Terraform + Ansible

k4ch0 · June 23, 2019, 6:00am

Hi team,

I’m using terraform to provision some servers and using ansible to deploy software on those servers as:

resource "null_resource" "ansible-deploy" {

  provisioner "local-exec" {
    command = <<EOT
    ansible-playbook -i inventory/hosts.ini playbook.yaml
    EOT
  }
}

So far my playbook is working, but anytime I perform a change on my ansible playbook terraform did not “catch” it as a new change.

How can I do to keep track of the ansible changes on my terraform plan?

shantanugadgil · June 23, 2019, 7:37am

hi, its not supposed to catch changes in arbitrary things, it is tracking changes at “terraform resource” level.
in your case the “null_resource” named “ansible-deploy”.

terraform can be made to “re-run” the “null_resource” by adding a “trigger” section.
you can configure a trigger using the checksum (say “sha256sum” of the file “playbook.yaml”)

So, anytime the file “playbook.yaml” changes, and you run “terraform apply”, the trigger will “detect” a change, and the “null_resource” will be re-created (execute scripts in your case)

HTH,
Shantanu

k4ch0 · July 2, 2019, 1:09am

Thank you for the reply!

Works like a charm on the playbook file.
Also I need it to use it on a roles directory, but seems like any function regarding files/crypto (https://www.terraform.io/docs/configuration/functions.html) does not work on directories .

I will appreciate any light.

shantanugadgil · July 2, 2019, 5:36am

What comes to mind is a function like stat which could indicate the last modified time of the directory. As far I could search, there isn’t such a function, though some quick googling revealed:

… which in turn links to:

Not sure, but if you could verify the checksums of all the files inside a directory, I think it would achieve the same result.

Maybe you could file a feature request with the Terraform core for a “stat” equivalent function?!?

shantanugadgil · July 2, 2019, 5:39am

Silly me, just realized something as I finished clicking “Reply”. Could you not write a simple shell script which returns the stat output of the directory in question?

Maybe with: https://www.terraform.io/docs/providers/external/data_source.html

That’s all that is coming to mind with the little coffee that I have had so far!

Topic		Replies	Views
Null_resource is always replaced even if triggers don't change Terraform	2	9129	November 26, 2019
Re-triggering shell script in terraform Terraform	9	11990	February 2, 2021
How Terraform triggers Ansible when is in different repo Terraform	0	317	November 8, 2020
Terraform null_resources does not detect changes , I have to manually do taint to recreate it Terraform k8s	4	4650	April 26, 2021
Using null_resource and external data source together Terraform	3	4704	July 21, 2021

Terraform + Ansible

Related topics