Steampunk Spotter
How to automatically fix Ansible content with Steampunk Spotter
July 11, 2023 - Words by The Spotter team - 2 min read
We’re thrilled to introduce you to one of our most exciting features - the Steampunk Spotter rewrite function. With this powerful option, Spotter can automatically fix specific errors in your Ansible Playbooks, eliminating the need for manual intervention, saving you valuable time and effort.
Let’s walk through the automatic fix capabilities of Spotter.
1. Scan
First, let’s look at our playbook:
---
- hosts: all
become: false
tasks:
- name: Generate a private key
openssl_privatekey:
path: &privkey_path /etc/nginx/ssl-nginx.key
size: 2048
- action:
module: file
mode: '0644'
state: present
delegate_to: localhost
- name: Create a CSR
openssl_csr:
path: &csr_path /etc/nginx/ssl-nginx.csr
privatekey_path: *privkey_path
commonName: "{{ ansible_hostname }}"
always_run: true
when: true
- name: Generate a Self Signed OpenSSL certificate
openssl_certificate:
path: &cert_path /etc/nginx/ssl-nginx.crt
provider: selfsigned
privatekey_path: *privkey_path
csr_path: *csr_path
- name: Template out the nginx config file
action:
module: template
src: "nginx-{{ ansible_distribution }}.conf"
dest: /etc/nginx/nginx.conf
mode: u=rw,g=rw,o=r
register: nginx_config
And now, we can run the scan:
By running the Spotter command on our Ansible Playbook, we receive valuable feedback and suggestions for improving our playbook.
2. Automatic fixes
Using the Spotter scan command with the rewrite switch, Spotter automatically changes the Ansible content wherever possible without requiring additional human intervention. You also receive a summary of rewritten checks, together with the remaining checks.
As we witness this magic at work, we can see the changes reflected in our playbook:
---
- hosts: all
become: false
tasks:
- name: Generate a private key
community.crypto.openssl_privatekey:
path: &privkey_path /etc/nginx/ssl-nginx.key
size: 2048
- ansible.builtin.file:
mode: '0644'
state: present
delegate_to: localhost
- name: Create a CSR
community.crypto.openssl_csr:
path: &csr_path /etc/nginx/ssl-nginx.csr
privatekey_path: *privkey_path
commonName: "{{ ansible_hostname }}"
always_run: true
when: true
- name: Generate a Self Signed OpenSSL certificate
community.crypto.x509_certificate:
path: &cert_path /etc/nginx/ssl-nginx.crt
provider: selfsigned
privatekey_path: *privkey_path
csr_path: *csr_path
- name: Template out the nginx config file
ansible.builtin.template:
src: "nginx-{{ ansible_distribution }}.conf"
dest: /etc/nginx/nginx.conf
mode: u=rw,g=rw,o=r
register: nginx_config
We see that Spotter excels at seamlessly handling Fully Qualified Class Names (FQCN), local actions, always run, and inline errors. The difference between the initial and finished playbooks is evident, and Spotter even generates the requirements.yml file for us, ensuring that our Ansible content runs effortlessly across different instances.
If we rerun the scan, we can observe a significant decrease in errors, thanks to Spotter’s automatic fixes:
Spotter: Your ultimate solution for speedy automatic Ansible Playbook error fixing
This concludes our demonstration of Spotter’s remarkable automatic error fixing capabilities. Try out Spotter for yourself, and experience firsthand how Spotter can save you valuable time and effort.
And remember, when in doubt, Spotter it out!
Interested in Spotter, but don’t know how to start? Explore our Getting started guide.
