We use Ansible to perform a number of integrations with third-party systems.
e.g.
Sync this user’s information from System X to System Y.
If the user is a member of AD group “LicenseManagement”, send an email to Person Z.
etc.
In most of our integrations we need to execute the action only once per user. There are a growing number of integrations where we can’t connect to their platform, and so I need a native way within Ansible to track whether the automation has already been actioned (for the subject user).
I am putting this out here to see if anyone has come across this before. And if there are any native things we can do within Red Hat Ansible Tower to track these sorts of states.
Many ways, just an example:
- in a handler update a host_vars/<sytemY>.yml with the list of users
already synced, notify when sync tasks run/change
- add to sync role/block/tasks a conditional based on the variable
cdreated `when: username not in already_processed_users`
Within the playbook I will need to update host_vars based on the outcome of the job. For example, after emailing user jdoe, update variable emailed_users. That way, when the job runs again a few minutes later, I want the second job to know what work was completed on the first job so not to email jdoe again. Hopefully that example makes sense.
Is there a way within the playbook that I can add jdoe to emailed_users, and record that change so that the variable change persists across multipe Ansible Tower jobs?