Hello all,
New to Ansible, so I apologize if there is a simple solution to this
problem - but I have done a lot of searching and have not been able to find
one. I am running Ansible 2.2.1.0 on a 2015 Macbook Pro using macOS High
Sierra.
When invoking ansible-playbook like so:
ansible-playbook -i environments/my-inventory my-playbook.yml --vault-
password-file ../vault.pass --tags="mytag"
I can access the path to "environments/my-inventory" in the playbook by
referencing the variable {{ inventory_file }}, which is a so-called magic
variable
<https://docs.ansible.com/ansible/devel/user_guide/playbooks_variables.html#magic-variables-and-how-to-access-information-about-other-hosts>.
However, I cannot find similar variables to reference which will give me
the values passed for the vault password file or the tags. In my searching
I have found DEFAULT_VAULT_PASSWORD_FILE, ANSIBLE_VAULT_PASSWORD_FILE,
vault_password_file as possible variables which could hold a path to a
vault password file, but none of those variables when referenced in Jinja
templating are defined or have the value I've passed on the command line.
The reason I want to access these values is because I have a playbook
executing other playbooks in parallel in the method suggested by Ansible
developer bcoca <https://www.slideshare.net/bcoca/more-tips-n-tricks> (slide
24), and in my case my-playbook.yml looks like:
- hosts: localhost
gather_facts: False
tasks:
- shell: ansible-playbook -i {{ inventory_file }} playbook-{{item}}.yml
--vault-password-file ../vault.pass
async: 3600
poll: 0
with_items: [item1,item2,item3]
register: myregister
- async_status: jid={{myregister.results[item.0].ansible_job_id}}
register: jobs
until: jobs.finished
with_indexed_items: [item1,item2,item3]
retries: 100
delay: 10
The values for --vault-password-file and --tags that are passed in the
initial call are not inherited by localhost tasks, so playbook-item1.yml
will not have any tag consideration when executing. It will only have a
vault password file because that's hardcoded into the playbook above,
whereas I'd prefer to reference it programmatically.
So, to recap, I call my-playbook.yml in a terminal, and my-playbook.yml
calls a handful of shells on localhost. I would like to call
my-playbook.yml in the terminal with --vault-password-file and be able to
access that variable inside the playbook, so that my localhost shell task
would not need that path hard-coded again. As mentioned above, I'd also
like to do the same thing with referencing tags. Is this possible?
Thanks in advance for reading and considering. Let me know if more
information is required.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/12a6f6a2-2970-4105-8a95-747dcd402e1e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
