Re: [ansible-project] authorized_key : How to put default value or bypass it

2020-01-23 Thread Martin Krizek 
Just skip the item when ssh_key is not available (`false` in your example):

- name: "add public keys to users"
  authorized_key:
user:   '{{ item.name  }}'
key:'{{ item.ssh_key }}'
  with_items:   '{{ user }}'
  when: item.ssh_key

On Thu, Jan 23, 2020 at 9:25 AM Hieronymus  wrote:
>
> Hi
>
> I'm using the authorized_key module in my ansible user role.
> As some user aren't ssh key yet, I would like that by default this key is not 
> created and the task escaped.
> I've seen that the key string is required by this module.
> Is means that I cannot put a false default value?
>
> Here's my main task:
> [...]
> - name: "add public keys to users"
>   authorized_key:
> user:   '{{ item.name  }}'
> key:'{{ item.ssh_key }}'
>   ignore_errors: yes
>   with_items:   '{{ user }}'
> [...]
>
>
> Here's the definition yaml file:
> [...]
> user:
>   - name:   'bob'
> password:   "{{ bob_pass }}"
> comment:'Bob McKenzie'
> uid:'2000'
> group:  'bob'
> groups: 'wheel'
> shell:  '/bin/bash'
> state:  "{{ 'present' if bob_pass else 'absent' }}"
> ssh_key:"{{ bob_key | default(false) }}"
> [...]
>
>
> The bob_key is define in an another yaml variable file.
>
> Here's the error:
> [WARNING]: The value False (type bool) in a string field was converted to 
> 'False' (type string). If this does not look like what you expect, quote the 
> entire value to ensure it does not change.
>
>
> failed: [localhost] (item={'name': 'tzdkom', 'password': .
> . "msg": "invalid key specified: False"}
>
>
> Is the variable ssh_key:"{{ bob_key | default(false) }}"  wrong ?
> Could you please explain me this?
> Has someone an idea to bypass this problem when no ssh_key exist?
>
> Thanks and best regards,
> M.
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/f78ebfe9-b916-4eed-9865-0ff47f12190c%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CADDq2EP2ephg%2BoDDz0vysX1n_54x-PEK6Kq%2B2efJn5eq8B6jtQ%40mail.gmail.com.

[ansible-project] authorized_key : How to put default value or bypass it

2020-01-23 Thread Hieronymus 
Hi

I'm using the authorized_key module in my ansible user role.
As some user aren't ssh key yet, I would like that by default this key is 
not created and the task escaped.
I've seen that the key string is required by this module.
Is means that I cannot put a false default value?

Here's my main task:
[...]
- name: "add public keys to users"
  authorized_key:
user:   '{{ item.name  }}'
key:'{{ item.ssh_key }}'
  ignore_errors: yes
  with_items:   '{{ user }}'
[...]


Here's the definition yaml file:
[...]
user:
  - name:   'bob'
password:   "{{ bob_pass }}"
comment:'Bob McKenzie'
uid:'2000'
group:  'bob'
groups: 'wheel'
shell:  '/bin/bash'
state:  "{{ 'present' if bob_pass else 'absent' }}"
ssh_key:"{{ bob_key | default(false) }}"
[...]


The bob_key is define in an another yaml variable file.

Here's the error:
[WARNING]: The value False (type bool) in a string field was converted to 
'False' (type string). If this does not look like what you expect, quote 
the entire value to ensure it does not change.


failed: [localhost] (item={'name': 'tzdkom', 'password': .
. "msg": "invalid key specified: False"}


Is the variable ssh_key:"{{ bob_key | *default(false)* }}"  wrong ?
Could you please explain me this?
Has someone an idea to bypass this problem when no ssh_key exist?

Thanks and best regards,
M.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f78ebfe9-b916-4eed-9865-0ff47f12190c%40googlegroups.com.