Re: [ansible-project] Need assistance in Regex

[Dick Visser]

If you want 'existing' to be a boolean, then you can simple check if
the IP is in the list.
Assuming 'intip' is the IP for which you want to test this:

   - set_fact:
        existing: "{{ intip in result|json_query('objects[].value') }}"


The 'result' structure has some subnets as well, I'm not sure if it
would be a problem when you try to add an IP address that is inside
one of those subnets (I guess so). For instance, 10.97.7.55 would be
part of 10.97.7.37/27, but 'existing' would still return false.
If you want that to be covered, you'd have to glue some ipaddr login in between:

https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters_ipaddr.html



On Fri, 26 Mar 2021 at 13:42, Devops warrior <awscloud...@gmail.com> wrote:
>
>
> Thank you for you response. Here is the result data.
>
> {
>     "objects": [
>         {
>             "description": null,
>             "name": "OUTSIDE",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.97.7.37/27"
>         },
>         {
>             "description": null,
>             "name": "INSIDE",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.97.7.133/27"
>         },
>         {
>             "description": null,
>             "name": "INTERNET",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.97.6.36/27"
>         },
>         {
>             "description": null,
>             "name": "Default",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "0.0.0.0/0"
>         },
>         {
>             "description": null,
>             "name": "Dummy_server",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.96.15.254"
>         },
>         {
>             "description": null,
>             "name": "VPN_Subnet",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.16.24.0/22"
>         },
>         {
>             "description": null,
>             "name": "Internal",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.97.12.120"
>         },
>         {
>             "description": null,
>             "name": "test",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.96.6.120"
>         },
>         {
>             "description": null,
>             "name": "test1",
>             "tag": null,
>             "type": "ip-netmask",
>             "value": "10.96.6.125"
>         }
>     ]
> }
>
> Regards,
> Sri
>
> On Friday, 26 March 2021 at 17:43:30 UTC+5:30 dick....@geant.org wrote:
>>
>> Without knowing what your 'result' data structure looks like, doing
>> string matching with IP addressing is almost certainly going to be
>> problematic.
>> I assume you don't want to have problems.
>> So, what does your 'result' data look like?
>>
>> On Fri, 26 Mar 2021 at 11:37, Devops warrior <awscl...@gmail.com> wrote:
>> >
>> > I'm trying to add new IP address (10.96.6.12) in firewall, Before adding, 
>> > I'm validating whether the new IP already exists in firewall or not.
>> >
>> > Task:
>> > - set_fact:
>> > existing: "{{ result | json_query('objects[*].value') | select('match',( 
>> > intip )) | list }}"
>> >
>> > output:
>> > TASK [set_fact] 
>> > **************************************************************************************************************************************************************task
>> >  path: /home/palo-test/json.yml:32
>> > ok: [192.168.0.40] => {
>> > "ansible_facts": {
>> > "existing": [
>> > "10.96.6.120",
>> > "10.96.6.125"
>> > ]
>> > },
>> > "changed": false
>> > }
>> >
>> > Regex in set_fact is considering existing Ip objects 10.96.6.120 and 
>> > 10.96.6.125 as 10.96.6.12. Need help to matching the exact IP.
>> >
>> > --
>> > You received this message because you are subscribed to the Google Groups 
>> > "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an 
>> > email to ansible-proje...@googlegroups.com.
>> > To view this discussion on the web visit 
>> > https://groups.google.com/d/msgid/ansible-project/245eea94-ae74-4fa1-b55e-2d121f42cc9dn%40googlegroups.com.
>>
>>
>>
>> --
>> Dick Visser
>> Trust & Identity Service Operations Manager
>> GÉANT
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/4443cd65-1156-4879-86a2-8a96cf0f1252n%40googlegroups.com.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwMdDmwPuW-%2B-U-Y64NO-er7o5wi%3DTx%2BSeUt2N6KO41TmQ%40mail.gmail.com.