Dominik Riva
Authored Comments
Nice write up.
Structuring your Ansible environment in a practical way is not obvious.
I started to split stuff into environments (inventories and playbooks) that live in separate Git repositories. I also put my roles into separate repositories. Soon I have to look into AWX/Tower to allow others running my playbooks without having to setup Ansible on there machines or forcing them into the command line on "the Ansible Server".
Suspecting you have the config files under version control. How about pulling the repository into a staging location on the hosts and hard linking and/or coping the files to the final location in subsequent tasks.
In your first task state: latest would be more in line with your intent/comment in the task name.
This is by the way one of the reasons I write few comments. Most of the time I can state in the task names, what my intentions and reasons are.
Have a look at blocks I started to use them a lot now and find, that I often write a comment per block and add a tag.
Blocks are also great for error handling. Don't leave half broken configurations.
If a block gets really big and/or has use in other playbooks I spin it out into a role.
There are Ansible modules for managing snapshots so why not manage your testing workflow with Ansible as well?
If you don't choose the one program that is a programming language I don't know what's wrong with you!