How to automatically fix Ansible content with Steampunk Spotter

We’re thrilled to introduce you to one of our most exciting features - the Steampunk Spotter rewrite function. With this powerful option, Spotter can automatically fix specific errors in your Ansible Playbooks, eliminating the need for manual intervention, saving you valuable time and effort.

Let’s walk through the automatic fix capabilities of Spotter.

1. Scan

First, let’s look at our playbook:

--- 

- hosts: all 
  become: false 

  tasks: 

    - name: Generate a private key 
      openssl_privatekey: 
        path: &privkey_path /etc/nginx/ssl-nginx.key 
        size: 2048 

    - action: 
        module: file 
        mode: '0644' 
        state: present 
      delegate_to: localhost 

    - name: Create a CSR 
      openssl_csr: 
        path: &csr_path /etc/nginx/ssl-nginx.csr 
        privatekey_path: *privkey_path 
        commonName: "{{ ansible_hostname }}" 
        always_run: true 
        when: true 

    - name: Generate a Self Signed OpenSSL certificate 
      openssl_certificate: 
        path: &cert_path /etc/nginx/ssl-nginx.crt 
        provider: selfsigned 
        privatekey_path: *privkey_path 
        csr_path: *csr_path 

    - name: Template out the nginx config file 
      action: 
        module: template 
        src: "nginx-{{ ansible_distribution }}.conf" 
        dest: /etc/nginx/nginx.conf 
        mode: u=rw,g=rw,o=r 
      register: nginx_config 

And now, we can run the scan:

By running the Spotter command on our Ansible Playbook, we receive valuable feedback and suggestions for improving our playbook.

2. Automatic fixes

Using the Spotter scan command with the rewrite switch, Spotter automatically changes the Ansible content wherever possible without requiring additional human intervention. You also receive a summary of rewritten checks, together with the remaining checks.

As we witness this magic at work, we can see the changes reflected in our playbook:

--- 
- hosts: all 
  become: false 

  tasks: 

    - name: Generate a private key 
      community.crypto.openssl_privatekey: 
        path: &privkey_path /etc/nginx/ssl-nginx.key 
        size: 2048 

    - ansible.builtin.file: 
        mode: '0644' 
        state: present 
      delegate_to: localhost 

    - name: Create a CSR 
      community.crypto.openssl_csr: 
        path: &csr_path /etc/nginx/ssl-nginx.csr 
        privatekey_path: *privkey_path 
        commonName: "{{ ansible_hostname }}" 
        always_run: true 
        when: true 

    - name: Generate a Self Signed OpenSSL certificate 
      community.crypto.x509_certificate: 
        path: &cert_path /etc/nginx/ssl-nginx.crt 
        provider: selfsigned 
        privatekey_path: *privkey_path 
        csr_path: *csr_path 

    - name: Template out the nginx config file 
      ansible.builtin.template: 
        src: "nginx-{{ ansible_distribution }}.conf" 
        dest: /etc/nginx/nginx.conf 
        mode: u=rw,g=rw,o=r 
      register: nginx_config

We see that Spotter excels at seamlessly handling Fully Qualified Class Names (FQCN), local actions, always run, and inline errors. The difference between the initial and finished playbooks is evident, and Spotter even generates the requirements.yml file for us, ensuring that our Ansible content runs effortlessly across different instances.

If we rerun the scan, we can observe a significant decrease in errors, thanks to Spotter’s automatic fixes:

Spotter: Your ultimate solution for speedy automatic Ansible Playbook error fixing

This concludes our demonstration of Spotter’s remarkable automatic error fixing capabilities. Try out Spotter for yourself, and experience firsthand how Spotter can save you valuable time and effort.

And remember, when in doubt, Spotter it out!

Interested in Spotter, but don’t know how to start? Explore our Getting started guide.