Ansible
如何管理文件的修改副本?
按照這個答案,我想複製 OpenSSL 的配置,並進行一組特定的更改。原始文件不在我的控制範圍內,所以我無法將其設為模板。
目前我有:
- name: Make a copy copy: src: original.cnf dest: copy.cnf force: no - name: Modify ini_file: path: copy.cnf section: ... option: ... value: ...此更改序列是冪等的,但如果原始文件發生更改,則更改不會傳播到副本。如果我將其更改為
force: yes,則將傳播原始更改,但每次執行劇本時都會執行更改。這是有問題的,因為我需要在發生變化的情況下重新啟動依賴服務,但顯然這不能每次都發生。有沒有辦法以這樣一種方式維護副本,即當且僅在需要時修改目標文件?
根據約翰的回答,我最終得到了以下劇本片段。重要的部分是
changed_when: False,它確保只有修改目標配置文件副本的步驟才算作更改。- name: Create OpenSSL config copy block: - name: Create temporary file for the config's copy tempfile: register: tempfile changed_when: False - name: Copy openssl.cnf to the temporary file copy: src: "{{ openssl_cnf_source }}" dest: "{{ tempfile.path }}" mode: 0644 # Without this the next `copy` task can have issues reading the file. changed_when: False - name: Modify openssl.cnf in the temporary file ini_file: path: "{{ tempfile.path }}" section: ... option: ... value: ... changed_when: False - name: Copy the temporary file to the target OpenSSL config copy: src: "{{ tempfile.path }}" dest: "{{ openssl_cnf_copy }}" mode: 0644 owner: ... notify: - ... - name: Delete the temporary file file: path: "{{ tempfile.path }}" state: absent changed_when: False
- block: name: These two are changed every time as modifications are not in original.cnf - name: Make a temporary copy copy: src: original.cnf dest: temp.cnf force: yes - name: Modify temporary copy ini_file: path: temp.cnf section: ... option: ... value: ... - block: name: With same original.cnf and same modifications, the result will be already installed - name: Idempotent copy into place register: openssl_config_install copy: src: temp.cnf dest: copy.cnf force: yes - assert: that: - openssl_config_install is not changed