me and @ofedoren are redesigning reports from scratch, the gist of our work is throwing away most of the code we have and storing and presenting reports in a new way. We aim to support Puppet, Ansible and OpenSCAP from the day one and good options for plugin authors to add new formats.
We won’t be changing much in the Puppet format, the report data and presentation will remain the same. However both Ansible and OpenSCAP were both designed in a way that reports do “fit” into Puppet ConfigReport implementation. This rewrite is a chance to design better reports for both, we are starting with Ansible.
I did create few test Ansible playbooks and configured Ansible with its built-in JSON callback to see how reports look like:
- A dummy playbook without fact gathering: Ansible JSON callback example · GitHub
- A dummy podman playbook with fact gathering: Ansible ANSI JSON callback example · GitHub
Now, from what I’ve learned, there are not many common information we can show for each Ansible task. Here is what I was able to find, fill me in what you would like to see in an Ansible report for each host:
- Time of the report
- Statistics (number of tasks applied, failed, skipped…)
- List of:
- Task action (e.g. “shell”)
- Task name
- Status: changed, failed, skipped
What is a bit surprising is that there is no telemetry (timing) information per individual tasks for each hosts, some tasks do have this (e.g. shell) but most others don’t. Callback is only informed how much time it took to complete across all hosts, if I understand this correctly. This could be presented on a report but with some warning perhaps about what the duration do actually represent.
I am wondering, if this is enough. It looks like Ansible have been designed in a way that tasks do not have necessary common output. This is a bit different from puppet where reports are more of “standard output” captures with some extra information about manifests which created these lines. Maybe to implement some output capturing for specific tasks like shell?
There is also a common key “invocation” which contains a lot of input data for each task, I am wondering how useful that would be. Some tasks, however, have ton of these (mostly set to
null), maybe filtering out
null values could make it more readable.
Finally, one major difference between Puppet and Ansible report seems to be diff. In Ansible, diff is only shown when explicitly executed with
--diff argument. Since Foreman does not support diff for Ansible reports today, we will not implement it, but I would love to hear opinions about that. I think that diff show in reports is a very useful feature for Puppet users.