pgassmann
commented
6 years ago For Puppet and Chef, there is similar tooling available and there's already support in Pulp for puppet modules:
- librarian-puppet
- librarian-chef
- Both are based on a common ruby tool: librarian
A useful function is librarian-puppet outdated which shows the difference between the versions in the lock file and the latest version on the forge (would be galaxy)
$ librarian-puppet outdated outdated
puppet-extlib (2.3.1 -> 3.0.0)
puppet-gitlab (2.1.0 -> 3.0.2)
puppet-logrotate (3.3.0 -> 3.4.0)
puppet-mongodb (2.3.0 -> 2.4.1)
puppet-puppetboard (4.1.0 -> 5.0.0)
puppetlabs-apache (3.3.0 -> 3.4.0)
puppetlabs-apt (2.4.0 -> 6.2.1)
puppetlabs-concat (4.2.1 -> 5.1.0)
puppetlabs-inifile (2.3.0 -> 2.4.0)
puppetlabs-mysql (6.1.0 -> 7.0.0)
puppetlabs-ntp (7.2.0 -> 7.3.0)
puppetlabs-postgresql (5.10.0 -> 5.11.0)
puppetlabs-puppetdb (7.0.1 -> 7.1.0)
puppetlabs-stdlib (4.25.1 -> 5.1.0)
puppetlabs-tomcat (2.3.0 -> 2.4.0)
puppetlabs-vcsrepo (2.3.0 -> 2.4.0)
thbe-ssmtp (0.5.12 -> 0.6.0)
theforeman-dhcp (4.1.1 -> 4.2.0)
theforeman-dns (5.3.0 -> 5.3.1)
theforeman-foreman (9.2.0 -> 10.0.0)
theforeman-foreman_proxy (8.0.2 -> 9.0.0)
theforeman-tftp (4.2.0 -> 4.3.0)
unibet-forge_server (0.4.0 -> 0.5.0)Then you can update individual modules with
$ librarian-puppet update thbe-ssmtp theforeman-tftp --verbose
geerlingguy
tima
alikins
Original issue is abandonded in archived galaxy-issues project The related issue about versioning of roles is migrated: https://github.com/ansible/galaxy/issues/83 I recreated this issue in ansible-galaxy and now here.
Original issue by @geerlingguy
It would be helpful if Ansible Galaxy supported a 'lock' file.
When running
ansible-galaxy install -r requirements.yml, Ansible Galaxy could create arequirements.lockfile (or some other name) that stores the following metadata for each downloaded role:Then, if running the command
ansible-galaxy install -r requirements.ymlagain, it would install based on the exact identifiers in the lock file.The details could be a little different, of course, and we'd need a command like
ansible-galaxy update -r requirements.ymlto update an existing lockfile... but this would make idempotent playbook configurations much easier for many projects without requiring all downloaded roles be stored in the project repository (e.g. like Drupal VM currently does).Other examples of lock file support:
Original Request
For Drupal VM, we've decided to pin our requirements.yml file's role requirements to specific versions (e.g.
3.0.1,2.5.0, etc.).It would be nice if we could support some method of semver with role versions (instead of just requiring a branch or tag... and maybe this is related to/duplicate of #70), where you could specify a dependency in requirements.yml like:
When galaxy picks the tag to pull, it would check for any in the 1.7.x range, and choose the latest release. That way I don't have to spend so much time maintaining all my requirements files for various projects.
I would love to see something as involved as Composer's Version support, but I know that's a bit of a moonshot. It would be nice to have a lock file that would set the versions currently installed, too, as that would even allow me to set
masterbut lock in the versions at a specific point in time.Anyways, I was just thinking about how awesome it is to point at tagged role releases in terms of keeping one's playbook completely idempotent and stable—yet how annoying it is to have to manually tinker with the
requirements.ymlfile so often.