When validating the changes that will be applied to the IPA servers, the default output of Ansible does not provide enough information of what is changing, and the verbose output does not provide the right type of information.
To have better visibility of changes, it would be great if the modules supported Ansible's diff flag. This way, the output would change from this:
TASK [Applying users] *************************************************************************************
changed: [ipaserver] => (item=testuser2)
changed: [ipaserver] => (item=testuser3)
TASK [Applying groups] ************************************************************************************
changed: [ipaserver] => (item=testgroup)
PLAY RECAP ************************************************************************************************
ipaserver : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
To something like this, or similar:
TASK [Applying users] *************************************************************************************
--- before
+++ after
@@ -1,5 +1,5 @@
{
"initials": [
- "TT"
+ "ABC"
]
}
changed: [ipaserver] => (item=testuser2)
--- before
+++ after
@@ -1,5 +1,5 @@
{
"initials": [
- "TT"
+ "DEF"
]
}
changed: [ipaserver] => (item=testuser3)
TASK [Applying groups] ************************************************************************************
--- before
+++ after
@@ -1 +1,6 @@
-{}
+{
+ "member_user": [
+ "testuser2",
+ "testuser3"
+ ]
+}
changed: [ipaserver] => (item=testgroup)
PLAY RECAP ************************************************************************************************
ipaserver : ok=4 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
This would be especially useful for the maintenance of users, groups, sudo, hbac rules, etc.
When validating the changes that will be applied to the IPA servers, the default output of Ansible does not provide enough information of what is changing, and the verbose output does not provide the right type of information.
To have better visibility of changes, it would be great if the modules supported Ansible's diff flag. This way, the output would change from this:
To something like this, or similar:
This would be especially useful for the maintenance of users, groups, sudo, hbac rules, etc.