Skip to main content Logo

Quis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed

log_vcs - Ansible callback plugin that creates VCS (git) branches for every Ansible run

Published: 10-07-2018 | Author: Remy van Elst | Text only version of this article

❗ This post is over five years old. It may no longer be up to date. Opinions may have changed.

This callback plugin creates a VCS branch every time you run Ansible. If you ever need to go back to a certain state or environment, check out that branch and be sure nothing has changed.

This is useful when you have multiple environments or multiple people deploying and continually develop your Ansible. When you often deploy to test / acceptance and less often to production, you can checkout the last branch that deployed to production if a hotfix or other maintenance is required, without having to search back in your commits and logs. I would recommend to develop infrastructure features in feature branches and have the master branch always deployable to production. However, reality learns that that is not always the case and this is a nice automatic way to have a fallback.

Recently I removed all Google Ads from this site due to their invasive tracking, as well as Google Analytics. Please, if you found this content useful, consider a small donation using any of the options below:

I'm developing an open source monitoring app called Leaf Node Monitoring, for windows, linux & android. Go check it out!

Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.

You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $200 credit for 60 days. Spend $25 after your credit expires and I'll get $25!

Requirements and installation

The plugin requires 'GitPython'. On Ubuntu this can be installed with the package manager:

apt-get install python-git python3-git

The plugin requires the Ansible folder to be a git repository. If you have a seperate 'roles' directory, that is not included in this plugin.

The plugin is hosted on Github:

To install the plugin, create a folder in your Ansible folder:

mkdir -p plugins/callbacks

Place the file in there and edit your ansible.cfg file:

  callback_whitelist = log_vcs
  callback_plugins = plugins/callbacks


If you have multiple environments (multiple inventories) then every inventory needs a group_var (in group_vars/all.yml) named environment. The plugin uses this in the branch name. In my case it can be dev, tst, acc, prd or mgmt. It is not required, if it is not found the plugin will substitute it with env.

Branch name format

The branch name format is:


For example:



Auto-commit or cleanup?

There is no auto-commit or auto-push to a git server. In my use-case deployment is always done from a management machine, otherwise you have to extend the plugin to do auto-commit and push. I decided in my case it would not be useful.

Auto-cleanup is also not implemented. We have bash for that:

git branch | grep 'auto-' | xargs -L 1 -I % git branch -d %
Tags: ansible , configuration-management , deployment , devops , git , python , software , sudoers