Where to place requirements.yml for Ansible and use it to resolve dependencies?

Question

I am new to ansible and was exploring dependent roles. documentation link

What I did not come across the documentation was- where to place the requirements.yml file.

For instance, if my site.yml looks like this:

---
- name: prepare system
  hosts: all
  roles:
     - role1

And, lets say

• role1 depends on role2 and role3
• role2 depends on role4 and role5

Typically, ansible-galaxy have the following structure:

└── test-role
    ├── defaults
    │   └── main.yml
    ├── files
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── README.md
    ├── tasks
    │   └── main.yml
    ├── templates
    ├── tests
    │   ├── inventory
    │   └── test.yml
    └── vars
        └── main.yml

Dependencies, are added to meta/main.yml. Assuming, role1 has dependencies marked in this file like (and likewise for role2):

dependencies: 
  - role: role2
  - role: role3

And, I also have a requirements.yml file which looks like:

---    
- src: some git link1
  version: master
  name: role2
- src: some git link2
  version: master
  name: role3

My question: where do I place this requirements.yml file for role1?

I understand the requirements will need to be installed by the command,

ansible-galaxy install -r requirements.yml -p roles/

And, I can do this for role1, but how does this get automated for role2? Do the successive dependencies need to be resolved and installed manually this way, or is there something better?

Answer 1

Technically speaking, you could put your requirements.yml file anywhere you like as long as you reflect the correct path in your ansible-galaxy install command.

Meanwhile, if you ever want to run your playbooks from Ansible Tower/Awx, I suggest you stick to the Ansible Tower requirements and put your requirements.yml file in <project-top-level-directory>/roles/requirements.yml

Regarding dependencies between roles, ansible-galaxy is able to follow them by itself when they are encountered during installation. So you don't need to specify all of them in your requirements.yml, only top level ones. You just need to specify your dependencies correctly in each external roles.

In meta/main.yml for role1

dependencies:
  - src: https://my.scm.com/my-ansible-roles/role2.git
    scm: git
    version: master
    name: role2
  - src: https://my.scm.com/my-ansible-roles/role3.git
    scm: git
    version: master
    name: role3

In meta/main.yml for role2

dependencies:
  - src: https://my.scm.com/my-ansible-roles/role4.git
    scm: git
    version: master
    name: role4
  - src: https://my.scm.com/my-ansible-roles/role5.git
    scm: git
    version: master
    name: role5

roles/requirements.yml

---    
- src: https://my.scm.com/my-ansible-roles/role1.git
  scm: git
  version: master
  name: role1

To be as exhaustive as possible, this is what I now usually do on my projects to handle dependencies locally as well as local/project only roles

Basic project structure

ansible-project-dir
└─── roles
|    └─── locally-versioned-role1
|    └─── locally-versioned-role2
|    └─── ...
|    └─── requirements.yml
|    └─── .gitignore
└─── ansible.cfg
└─── playbook1.yml
└─── playbook2.yml

ansible.cfg

I force roles search and downloads in the local roles directory by setting roles_path = roles, so user can use ansible-galaxy install without the -p parameter.

roles/requirements.yml

Already discussed above. Just list dependencies to top-level external (i.e. not versioned in the project) as galaxy role name or as git uris. If you need to fully checkout those roles to later make git commits/push on them, you can use ansible-galaxy install -g -f -r roles/requirements

roles/.gitignore

# Ignore everything in roles dir
/*
# Except:
# the .gitignore file
!.gitignore
# the requirements file
!requirements.yml
# Readme if you have one
!README.md
# and any specific role we want to version locally
!locally-versioned-role*/