,
in my opinion tags should be use to control the playbook flow and not to determine which role is getting to applied to a server.
This belongs to the inventory:
- import_role:
name: mysql
when: "'mysql_servers' in group_names"
- import_role:
name: nginx
when: "'nginx_servers' in group_names"
This is more flexible than tags and a better place for the assignment of the roles.
Regards
Racke
Hey; Thanks for the reply. For clarity, I’m not using tags to identify what roles get assigned to specific hosts - I’m (going to be) using ansible group membership for that. I have a dynamic inventory script that generates host groups very reliably - I’ve been using it with ad-hoc runs for months to great effect. These two roles - and maybe a couple of more - will be applied to all hosts and I’ll have another set of roles for specific host types.
The root role, for instance, has 4 included tasks:
$ grep include roles/root/tasks/main.yml
- include_tasks: rootpwd.yml
- include_tasks: rootbin.yml
- include_tasks: root_keys.yml
- include_tasks: drexercise.yml
The initial use case is testing to verify the new included task actually works; however, when all is said and done, being able to execute just the drexercise for our periodic dr tests, rather than the entire playbook including all applicaiton settings, would be much quicker.
Thanks again for the reply.
Doug
You cannot limit tag execution this way, that ONLY applies the tag to
the include task itself, then the tag must be selected or rejected
from CLI --tags/--skip-tags.
The `tags:` keyword is ONLY for assignment of tags, never for selection.
Hey;
thanks for the reply. I’m not real clear on your meaning, though. I already know this works. When I include the roles explicitly, with tags, I can limit execution to a specific tag via the --tags cli arg. Example:
[[snip]]
yes, sorry, i had incorrectly inferred from your previous email that
you were trying to do the limiting via `tags:`, also note that while
tags: on include_role affects the execution of the 'include_role'
itself, it does not tag the included tasks, you nee to use apply: for
such things (unlike import_ which ignores the tags: and is always used
for imported tasks to inherit).
The “FAILED! …” message you cited is (I’m guessing; if I’m wrong I’ll gladly give you a refund) due to the hopeless ambiguities created by python’s treatment of strings as lists, and because Ansible is more an extension of python than it is an application written in python, so stuff like this — obscure references to inaccessible details — percolates up to the user level. (Why would an application throw implementation-language specific errors like that at users? Because the application is “python with Ansible extensions!”) Try changing your line to
apply:
tags: “{{ [ rolename.t ] }}”
or go with
apply:
tags:
- “{{ rolename.t }}”
or even
apply:
tags: “{{ rolename.t | join(‘,’) }}”
which should have the same effect, but doesn’t always because, well, python.
But more to the point: you don’t want to do this with tags. In fact I doubt this will work despite your earlier testing which lead you to believe this is a fruitful approach. Defer your insanity by using “tasks_from: ‘{{ … }}’” and structure your, er, structure to reflect your roles’ task files, possibly moderated by clever used of ansible_run_tags if you must.
Or maybe it’ll work! I hope I’m wrong. Really. Good luck.