sharing roles

On a normal system, I would install all of my roles into a common place (e.g. /etc/ansible/roles/). Then, any playbook on the system can use any of them. I store each role in a separate git repo.

In AWX, projects seem to be completed self-contained units. It appears as though, if I wanted to reuse the same role in multiple projects, I would have to import that role (requirements.yml) into each of the projects, but that playbooks/roles in project1 are unable to re-use roles in project2.

Is there any way around this? Is there some directory where I can install roles that can be used by any playbook in any project?

The problem I have with this is that I have one git repo that stores all of my playbooks (that use these roles) that are organized in subdirectories. If I were to install this as a single project, then the requirements.yml would install all of the roles in a directory not accessible by the playbooks:

My tree in git:

.

├── playbooks/

│ ├── collection1/

│ │ └── playbook1.yml

│ └── collection2/

│ ├── playbook1.yml

│ └── playbook2.yml

└── roles/

└── requirements.yml

Tree after installing roles:

.

├── playbooks/

│ ├── collection1/

│ │ └── playbook1.yml

│ └── collection2/

│ ├── playbook1.yml

│ └── playbook2.yml

└── roles/

├── role1/

├── role2/

└── requirements.yml

The idea of creating a separate git repo for every collection saddens me, so I’d prefer to not have to do that.
I haven’t gotten AWX to successfully install the requirements, so I haven’t been able to verify that that tree structure won’t work, but it doesn’t work when running ansible-playbook in a typical setting.

You can keep an ansible.cfg alongside your playbooks: http://docs.ansible.com/ansible-tower/latest/html/administration/tipsandtricks.html#locate-and-configure-the-ansible-configuration-file

(Whew, you sure did send a lot of emails/question in a short period of time)

So, can I use relative paths in the cfg file (e.g. roles_path=…/roles/ or roles_path=…/…/)? I don’t want my playbooks to have to remember the absolute path that might change based on how these are deployed.

Will this work with role dependencies? e.g. I have one role that is just libs (modules, plugins, etc) and then other roles that require these. Currently, I list the libs role in the dependencies so that they are loaded and I can use the libs in my role tasks. With normal cmdline ansible, this all works perfectly (my /etc/ansible/ansible.cfg file just sets the roles_path and I use ansible-galaxy to install all of the roles into the appropriate dir).

And yeah, I wanted to try as many things as I could before posting, so I waited until the end of the day to post everything that I couldn’t figure out.

(and thanks for the quick replies to all of my inquiries)

There’s only one way to find out, try it and see

SOLVED!

1. Mount a docker volume into awx_tasks to hold all custom things: <host_dir>:<docker_dir>.
2. Set the ANSIBLE_CONFIG directory to point to the <docker_dir>.
3. Install the shared roles into the <host_dir>/roles/ on your host machine.
4. Install a custom ansible.cfg into this dir on your host machine.
5. Set roles_path=<docker_dir>/roles in the .cfg file.

Now, I can import a project and run a playbook that does this:

---

• name: test things

roles:

• customrole1

Detailed example:
1,2: I made the following change to the docker task (then ran the install.yml playbook):

$ git diff local_docker/tasks/main.yml

diff --git a/installer/local_docker/tasks/main.yml b/installer/local_docker/tasks/main.yml

index 7eba9d357…1093bdec9 100644

— a/installer/local_docker/tasks/main.yml

+++ b/installer/local_docker/tasks/main.yml

@@ -198,7 +198,10 @@

links: “{{ awx_task_container_links|list }}”

user: root

hostname: awx

• volumes:

• • “/opt/awx:/opt/ansible”

env:

• ANSIBLE_CONFIG: “/opt/ansible/ansible.cfg”

SECRET_KEY: “{{ awx_secret_key }}”

DATABASE_NAME: “{{ pg_database }}”

DATABASE_USER: “{{ pg_username }}”

3: run: ansible-galaxy install -r requirements.yml -p /opt/awx/roles/

4,5: then, on my host machine, I set /opt/awx/ansible.cfg: