Honestly this sounds more like a need to revisit how you are handling variables. You are creating a scoping issue with the current approach. The all group is were things should live that might need to be accessed by multiple groups. Specific subgroups are for scope specific variables, so really should not be reaching across scopes for variables.
On Fri, Sep 16, 2022, 8:07 AM Todd Lewis <[email protected]> wrote: > In that case, in the first play, do a "debug" and see what variables are > available. > - name: groupvars anybody > debug: > msg: "{{ vars }}" > From that you should be able to work out what the expression would be, if > there is a way to do it. > > On Friday, September 16, 2022 at 7:39:45 AM UTC-4 [email protected] wrote: > >> Hi >> >> Thanks, but that seems to be making the play conditional on whether there >> are any 'web' hosts in the play. >> What I am looking for is a way to access those group_vars regardless of >> whether there are any such hosts in the play. >> >> >> >> On Fri, 16 Sept 2022 at 13:19, Todd Lewis <[email protected]> wrote: >> >>> Better: >>> groups['web'] | default([]) | length >>> >>> On Friday, September 16, 2022 at 6:50:22 AM UTC-4 Todd Lewis wrote: >>> >>>> Can you add >>>> when: groups['web'] | length >>>> onto the "populate secret for use elsewhere" task? >>>> >>>> On Friday, September 16, 2022 at 5:34:37 AM UTC-4 [email protected] >>>> wrote: >>>> >>>>> Hi >>>>> >>>>> I have a playbook that contains several plays. One play is performing >>>>> API related tasks in AWS, so it's using the local connection and >>>>> localhost. >>>>> The plays after that targets real hosts. >>>>> Pseudo code: >>>>> >>>>> - name: do API related work >>>>> hosts: localhost >>>>> connection: local >>>>> become: false >>>>> gather_facts: false >>>>> tags: api >>>>> tasks: >>>>> - name: populate secret for use elsewhere >>>>> community.aws.aws_secret: >>>>> name: foopass >>>>> secret: "{{ hostvars[groups['web'][0]].foopass }}" >>>>> >>>>> - name: deploy web servers >>>>> hosts: web >>>>> tasks: >>>>> - name: save secret >>>>> copy: >>>>> dest: foopass.txt >>>>> content: "{{ foopass }}" >>>>> >>>>> >>>>> This play works, but I don't know how to selectively run the API play >>>>> if there are no web servers in the play (as they might not exist yet). >>>>> If I try '-i localhost, --connection local', then the API task doesn't >>>>> find any hostvars for a 'web' host: >>>>> >>>>> TASK [populate secret for use elsewhere] >>>>> *************************************************************************************************************** >>>>> fatal: [localhost]: FAILED! => >>>>> msg: '{{ hostvars[groups[''web''][0]].foopass }}: ''dict object'' >>>>> has no attribute ''web''' >>>>> >>>>> This seems to make sense. But how would I go about accessing those >>>>> vars? >>>>> Is it possible at all to access variables for hosts that are NOT in >>>>> the current play? >>>>> >>>>> FYI the variable is not gathered (again, because the web host is not >>>>> yet there), it is defined in group_vars/web/main.yml - so it is there on >>>>> disk. >>>>> >>>>> Thanks! >>>>> >>>>> Dick Visser >>>>> >>>>> >>>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/c75c3488-9e4b-4c71-97a1-8ff249585605n%40googlegroups.com >>> <https://groups.google.com/d/msgid/ansible-project/c75c3488-9e4b-4c71-97a1-8ff249585605n%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/30ff4cd9-3ef2-4fca-8fa9-ac2f440a5627n%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/30ff4cd9-3ef2-4fca-8fa9-ac2f440a5627n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEcFzYyBMa3bqy9Q%2BRAGQM-AkTc5tvGNok8egOGi0fVYUgFWyw%40mail.gmail.com.
