Just skip the item when ssh_key is not available (`false` in your example):
- name: "add public keys to users"
authorized_key:
user: '{{ item.name }}'
key: '{{ item.ssh_key }}'
with_items: '{{ user }}'
when: item.ssh_key
On Thu, Jan 23, 2020 at 9:25 AM Hieronymus <[email protected]> wrote:
>
> Hi
>
> I'm using the authorized_key module in my ansible user role.
> As some user aren't ssh key yet, I would like that by default this key is not
> created and the task escaped.
> I've seen that the key string is required by this module.
> Is means that I cannot put a false default value?
>
> Here's my main task:
> [...]
> - name: "add public keys to users"
> authorized_key:
> user: '{{ item.name }}'
> key: '{{ item.ssh_key }}'
> ignore_errors: yes
> with_items: '{{ user }}'
> [...]
>
>
> Here's the definition yaml file:
> [...]
> user:
> - name: 'bob'
> password: "{{ bob_pass }}"
> comment: 'Bob McKenzie'
> uid: '2000'
> group: 'bob'
> groups: 'wheel'
> shell: '/bin/bash'
> state: "{{ 'present' if bob_pass else 'absent' }}"
> ssh_key: "{{ bob_key | default(false) }}"
> [...]
>
>
> The bob_key is define in an another yaml variable file.
>
> Here's the error:
> [WARNING]: The value False (type bool) in a string field was converted to
> 'False' (type string). If this does not look like what you expect, quote the
> entire value to ensure it does not change.
>
>
> failed: [localhost] (item={'name': 'tzdkom', 'password': .....
> ..... "msg": "invalid key specified: False"}
>
>
> Is the variable ssh_key: "{{ bob_key | default(false) }}" wrong ?
> Could you please explain me this?
> Has someone an idea to bypass this problem when no ssh_key exist?
>
> Thanks and best regards,
> M.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f78ebfe9-b916-4eed-9865-0ff47f12190c%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EP2ephg%2BoDDz0vysX1n_54x-PEK6Kq%2B2efJn5eq8B6jtQ%40mail.gmail.com.
