Descobri que usar um script Python é a solução mais fácil (mais fácil do que um plug-in de retorno de chamada, pelo menos na minha versão ansible 1.7):
#!/usr/bin/env python
from __future__ import print_function
import ansible.inventory
import ansible.runner
from subprocess import Popen, PIPE
import sys
TO = "root"
def message(subject, body):
p = Popen(["mail", "-s", subject, TO], stdin=PIPE)
p.communicate(input=body)
res = p.wait()
if res != 0:
print("Failed to send message", file=sys.stderr)
def main():
im = ansible.inventory.Inventory()
runner = ansible.runner.Runner(
module_name='command',
module_args='sh -c "echo OK"',
sudo=True,
)
run = runner.run()
nosudo = set(run["dark"].keys())
runner = ansible.runner.Runner(
module_name='command',
module_args='sh -c "echo OK"',
sudo=False,
inventory=ansible.inventory.Inventory(list(nosudo)),
)
run = runner.run()
nonet = set(run["dark"].keys())
nosudo = nosudo - nonet
for host in nosudo:
message("Host check: %s" % host,
"Cannot execute 'sudo -u root ...' as user 'deploy'.")
for host in nonet:
message("Host check: %s" % host,
"Cannot login into the machine.")
if __name__ == '__main__':
main()