Use of groups in roles
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Expired
|
Undecided
|
Unassigned | ||
Trunk |
Expired
|
Undecided
|
Unassigned |
Bug Description
A number of the roles reference groups directly, the common example is to test if inventory_host is a member of a particular group, e.g.
playbooks/
This does not appear to be a standard practice with ansible and could possibly be described as an anti-pattern because the play does not control the hosts on which a role gets run. The role is no longer an abstracted unit of work but is instead tightly coupled to the inventory and the play.
If the roles are not designed for use by other projects, this issue may not be of much concern. However, if there is an expectation that the roles should be consumable outside of this project, I think that they should be reworked.
I would not go as far to say that is an anti-pattern. The construct "when: inventory_hostname in groups[somegroup]" is used quite often in the community, and lots of contributors and core-developers propose it as a solution pattern.
It is true however that this makes a role dependent of a specific group name, which at the very least should be explicitly documented, which could address this concern when the role is published for re-use outside of OSAD.
So far I do not see an easy and clean alternative way for this. I do hope that this kind of things might be addressed in Ansible when the inventory will get a major update, which AFAIK is planned post the v2.0 release. It might be useful to give this kind of feedback to upstream Ansible, though currently it might be a bit early for that.