Tags or Variables, not sure which way to go

Archives Ansible Project
1

So I am having an issue about not knowing what the best thing to do is. Here’s what I am trying to accomplish…

I have the following sanitized tasks:

  • name: Set authorized key ( prod)

authorized_key:
user: ansible
state: present
key: “{{ lookup(‘file’, 'ssh public key file) }}”
key_options: ‘from=“Prod control node IP”’

  • name: Set authorized key ( test)

authorized_key:
user: ansible
state: present
key: “{{ lookup(‘file’, 'ssh public key file) }}”
key_options: ‘from=“testlab control node IP”’

The key option specifies that only the ansible control node can use ssh keys to the ansible account.

So is there a way to say execute the prod task unless a “test” tag is passed? At the same time, I want to do the opposite with the test task, and say only execute if the “test” tag is passed. (I know how to do this second part),

My other option, would be to just set a variable, and I know I can do it that way, but wasn’t sure if I could do the same thing with a tag.

–John

2

Hi John,

The opposite of “- -tags my_tag” is “—skip-tags my_tag” - see the updated documentation on tags at https://docs.ansible.com/ansible/devel/user_guide/playbooks_tags.html.

You would, of course, need to add tags to your task, block, or play before you could select or skip those tags at runtime.

Hope this helps,
Alicia

3

Thanks for the response. I did see that this morning, but hadn’t had a chance to test it out yet. I"ll give that option a shot and see if it’s better than the variable method I ended up writing.

–John