Ansible - conditionally include a file in a role

Question

I'm trying to craft a role that will run only if a variable gets registered is of a certain value, in this case, the md5sum of a file.

The role/main.yml looks like this:

----
- name: Has this already been done? Check for the script, & it's md5sum
  command: md5sum /usr/sbin/sendmail.postfix
  register: md5sum
  ignore_errors: True

- name: What's the value of md5sum?
  debug: var=md5sum

- include: dontrunthen.yml
  when: md5sum.stdout == "e420fc39246a11c890b30b71dda4f976"

- include: dontrunthen.yml
  when: md5sum.stdout == "ac0e57862902c2b11c7dfcdca5a79c30"

- include: runme_postfix.yml
  when: md5sum.stdout != "e420fc39246a11c890b30b71dda4f976"

That md5sum is defintely that of the file in question:

# md5sum /usr/sbin/sendmail.postfix
e420fc39246a11c890b30b71dda4f976  /usr/sbin/sendmail.postfix

Yet when I run the playbook, it "skips" the steps which should be making the role use the dontrunthen.yml playbook. It then runs the tasks in runme_postfix.yml. dontrunthen.yml should just fail and end the play:

---
- name: We don't need to run if we've made it here...
  fail: msg="Looks like this role has already been applied, try checking the file that should have been created

Any idea why this might be happening? It's not the behaviour I would expect. I have other working roles which conditionally run depending on OS, etc.

Also, is there a good reference for terms that can be used with the when statement, like varname.stdout, varname.stderr etc.? There are lots of different mentions and uses in the Ansible docs, but i can't seem to find anywhere that these are documented.

Answer 1

You can use this option, It's being tested and verified.

# md5sum /etc/postfix/post-install
5313a1031ec70f23e945b383a8f83e92  /etc/postfix/post-install

site.yml - 

- hosts: server1
  gather_facts: yes
  tasks:
   - name: Get CheckSum
     stat: path=/etc/postfix/post-install get_md5=True
     register: result

   - name: Display CheckSum
     debug: msg="{{ result.stat.md5 }}"

- hosts: server1
  roles:
     - { role: test, when: "'{{ result.stat.md5 }}' == '5313a1031ec70f23e945b383a8f83e92'" }


Test Role - 

- name: Test Disk Usage
  command: df -h

If all goes well here would be the output -

# ansible-playbook -i ansible_hosts site.yml -u root -v

PLAY [server1] *****************************************************************

GATHERING FACTS ***************************************************************
ok: [172.28.128.7]

TASK: [Get CheckSum] **********************************************************
ok: [172.28.128.7] => {"changed": false, "stat": {"atime": 1434005428.9124238, "checksum": "392e68986292b30efb1afbeccfd9f90664750dce", "ctime": 1432304683.9521008, "dev": 2049, "exists": true, "gid": 0, "inode": 266042, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "md5": "5313a1031ec70f23e945b383a8f83e92", "mode": "0755", "mtime": 1423161372.0, "nlink": 1, "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 28047, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": true, "xoth": true, "xusr": true}}

TASK: [Display CheckSum] ******************************************************
ok: [172.28.128.7] => {
    "msg": "5313a1031ec70f23e945b383a8f83e92"
}

PLAY [server1] *****************************************************************

GATHERING FACTS ***************************************************************
ok: [172.28.128.7]

TASK: [test | Test Disk Usage] ************************************************
changed: [172.28.128.7] => {"changed": true, "cmd": ["df", "-h"], "delta": "0:00:00.003426", "end": "2015-06-11 08:47:55.574780", "rc": 0, "start": "2015-06-11 08:47:55.571354", "stderr": "", "stdout": "Filesystem      Size  Used Avail Use% Mounted on\n/dev/sda1        40G  1.5G   37G   4% /\nnone            4.0K     0  4.0K   0% /sys/fs/cgroup\nudev            241M   12K  241M   1% /dev\ntmpfs            49M  372K   49M   1% /run\nnone            5.0M     0  5.0M   0% /run/lock\nnone            245M     0  245M   0% /run/shm\nnone            100M     0  100M   0% /run/user\nvagrant         465G  165G  301G  36% /vagrant", "warnings": []}

PLAY RECAP ********************************************************************
172.28.128.7               : ok=5    changed=1    unreachable=0    failed=0

I hope this will meet your requirement.

Answer 2

Might it be simply the output does not match? To me it looks like the md5 output is

e420fc39246a11c890b30b71dda4f976  /usr/sbin/sendmail.postfix

while you compare it with the string

e420fc39246a11c890b30b71dda4f976

The output seems to be very system dependent. On my system it looks like this:

MD5 (/usr/sbin/sendmail.postfix) = e420fc39246a11c890b30b71dda4f976

If this is the problem I see two options:

1. Make md5 only show the checksum, it has a -q (quite) param.
2. Search the stdout, e.g. when: "e420fc39246a11c890b30b71dda4f976" in md5sum.stdout