Re: [ansible-project] Failed host list from 'rescue' task

2023-03-15 Thread Vladimir Botka 
On Wed, 15 Mar 2023 17:44:55 +
Aharonu  wrote:

> I am working to get failed hosts from 'rescue' section into a CSV file.
> [...]
> > *when  i tried to append data to a list. *  
> 
> > - set_fact:
> > failed_list: "{{ failed_list + [ansible_host] }}"
> 
> *failed_hosts.csv:*
> *number of failed hots: 2*
> *hostname:*
> *bogus1*
> *bogus2*

Each host will have its own variable *failed_list*. Therefore, it
makes no sense to record *ansible_host* in this list. Instead, you
might want to record the failed tasks. For example, the block below
runs three tasks. If any of the tasks fails the name of it will be
added to the list *failed_list*

- name: block A
  block:
- name: task1A
  command: "{{ ['true', 'false']|random }}"
- name: task2A
  command: "{{ ['true', 'false']|random }}"
- name: task3A
  command: "{{ ['true', 'false']|random }}"
  rescue:
- set_fact:
failed_list: "{{ failed_list +
 [ansible_failed_task.name] }}"

Create dictionary of all hosts and failed tasks

  failed_lists: "{{ dict(groups.all|
zip(hostvars|dict2items|
map(attribute='value.failed_list',
default=[]))) }}"

For example, given the inventory

  shell> cat hosts
  host_A ansible_host=10.1.0.61
  host_B ansible_host=10.1.0.62
  host_C ansible_host=10.1.0.63

a play running two blocks (A and B) on two hosts (host_A and host_C)
gives

  failed_lists:
host_A: [task1A, task1B]
host_B: []
host_C: [task3A, task2B]

Declare the list of failed hosts by selecting nonempty lists

  failed_hosts: "{{ failed_lists|dict2items|
selectattr('value')|
map(attribute='key')|list }}"

gives

  failed_hosts: [host_A, host_C]

Now you can create reports. For example, to write the file on the
controller, delegate the task to localhost 

- copy:
dest: /tmp/failed_hosts.yaml
content: |
  number_of_failed_hosts: {{ failed_hosts|length }}
  hostnames: {{ failed_hosts|join(', ') }}
  {% for h,l in failed_lists.items() %}
  {{ h }}: {{ l|sort|join(', ') }}
  {% endfor %}
  delegate_to: localhost
  run_once: true

gives the YAML file

  shell> cat /tmp/failed_hosts.yaml 
  number_of_failed_hosts: 2
  hostnames: host_A, host_C
  host_A: task1A, task1B
  host_B: 
  host_C: task2B, task3A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
Example of a complete playbook for testing

---
- hosts: host_A,host_C

  vars:

failed_list: []
failed_lists: "{{ dict(groups.all|
  zip(hostvars|dict2items|
  map(attribute='value.failed_list',
  default=[]))) }}"
failed_hosts: "{{ failed_lists|dict2items|
  selectattr('value')|
  map(attribute='key')|list }}"

  tasks:

- name: block A
  block:
- name: task1A
  command: "{{ ['true', 'false']|random }}"
- name: task2A
  command: "{{ ['true', 'false']|random }}"
- name: task3A
  command: "{{ ['true', 'false']|random }}"
  rescue:
- set_fact:
failed_list: "{{ failed_list +
 [ansible_failed_task.name] }}"

- name: block B
  block:
- name: task1B
  command: "{{ ['true', 'false']|random }}"
- name: task2B
  command: "{{ ['true', 'false']|random }}"
- name: task3B
  command: "{{ ['true', 'false']|random }}"
  rescue:
- set_fact:
failed_list: "{{ failed_list +
 [ansible_failed_task.name] }}"

- block:
- debug:
var: failed_lists|to_yaml
- debug:
var: failed_hosts|to_yaml
  run_once: true

- copy:
dest: /tmp/failed_hosts.yaml
content: |
  number_of_failed_hosts: {{ failed_hosts|length }}
  hostnames: {{ failed_hosts|join(', ') }}
  {% for h,l in failed_lists.items() %}
  {{ h }}: {{ l|sort|join(', ') }}
  {% endfor %}
  delegate_to: localhost
  run_once: true

- block:
- include_vars:
file: /tmp/failed_hosts.yaml
name: test
- debug:
var: test
  run_once: true
...


-- 
Vladimir Botka

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20230316002416.11d4a3c7%40gmail.com.


pgpWv9i4PU0yT.pgp
Description: OpenPGP digital signature

Re: [ansible-project] Failed host list from 'rescue' task

2023-03-15 Thread Todd Lewis 
Study and play around with these expressions until you understand what 
each piece does.
set_fact sets a host-specific fact, which for convenience can be 
accessed like any other variable.
Any host can see other hosts' facts/variables by looking in 
hostvars['somehost']./varname/.
The "CSV" is really just a list of failed hosts. With only one column, 
does CSV really mean anything?
The final copy task should be a template task, but I left it in-line for 
clarity.


  - name: Update failed_list fact
ansible.builtin.set_fact:
  failed_list: "{{ failed_list | default([]) + [ansible_host] }}"

  - name: Debug list
ansible.builtin.debug:
 msg:
  - "by play_hosts: {{ ansible_play_hosts | map('extract', hostvars) | 
map(attribute='failed_list') | flatten }}"
  - "by all: {{ hostvars | dict2items | map(attribute='value') | 
map(attribute='failed_list', default=[]) | flatten }}"

  - name: Create failed_list CSV
ansible.builtin.copy:
  content: |
failed
{% for host in hostvars | dict2items | map(attribute='value') | 
map(attribute='failed_list', default=[]) | flatten %}
{{ host }}
{% endfor %}
  dest: /tmp/failed_list.csv
run_once: true

Hope this helps.
--
Todd

On 3/15/23 1:44 PM, Aharonu wrote:

Hello Everyone,

Greetings!

I am working to get failed hosts from 'rescue' section into a CSV file.

When i run task for *'inventory_hostname*' from *'rescue'* section:

rescue:
        - name: inventory_host name list debug
          debug:
            msg: "{{ inventory_hostname }}"
Output:
TASK [inventory_host name list debug]

***
ok: [bogus1] => {}

MSG:

bogus1
ok: [bogus2] => {}

MSG:

bogus2

*when  i tried to append data to a list. *

      - set_fact:
            failed_list: "{{ failed_list + [ansible_host] }}"
        - name: failed_list debug
          debug: var=failed_list


Output:
TASK [set_fact] 
*

ok: [bogus1]
ok: [bogus2]

TASK [failed_list debug] 


ok: [bogus1] => {
    "failed_list": [
        "bogus1"
    ]
}
ok: [bogus2] => {
    "failed_list": [
        "bogus2"
    ]
}


Here bogus1, bogus2 host names are failed in 'resce' section.
We have multiple hosts in our environment. While running playbook we 
have to capture failed hostname into a file  as mentioned below:


*failed_hosts.csv:*
*number of failed hots: 2*
*hostname:*
*bogus1*
*bogus2*


Thank you for your help.
--
You received this message because you are subscribed to the Google 
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CANGEjuXCUuCkps8CU9oWnh3XHN7jo6OJnGJQOCQRvay9w1rg2w%40mail.gmail.com 
.


--
Todd

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9646aced-38a3-b18b-e71f-d7186a8b41fa%40gmail.com.

Re: [ansible-project] Ansible Powershell Usage

2023-03-15 Thread Shawn Singh 
Thanks for the feedback.

Wholeheartedly agree with your last statement :).
This was an ask and given that I see az cli as something that can do 
everything the PoSH modules can do, I'm not convinced it's worth the effort.
That said, I'm trying to give it a fair shot. If it works, great, if not... 

I came across a post (from reading some of the other conversations) where 
some is just using the shell module, specifying pwsh as the executable and 
putting the PoSH inline. I might give that a try; again, just to give this 
a shot.

If it doesn't work for technical reasons, at least the feedback will be 
objective.

Shawn

On Wednesday, March 15, 2023 at 11:17:36 AM UTC-4 Wei-Yen Tan wrote:

> On a sidenote. 
> Actually I have used powershell on linux. I managed to get it working over 
> ssh, and Refactored the helper functions for powershell task development.  
>
>  
> https://www.powershellgallery.com/packages/PSAnsibleHelperFunctions4Linux/0.0.1
>
> I also wrote a proof of concept collection to do ms sql managememt through 
> the local execution environment. 
>
> https://github.com/weiyentan/community.dbatools
>
>
> Though I really only see the use case for powershell as "controller type 
> of acttivity" where the controller is reaching out. Ie. Managing a sql 
> database. Or application. There is room to customise and with the advent of 
> execution environments it allows for this. I have an execution environment 
> that has pwsh installed so I can do all of this. 
>
>
> This was an older execution environment. A newer one exists. 
>
> https://github.com/weiyentan/awx-ee_containers/blob/master/execution_environments/powershell_standard_dbatools/execution-environment.yml
>
> Managing linux servers, there is already tasks to do most things anyway to 
> bother going through the effort of converting things to powershell imho. 
> That's another discussion. 
> Sent from Outlook for iOS 
> --
> *From:* 'Rowe, Walter P. (Fed)' via Ansible Project <
> ansible...@googlegroups.com>
> *Sent:* Thursday, March 16, 2023 12:50 AM
> *To:* ansible...@googlegroups.com 
> *Subject:* Re: [ansible-project] Ansible Powershell Usage 
>  
> If you are truly managing Windows resources look at win_dsc. 
>
> https://docs.ansible.com/ansible/latest/os_guide/windows_dsc.html
>
> Walter
> --
> Walter Rowe, Division Chief
> Infrastructure Services, OISM
> Mobile: 202.355.4123 <(202)%20355-4123>
>
> On Mar 14, 2023, at 3:59 PM, Shawn Singh  wrote:
>
> Also, I noticed this discussion: Ansible powershell module to be run on 
> remote powershell on Linux machine. (
> https://groups.google.com/g/ansible-project/c/YZzYNEevzro) 
>
> Where Matt suggests:
> That it [the module] is meant to be used with a Windows machine / over 
> WinRM:
>
>
> *Matt Davis*
> *unread,* 
> *Oct 21, 2016, 1:24:06 PM* 
> * *
> **
> **
> *to Ansible Project*
> *Some aspects of Ansible's Powershell support are currently built under 
> the assumption that it would only ever run on Windows / over WinRM. There 
> are a few things that would need to be moved around in order to allow 
> "real" Ansible Powershell modules to work on Linux. By "real", I mean so 
> that the module generation stuff works correctly whether the WinRM 
> connection plugin runs it or something else, and that you can use our 
> Powershell module API.*
>
> So maybe that's my issue... ie not meant to run against Azure...
>
>
> On Tuesday, March 14, 2023 at 3:28:04 PM UTC-4 Shawn Singh wrote:
>
>> I'm trying to use Powershell from Ansible. 
>>
>> This is the code:
>>
>> - name: Log into Azure
>>
>>   ansible.windows.win_powershell:
>>
>> script: |
>>
>>   [CmdletBinding()]
>>
>>   param (
>>
>> [String]
>>
>> $TenantID,
>>
>>
>> [String]
>>
>> $AccountID,
>>
>>
>> [SecureString]
>>
>> $Secret
>>
>>   )
>>
>>   Connect-AzAccount -ServicePrincipal -TenantId $TenantID -Credential 
>> $(New-Object -TypeName System.Management.Automation.PSCredential 
>> -ArgumentList $AccountID, $Secret)
>>
>> parameters:
>>
>>   TenantID: "{{ tenant }}"
>>
>>   AccountID: "{{ sp }}"
>>
>>   Secret: "{{ secret }}"
>>
>> The Connect-AzAccount command works, when executed from my machine 
>> (running OS X) under pwsh; however, it blows up pretty ugly when executed 
>> using ansible-playbook...
>>
>>
>> fatal: [localhost]: FAILED! => {
>>
>> "changed": false,
>>
>> "module_stderr": "\u001b[31;1mParserError: 
>> \u001b[0m/Users/j8683/.ansible/tmp/ansible-tmp-1678819559.972683-82400-269117048488035/AnsiballZ_win_powershell.ps1:159\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1mLine
>>  
>> |\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m 159 | \u001b[0m 
>> \u001b[36;1m\u\u001b[0m\u\u\u{\"module_entry\": 
>> \"IyFwb3dlcnNoZWxsCgojIENvcHlyaWdodDogKGMpIDIwMjE 
>> …\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m
>>

[ansible-project] Failed host list from 'rescue' task

2023-03-15 Thread Aharonu 
Hello Everyone,

Greetings!

I am working to get failed hosts from 'rescue' section into a CSV file.

When i run task for *'inventory_hostname*' from *'rescue'* section:

rescue:
> - name: inventory_host name list debug
>   debug:
> msg: "{{ inventory_hostname }}"
> Output:
> TASK [inventory_host name list debug]
> ***
> ok: [bogus1] => {}
>
> MSG:
>
> bogus1
> ok: [bogus2] => {}
>
> MSG:
>
> bogus2
>
> *when  i tried to append data to a list. *

> - set_fact:
> failed_list: "{{ failed_list + [ansible_host] }}"
> - name: failed_list debug
>   debug: var=failed_list
>

Output:
TASK [set_fact]
*
ok: [bogus1]
ok: [bogus2]

TASK [failed_list debug]

ok: [bogus1] => {
"failed_list": [
"bogus1"
]
}
ok: [bogus2] => {
"failed_list": [
"bogus2"
]
}


Here bogus1, bogus2 host names are failed in 'resce' section.
We have multiple hosts in our environment. While running playbook we have
to capture failed hostname into a file  as mentioned below:

*failed_hosts.csv:*
*number of failed hots: 2*
*hostname:*
*bogus1*
*bogus2*


Thank you for your help.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CANGEjuXCUuCkps8CU9oWnh3XHN7jo6OJnGJQOCQRvay9w1rg2w%40mail.gmail.com.

Re: [ansible-project] azure_rm_resourcegroup_info usage help

2023-03-15 Thread Shawn Singh 
I'm reading that as a way to do it (note the 'or'...), not the only way to 
do it... 

* or *set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, 
AZURE_SECRET and AZURE_TENANT.

While I can try it out for test purposes, I'm trying to avoid setting the 
values in environment variables.

I appreciate your feedback.

Shawn

On Wednesday, March 15, 2023 at 12:23:58 PM UTC-4 Rowe, Walter P. (Fed) 
wrote:

> Given how they are presented in all caps and it says "environment 
> variables" then you need to make them ENVIRONMENT variables (ie Linux env 
> vars) – not parameters to the task module.
>
>
> Walter
> --
> Walter Rowe, Division Chief
> Infrastructure Services, OISM
> Mobile: 202.355.4123 <(202)%20355-4123>
>
> On Mar 15, 2023, at 12:11 PM, Shawn Singh  wrote:
>
> I have a service principal for authentication. 
>
> Based on this bullet:
>
>- To authenticate via service principal, pass subscription_id, 
>client_id, secret and tenant or set environment variables 
>AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.
>
>
> My takeaway is that I need to supply the subscription_id, client_id, 
> tenant, and secret to tell Ansible that I want to authenticate using 
> service principal.
>
> Since the module accepts subscription_id, client_id, tenant, and secret, 
> I'm passing the values to the module, figuring the module will attempt to 
> perform authentication using my service principal.
>
> I'm not getting an authentication failed type of message, so it seems that 
> the module isn't using the values I'm supplying.
> To test this out, I tried to set auth_source to "credential_file", as I've 
> got the parameters required for service principal authentication stored in 
> the default location (~/.azure/credentials); however, it fails the same 
> way, so my guess is the module needs something so that when the constructor 
> gets called ... it can create the object; however, I don't see what I'm 
> missing.
>
> Thanks,
>
> Shawn
> On Wednesday, March 15, 2023 at 11:04:23 AM UTC-4 Rowe, Walter P. (Fed) 
> wrote:
>
>> TypeError: ResourceManagementClient.__init__() missing 1 required 
>> positional argument: 'credential'.
>>
>> What kind of authentication have you configured?
>>
>>
>> https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module
>>  
>> 
>>
>> Walter
>> --
>> Walter Rowe, Division Chief
>> Infrastructure Services, OISM
>> Mobile: 202.355.4123 <(202)%20355-4123>
>>
>> On Mar 15, 2023, at 10:53 AM, Shawn Singh  wrote:
>>
>> Hello, 
>>
>> I have a playbook where I am calling my az commands via the command 
>> module.
>> It works as expected.
>> I'm trying to convert it to PoSH (different thread) and as I'm seeing 
>> some issues there, falling back to using specific Azure Modules.
>>
>> When I execute the following playbook, it fails.
>>
>> My intent is just to check for the existence of a resource group, 
>> authenticating using service principal.
>>
>> I've got more int he original playbook; however, trying to start small, 
>> so I've only coded a couple tasks.
>>
>> # get the subscription_id, client_id, tenant, secret
>>
>> - name: read secret
>>
>>   include_vars:
>>
>> file: ../files/spsecret
>>
>>   no_log: true
>>
>> # check if resource group exists, pass in the args retrieved in previous 
>> step for authentication
>>
>> - name: check if the rg already exists
>>
>>   azure.azcollection.azure_rm_resourcegroup_info:
>>
>> name: "np-{{ custom_name }}-rg-east"
>>
>> subscription_id: "{{ sub_id }}"
>>
>> client_id: "{{ sp }}"
>>
>> secret: "{{ secret }}"
>>
>> tenant: "{{ tenant }}"
>>
>>   register: rg_exists
>>
>> The full traceback is:
>>
>> Traceback (most recent call last):
>>
>>   File 
>> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
>>  
>> line 107, in 
>>
>> _ansiballz_main()
>>
>>   File 
>> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
>>  
>> line 99, in _ansiballz_main
>>
>> invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
>>
>>   File 
>> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
>>  
>> line 47, in invoke_module

Re: [ansible-project] azure_rm_resourcegroup_info usage help

2023-03-15 Thread 'Rowe, Walter P. (Fed)' via Ansible Project 
Given how they are presented in all caps and it says "environment variables" 
then you need to make them ENVIRONMENT variables (ie Linux env vars) – not 
parameters to the task module.

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

On Mar 15, 2023, at 12:11 PM, Shawn Singh  wrote:

I have a service principal for authentication.

Based on this bullet:

  *
To authenticate via service principal, pass subscription_id, client_id, secret 
and tenant or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, 
AZURE_SECRET and AZURE_TENANT.

My takeaway is that I need to supply the subscription_id, client_id, tenant, 
and secret to tell Ansible that I want to authenticate using service principal.

Since the module accepts subscription_id, client_id, tenant, and secret, I'm 
passing the values to the module, figuring the module will attempt to perform 
authentication using my service principal.

I'm not getting an authentication failed type of message, so it seems that the 
module isn't using the values I'm supplying.
To test this out, I tried to set auth_source to "credential_file", as I've got 
the parameters required for service principal authentication stored in the 
default location (~/.azure/credentials); however, it fails the same way, so my 
guess is the module needs something so that when the constructor gets called 
... it can create the object; however, I don't see what I'm missing.

Thanks,

Shawn
On Wednesday, March 15, 2023 at 11:04:23 AM UTC-4 Rowe, Walter P. (Fed) wrote:

TypeError: ResourceManagementClient.__init__() missing 1 required positional 
argument: 'credential'.

What kind of authentication have you configured?

https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

On Mar 15, 2023, at 10:53 AM, Shawn Singh  wrote:

Hello,

I have a playbook where I am calling my az commands via the command module.
It works as expected.
I'm trying to convert it to PoSH (different thread) and as I'm seeing some 
issues there, falling back to using specific Azure Modules.

When I execute the following playbook, it fails.

My intent is just to check for the existence of a resource group, 
authenticating using service principal.

I've got more int he original playbook; however, trying to start small, so I've 
only coded a couple tasks.

# get the subscription_id, client_id, tenant, secret

- name: read secret

  include_vars:

file: ../files/spsecret

  no_log: true

# check if resource group exists, pass in the args retrieved in previous step 
for authentication

- name: check if the rg already exists

  azure.azcollection.azure_rm_resourcegroup_info:

name: "np-{{ custom_name }}-rg-east"

subscription_id: "{{ sub_id }}"

client_id: "{{ sp }}"

secret: "{{ secret }}"

tenant: "{{ tenant }}"

  register: rg_exists

The full traceback is:

Traceback (most recent call last):

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 line 107, in 

_ansiballz_main()

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 line 99, in _ansiballz_main

invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 line 47, in invoke_module


runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
 
init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
 _modlib_path=modlib_path),

  File 
"/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 line 224, in run_module

return _run_module_code(code, init_globals, run_name, mod_spec)

  File 
"/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 line 96, in _run_module_code

_run_code(code, mod_globals, init_globals,

  File

Re: [ansible-project] azure_rm_resourcegroup_info usage help

2023-03-15 Thread Shawn Singh 
I have a service principal for authentication.

Based on this bullet:

   - 
   
   To authenticate via service principal, pass subscription_id, client_id, 
   secret and tenant or set environment variables AZURE_SUBSCRIPTION_ID, 
   AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.
   

My takeaway is that I need to supply the subscription_id, client_id, 
tenant, and secret to tell Ansible that I want to authenticate using 
service principal.

Since the module accepts subscription_id, client_id, tenant, and secret, 
I'm passing the values to the module, figuring the module will attempt to 
perform authentication using my service principal.

I'm not getting an authentication failed type of message, so it seems that 
the module isn't using the values I'm supplying.
To test this out, I tried to set auth_source to "credential_file", as I've 
got the parameters required for service principal authentication stored in 
the default location (~/.azure/credentials); however, it fails the same 
way, so my guess is the module needs something so that when the constructor 
gets called ... it can create the object; however, I don't see what I'm 
missing.

Thanks,

Shawn
On Wednesday, March 15, 2023 at 11:04:23 AM UTC-4 Rowe, Walter P. (Fed) 
wrote:

> TypeError: ResourceManagementClient.__init__() missing 1 required 
> positional argument: 'credential'.
>
> What kind of authentication have you configured?
>
>
> https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module
>
> Walter
> --
> Walter Rowe, Division Chief
> Infrastructure Services, OISM
> Mobile: 202.355.4123 <(202)%20355-4123>
>
> On Mar 15, 2023, at 10:53 AM, Shawn Singh  wrote:
>
> Hello, 
>
> I have a playbook where I am calling my az commands via the command module.
> It works as expected.
> I'm trying to convert it to PoSH (different thread) and as I'm seeing some 
> issues there, falling back to using specific Azure Modules.
>
> When I execute the following playbook, it fails.
>
> My intent is just to check for the existence of a resource group, 
> authenticating using service principal.
>
> I've got more int he original playbook; however, trying to start small, so 
> I've only coded a couple tasks.
>
> # get the subscription_id, client_id, tenant, secret
>
> - name: read secret
>
>   include_vars:
>
> file: ../files/spsecret
>
>   no_log: true
>
> # check if resource group exists, pass in the args retrieved in previous 
> step for authentication
>
> - name: check if the rg already exists
>
>   azure.azcollection.azure_rm_resourcegroup_info:
>
> name: "np-{{ custom_name }}-rg-east"
>
> subscription_id: "{{ sub_id }}"
>
> client_id: "{{ sp }}"
>
> secret: "{{ secret }}"
>
> tenant: "{{ tenant }}"
>
>   register: rg_exists
>
> The full traceback is:
>
> Traceback (most recent call last):
>
>   File 
> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
>  
> line 107, in 
>
> _ansiballz_main()
>
>   File 
> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
>  
> line 99, in _ansiballz_main
>
> invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
>
>   File 
> "/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
>  
> line 47, in invoke_module
>
> 
> runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
>  
> init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
>  
> _modlib_path=modlib_path),
>
>   File 
> "/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
>  
> line 224, in run_module
>
> return _run_module_code(code, init_globals, run_name, mod_spec)
>
>   File 
> "/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
>  
> line 96, in _run_module_code
>
> _run_code(code, mod_globals, init_globals,
>
>   File 
> "/opt/homebrew/Cellar/pyt...@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
>  
> line 86, in _run_code
>
> exec(code, run_globals)
>
>   File 
> "/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
>  
> line 235, in 
>
>   File 
>

[ansible-project] using inventory file

2023-03-15 Thread Tony Wong 
any idea how i can use an inventory host file here?

I want to run ansible-playbook -i hosts playbook.yml --vault-ask-pass -

hosts file has all my esxi hosts

---
- name: test
  hosts: all
  gather_facts: no
  vars_files:
  - vcenter_creds.yml
  vars:
vcenter_hostname: vcenter
vcenter_username: "{{ vcenter_username }}"
vcenter_password: "{{ vcenter_password }}"
hostname: esxi1.domain.com

  tasks:
  - name: Gather vmware host facts
community.vmware.vmware_host_facts:
  hostname: "{{ vcenter_hostname }}"
  username: "{{ vcenter_username }}"
  password: "{{ vcenter_password }}"
  esxi_hostname: "{{ hostname }}"
  validate_certs: no
register: host_facts
delegate_to: localhost

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a2368079-e843-45e7-a9db-6ec84ee80777n%40googlegroups.com.

Re: [ansible-project] Ansible Powershell Usage

2023-03-15 Thread Wei-Yen Tan 
On a sidenote.
Actually I have used powershell on linux. I managed to get it working over ssh, 
and Refactored the helper functions for powershell task development.

 https://www.powershellgallery.com/packages/PSAnsibleHelperFunctions4Linux/0.0.1

I also wrote a proof of concept collection to do ms sql managememt through the 
local execution environment.

https://github.com/weiyentan/community.dbatools


Though I really only see the use case for powershell as "controller type of 
acttivity" where the controller is reaching out. Ie. Managing a sql database. 
Or application. There is room to customise and with the advent of execution 
environments it allows for this. I have an execution environment that has pwsh 
installed so I can do all of this.


This was an older execution environment. A newer one exists.
https://github.com/weiyentan/awx-ee_containers/blob/master/execution_environments/powershell_standard_dbatools/execution-environment.yml

Managing linux servers, there is already tasks to do most things anyway to 
bother going through the effort of converting things to powershell imho. That's 
another discussion.
Sent from Outlook for iOS

From: 'Rowe, Walter P. (Fed)' via Ansible Project 

Sent: Thursday, March 16, 2023 12:50 AM
To: ansible-project@googlegroups.com 
Subject: Re: [ansible-project] Ansible Powershell Usage

If you are truly managing Windows resources look at win_dsc.

https://docs.ansible.com/ansible/latest/os_guide/windows_dsc.html

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

On Mar 14, 2023, at 3:59 PM, Shawn Singh  wrote:

Also, I noticed this discussion: Ansible powershell module to be run on remote 
powershell on Linux machine. 
(https://groups.google.com/g/ansible-project/c/YZzYNEevzro)

Where Matt suggests:
That it [the module] is meant to be used with a Windows machine / over WinRM:


Matt Davis
unread,
Oct 21, 2016, 1:24:06 PM



to Ansible Project
Some aspects of Ansible's Powershell support are currently built under the 
assumption that it would only ever run on Windows / over WinRM. There are a few 
things that would need to be moved around in order to allow "real" Ansible 
Powershell modules to work on Linux. By "real", I mean so that the module 
generation stuff works correctly whether the WinRM connection plugin runs it or 
something else, and that you can use our Powershell module API.

So maybe that's my issue... ie not meant to run against Azure...


On Tuesday, March 14, 2023 at 3:28:04 PM UTC-4 Shawn Singh wrote:
I'm trying to use Powershell from Ansible.

This is the code:


- name: Log into Azure

  ansible.windows.win_powershell:

script: |

  [CmdletBinding()]

  param (

[String]

$TenantID,


[String]

$AccountID,


[SecureString]

$Secret

  )

  Connect-AzAccount -ServicePrincipal -TenantId $TenantID -Credential 
$(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 
$AccountID, $Secret)

parameters:

  TenantID: "{{ tenant }}"

  AccountID: "{{ sp }}"

  Secret: "{{ secret }}"

The Connect-AzAccount command works, when executed from my machine (running OS 
X) under pwsh; however, it blows up pretty ugly when executed using 
ansible-playbook...


fatal: [localhost]: FAILED! => {

"changed": false,

"module_stderr": "\u001b[31;1mParserError: 
\u001b[0m/Users/j8683/.ansible/tmp/ansible-tmp-1678819559.972683-82400-269117048488035/AnsiballZ_win_powershell.ps1:159\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1mLine
 |\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m 159 | \u001b[0m 
\u001b[36;1m\u\u001b[0m\u\u\u{\"module_entry\": 
\"IyFwb3dlcnNoZWxsCgojIENvcHlyaWdodDogKGMpIDIwMjE 
…\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m
 | \u001b[31;1m 
~\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[31;1m\u001b[31;1m\u001b[36;1m
 | \u001b[31;1munexpected token '\u', expected 'begin', 'process', 
'end', 'clean', 
or\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[31;1m\u001b[31;1m\u001b[36;1m\u001b[31;1m\u001b[36;1m
 | \u001b[31;1m'dynamicparam'.\u001b[0m\n",

"module_stdout": "",

"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",

"rc": 1


}

Any ideas on what the win_powershell module might not like?

This is the ansible version I'm using:

ansible [core 2.14.0]

  python version = 3.9.6 (default, Sep 26 2022, 11:37:49) [Clang 14.0.0 
(clang-1400.0.29.202)] (/Library/Developer/CommandLineTools/usr/bin/python3)


  jinja version = 3.1.2


Thanks,

Shawn

--
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an

Re: [ansible-project] azure_rm_resourcegroup_info usage help

2023-03-15 Thread 'Rowe, Walter P. (Fed)' via Ansible Project 
TypeError: ResourceManagementClient.__init__() missing 1 required positional 
argument: 'credential'.

What kind of authentication have you configured?

https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_resourcegroup_info_module.html#ansible-collections-azure-azcollection-azure-rm-resourcegroup-info-module

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

On Mar 15, 2023, at 10:53 AM, Shawn Singh  wrote:

Hello,

I have a playbook where I am calling my az commands via the command module.
It works as expected.
I'm trying to convert it to PoSH (different thread) and as I'm seeing some 
issues there, falling back to using specific Azure Modules.

When I execute the following playbook, it fails.

My intent is just to check for the existence of a resource group, 
authenticating using service principal.

I've got more int he original playbook; however, trying to start small, so I've 
only coded a couple tasks.

# get the subscription_id, client_id, tenant, secret

- name: read secret

  include_vars:

file: ../files/spsecret

  no_log: true

# check if resource group exists, pass in the args retrieved in previous step 
for authentication

- name: check if the rg already exists

  azure.azcollection.azure_rm_resourcegroup_info:

name: "np-{{ custom_name }}-rg-east"

subscription_id: "{{ sub_id }}"

client_id: "{{ sp }}"

secret: "{{ secret }}"

tenant: "{{ tenant }}"

  register: rg_exists

The full traceback is:

Traceback (most recent call last):

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 line 107, in 

_ansiballz_main()

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 line 99, in _ansiballz_main

invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 line 47, in invoke_module


runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
 
init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
 _modlib_path=modlib_path),

  File 
"/opt/homebrew/Cellar/python@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 line 224, in run_module

return _run_module_code(code, init_globals, run_name, mod_spec)

  File 
"/opt/homebrew/Cellar/python@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 line 96, in _run_module_code

_run_code(code, mod_globals, init_globals,

  File 
"/opt/homebrew/Cellar/python@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 line 86, in _run_code

exec(code, run_globals)

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 line 235, in 

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 line 231, in main

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 line 160, in __init__

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
 line 472, in __init__

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 line 174, in exec_module

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 line 194, in get_item

  File

[ansible-project] azure_rm_resourcegroup_info usage help

2023-03-15 Thread Shawn Singh 
Hello,

I have a playbook where I am calling my az commands via the command module.
It works as expected.
I'm trying to convert it to PoSH (different thread) and as I'm seeing some 
issues there, falling back to using specific Azure Modules.

When I execute the following playbook, it fails.

My intent is just to check for the existence of a resource group, 
authenticating using service principal.

I've got more int he original playbook; however, trying to start small, so 
I've only coded a couple tasks.

# get the subscription_id, client_id, tenant, secret

- name: read secret

  include_vars:

file: ../files/spsecret

  no_log: true

# check if resource group exists, pass in the args retrieved in previous 
step for authentication

- name: check if the rg already exists

  azure.azcollection.azure_rm_resourcegroup_info:

name: "np-{{ custom_name }}-rg-east"

subscription_id: "{{ sub_id }}"

client_id: "{{ sp }}"

secret: "{{ secret }}"

tenant: "{{ tenant }}"

  register: rg_exists

The full traceback is:

Traceback (most recent call last):

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 
line 107, in 

_ansiballz_main()

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 
line 99, in _ansiballz_main

invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)

  File 
"/Users/j8683/.ansible/tmp/ansible-tmp-1678891419.194826-50522-78867749364726/AnsiballZ_azure_rm_resourcegroup_info.py",
 
line 47, in invoke_module


runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
 
init_globals=dict(_module_fqn='ansible_collections.azure.azcollection.plugins.modules.azure_rm_resourcegroup_info',
 
_modlib_path=modlib_path),

  File 
"/opt/homebrew/Cellar/python@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 
line 224, in run_module

return _run_module_code(code, init_globals, run_name, mod_spec)

  File 
"/opt/homebrew/Cellar/python@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 
line 96, in _run_module_code

_run_code(code, mod_globals, init_globals,

  File 
"/opt/homebrew/Cellar/python@3.10/3.10.9/Frameworks/Python.framework/Versions/3.10/lib/python3.10/runpy.py",
 
line 86, in _run_code

exec(code, run_globals)

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 
line 235, in 

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 
line 231, in main

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 
line 160, in __init__

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
 
line 472, in __init__

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 
line 174, in exec_module

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_resourcegroup_info.py",
 
line 194, in get_item

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
 
line 1070, in rm_client

  File 
"/var/folders/51/76dtk91x4wq1lgdndd_ll604gn/T/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload_52xvp3bz/ansible_azure.azcollection.azure_rm_resourcegroup_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
 
line 920, in get_mgmt_svc_client

TypeError: ResourceManagementClient.__init__() missing 1

Re: [ansible-project] Ansible Powershell Usage

2023-03-15 Thread 'Rowe, Walter P. (Fed)' via Ansible Project 
If you are truly managing Windows resources look at win_dsc.

https://docs.ansible.com/ansible/latest/os_guide/windows_dsc.html

Walter
--
Walter Rowe, Division Chief
Infrastructure Services, OISM
Mobile: 202.355.4123

On Mar 14, 2023, at 3:59 PM, Shawn Singh  wrote:

Also, I noticed this discussion: Ansible powershell module to be run on remote 
powershell on Linux machine. 
(https://groups.google.com/g/ansible-project/c/YZzYNEevzro)

Where Matt suggests:
That it [the module] is meant to be used with a Windows machine / over WinRM:


Matt Davis
unread,
Oct 21, 2016, 1:24:06 PM



to Ansible Project
Some aspects of Ansible's Powershell support are currently built under the 
assumption that it would only ever run on Windows / over WinRM. There are a few 
things that would need to be moved around in order to allow "real" Ansible 
Powershell modules to work on Linux. By "real", I mean so that the module 
generation stuff works correctly whether the WinRM connection plugin runs it or 
something else, and that you can use our Powershell module API.

So maybe that's my issue... ie not meant to run against Azure...


On Tuesday, March 14, 2023 at 3:28:04 PM UTC-4 Shawn Singh wrote:
I'm trying to use Powershell from Ansible.

This is the code:


- name: Log into Azure

  ansible.windows.win_powershell:

script: |

  [CmdletBinding()]

  param (

[String]

$TenantID,


[String]

$AccountID,


[SecureString]

$Secret

  )

  Connect-AzAccount -ServicePrincipal -TenantId $TenantID -Credential 
$(New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 
$AccountID, $Secret)

parameters:

  TenantID: "{{ tenant }}"

  AccountID: "{{ sp }}"

  Secret: "{{ secret }}"

The Connect-AzAccount command works, when executed from my machine (running OS 
X) under pwsh; however, it blows up pretty ugly when executed using 
ansible-playbook...


fatal: [localhost]: FAILED! => {

"changed": false,

"module_stderr": "\u001b[31;1mParserError: 
\u001b[0m/Users/j8683/.ansible/tmp/ansible-tmp-1678819559.972683-82400-269117048488035/AnsiballZ_win_powershell.ps1:159\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1mLine
 |\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m 159 | \u001b[0m 
\u001b[36;1m\u\u001b[0m\u\u\u{\"module_entry\": 
\"IyFwb3dlcnNoZWxsCgojIENvcHlyaWdodDogKGMpIDIwMjE 
…\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m
 | \u001b[31;1m 
~\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[31;1m\u001b[31;1m\u001b[36;1m
 | \u001b[31;1munexpected token '\u', expected 'begin', 'process', 
'end', 'clean', 
or\u001b[0m\n\u001b[31;1m\u001b[0m\u001b[36;1m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[0m\u001b[36;1m\u001b[31;1m\u001b[31;1m\u001b[36;1m\u001b[31;1m\u001b[36;1m
 | \u001b[31;1m'dynamicparam'.\u001b[0m\n",

"module_stdout": "",

"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",

"rc": 1


}

Any ideas on what the win_powershell module might not like?

This is the ansible version I'm using:

ansible [core 2.14.0]

  python version = 3.9.6 (default, Sep 26 2022, 11:37:49) [Clang 14.0.0 
(clang-1400.0.29.202)] (/Library/Developer/CommandLineTools/usr/bin/python3)


  jinja version = 3.1.2


Thanks,

Shawn

--
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f3a8ab7d-ca56-44dd-a783-f54d5b816246n%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/C0FC9ADA-AEBA-4D3E-8838-7B3A3258842C%40nist.gov.