I am using my playbooks right now like in this example:
ansible-playbook -i hosts product.yml --tags
"dependencies,createuser,install,createdb,configudpate,importdata"
With the tags i do the steering which parts of the playbook should be
done or skipped.
Certain things you want to do once only and tags seems a good way for
me and also keeping the code together.
Nevertheless i would like to limit the run of a playbook without
passing a tag. I.e. it would run through the install again etc.
For security reasons it should be prohibited for someone to running
the playbook without passing a tag.
Some statement like 'require tag: True' or similar at the playbook
header may be ?
Of course it does not limit which tags you are allowed to pass and i
can wrap a shellscript arround to solve it...
And as we are at the tags right now, it is good we have that
Errormessage which gives a clue when a tag is not available:
ERROR: tag(s) not found in playbook: remove. possible values:
configupdate,createdb,createuser,dependencies,install,importdata,update
What would be nice to have is a Usage Section in the playbooks. So you
can give a user some custom helptext what each tag means or what
commands are available and recommended.
Usage:
--tags "dependencies" install dependency packages
--tags "install" install software, starts service
...
Of course i can solve this by shell script arround too...