Re: [ansible-project] Security updates
On Tue, May 25, 2021 at 7:00 AM Dick Visser wrote: > > Hi > > Regarding ansible release information, I don't see any dedicated security > announcement mailing list. > Also the functionality that GitHub offers through the project's security > advisory page seems to be unused: > https://github.com/ansible/ansible/security/advisories > > The general release notes tend to be rather long and hence it's harder to > sieve out security fixes. > > Is there maybe some dedicated channel somewhere else that carries security > related content of ansible releases? > FWIW release changelogs do have a dedicated section for security fixes, for example see: https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#security-fixes. Thanks, Martin -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADDq2EN8huG6T11DV8zsdk5TdK%2B0r0W1TSFtBQTmmBmiA1GrhA%40mail.gmail.com.
Re: [ansible-project] short-circuit eval in templated string works only sometimes?
On Sun, May 16, 2021 at 1:55 AM Scott Mcdermott wrote:
>
> Hello, why does short circuit only works for the first two cases:
>
> - hosts: localhost
> become: false
> vars:
> ivar: '{{hostvars[inventory_hostname].dne}}'
> tasks:
> - debug:
> msg: "works: {{'foo' or dne}}"
> - debug:
> msg: "works: {{'bar' or hostvars[inventory_hostname].dne}}"
> - debug:
> msg: "fails: {{'baz' or ivar}}
>
> The third debug will generate an error:
>
> The task includes an option with an undefined variable.
> The error was: {{hostvars[inventory_hostname].dne}}:
> 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'dne'
>
> Why is it even looking up in hostvars at all? The non-empty
> string should evaluate True, so why is it reading the ORed
> condition? The same thing happens with "if true else" and
> ternary(true, ...) filter. It seems that it's properly
> short-circuiting in the first two cases, because the variable
> "dne" does not exist, and there is no error. Even more
> confusing, the expansion of host vars is the exact same in cases
> 2 and 3, it's only going through an indirect variable in case 3.
>
> This seems to happen regardless of the source of variables ie
> extra vars, vars_files, etc.
>
> Is this a bug, or what am I missing?
This is effectively a side-effect of functionality in Ansible's
templating engine that allows nesting variables, like `ivar:
'{{hostvars[inventory_hostname].dne}}'` in your example. The second
operand of `or` is actually resolved somewhere within Jinja templating
machinery in all three cases. The difference is with the third one
where Ansible's extended templating functionality gets `ivar` and
tries to template it *because it is a template* (=this is what allows
nesting variables) which causes the failure.
There are issues reported asking to change this behavior, see
https://github.com/ansible/ansible/issues/58835 and
https://github.com/ansible/ansible/issues/56017 (or an interesting
example that was filed recently in
https://github.com/ansible/ansible/issues/74594).
The problem is that while changing this might result in expected
behavior in this case, it will break other scenarios. However the
above issues are open so feel free to give your input there.
Hopefully this clarifies the matter a bit.
Thanks,
Martin
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EP2zV5OTaZ_z5GY5MOkMX3ejeAUUkLZLkU--8m4E0e2KA%40mail.gmail.com.
[ansible-project] ansibot starts auto-closing collection issues and pull requests in ansible/ansible
Greetings Ansible Community, The change [0] to enable ansibot [1] to auto-close issues and PRs that have the `needs_collection_redirect` label [2] in ansible/ansible repository was just merged. In addition to closing, bot will also post a comment explaining the reason and a link to a collection that the issue/PR should be moved to. The bot will also add a label `bot_closed` to such issues so we can go back and verify bot's actions. As an additional note, while ansibot tries its best to determine the collection the issue/PR should be moved to, it is not a trivial task and if it seems off please reach out on IRC or mailing list to get help figuring out the correct place for the issue/PR. For further information please see https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md Thanks, Martin [0] https://github.com/ansible/ansible/pull/71179 [1] https://github.com/ansible/ansibullbot/ [2] https://github.com/ansible/ansible/labels/needs_collection_redirect -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADDq2EO-mhynk8zuZu9LQ94GmqnXMsPsW9vYZ8nV3Td9mJZy4A%40mail.gmail.com.
Re: [ansible-project] Use lookup/dynamic variable names in jinja2 template
- hosts: localhost
gather_facts: yes
vars:
top_level:
Fedora:
key: value
tasks:
- debug:
msg: "{{ top_level[ansible_distribution]['key'] }}"
On Thu, Jun 25, 2020 at 3:22 PM Willem Bos wrote:
>
> Hi Martin,
>
> Thanks for your quick response, really appreciate it. I hope you don't mind
> an additional question: the vars section actually is one level deeper:
>
> vars:
> sshd:
> CentOS:
> ciphers: "a,b"
> hostkeys:
> - "ssh_host_key"
> - "ssh_rsa_host_key"
>
> How do I add this to:
> {% for hostkey in lookup('vars', ansible_distribution)['hostkeys'] %}
> {{ hostkey }}
> {% endfor %}
>
> I tried ['sshd']lookup('vars', ansible_distribution)['hostkeys'] and a few
> variants, but they all fail.
>
> Sorry for being such a noob, but accessing vars/lists/dicts/etc. always gives
> me major headaches :-)
>
> Regards,
> Willem.
>
>
>
>
>
> On Thursday, June 25, 2020 at 2:19:03 PM UTC+2, Martin Krizek wrote:
>>
>> Sorry, I misread your example and missed that the variable you want to
>> look up is a dictionary and that you want to access a key within that
>> dictionary. In that case you need to look up just the var and access
>> the key on the result of the lookup:
>>
>> - hosts: localhost
>> gather_facts: yes
>> vars:
>> Fedora:
>> key: value
>> tasks:
>> - debug:
>> msg: "{{ lookup('vars', ansible_distribution)['key'] }}"
>>
>> On Thu, Jun 25, 2020 at 1:47 PM Willem Bos wrote:
>> >
>> > Hi Martin,
>> >
>> > Thanks, but I'm not sure varnames is useful to me.
>> >
>> > I know what the variable is called, but don't know how to construct it
>> > programmatically (as the Ansible manual calls it). Taking the example code
>> > from the documentation results in an empty list:
>> >
>> > ...
>> > - debug:
>> > msg: "{{ lookup('varnames', ansible_distribution + '.hostkeys') }}"
>> > ...
>> > TASK [debug] ***
>> > ok: [localhost] => {
>> > "msg": []
>> > }
>> > ...
>> >
>> > Regards,
>> > Willem.
>> >
>> >
>> > On Wednesday, June 24, 2020 at 2:39:52 PM UTC+2, Martin Krizek wrote:
>> >>
>> >> You can use the varnames lookup to get variable names that match given
>> >> pattern:
>> >> https://docs.ansible.com/ansible/latest/plugins/lookup/varnames.html
>> >>
>> >> On Wed, Jun 24, 2020 at 12:33 PM Willem Bos wrote:
>> >> >
>> >> > Hi,
>> >> >
>> >> > The playbook below should generate a file with the content:
>> >> > a,b
>> >> > ssh_host_key
>> >> > ssh_rsa_host_key
>> >> >
>> >> > However, the way I construct the variable names results in either
>> >> > syntax/templating errors or 'variable name does not exists'.
>> >> >
>> >> > ---
>> >> > - hosts: localhost
>> >> > connection: local
>> >> >
>> >> > vars:
>> >> > CentOS:
>> >> > ciphers: "a,b"
>> >> > hostkeys:
>> >> > - "ssh_host_key"
>> >> > - "ssh_rsa_host_key"
>> >> > tasks:
>> >> > - copy:
>> >> > dest: "{{ playbook_dir }}/test.out"
>> >> > content: |
>> >> >
>> >> > # This works:
>> >> > {{ CentOS.ciphers }}
>> >> >
>> >> > # This results in 'No variable found with this name':
>> >> > {# Ciphers {{ lookup('vars', ansible_distribution + '.ciphers')
>> >> > }}
>> >> >
>> >> > # Templating errors:
>> >> > {% for hostkey in {{ lookup('vars', ansible_distribution +
>> >> > '.hostkeys') }} %}
>> >> > {{ hostkey }}
>> >> > {% endfor %}
>> >> >
>> >> > # Templating errors:
>> >> > {% for hostkey in {{
>> >> > hostvars[inventory_hostname][ansible_distribution + '.hostkeys'] }} %}
>> >> > {{ hostkey }}
>> >> > {% endfor %}
>> >> >
>> >> >
>
Re: [ansible-project] Use lookup/dynamic variable names in jinja2 template
Sorry, I misread your example and missed that the variable you want to
look up is a dictionary and that you want to access a key within that
dictionary. In that case you need to look up just the var and access
the key on the result of the lookup:
- hosts: localhost
gather_facts: yes
vars:
Fedora:
key: value
tasks:
- debug:
msg: "{{ lookup('vars', ansible_distribution)['key'] }}"
On Thu, Jun 25, 2020 at 1:47 PM Willem Bos wrote:
>
> Hi Martin,
>
> Thanks, but I'm not sure varnames is useful to me.
>
> I know what the variable is called, but don't know how to construct it
> programmatically (as the Ansible manual calls it). Taking the example code
> from the documentation results in an empty list:
>
> ...
> - debug:
> msg: "{{ lookup('varnames', ansible_distribution + '.hostkeys') }}"
> ...
> TASK [debug] ***
> ok: [localhost] => {
> "msg": []
> }
> ...
>
> Regards,
> Willem.
>
>
> On Wednesday, June 24, 2020 at 2:39:52 PM UTC+2, Martin Krizek wrote:
>>
>> You can use the varnames lookup to get variable names that match given
>> pattern: https://docs.ansible.com/ansible/latest/plugins/lookup/varnames.html
>>
>> On Wed, Jun 24, 2020 at 12:33 PM Willem Bos wrote:
>> >
>> > Hi,
>> >
>> > The playbook below should generate a file with the content:
>> > a,b
>> > ssh_host_key
>> > ssh_rsa_host_key
>> >
>> > However, the way I construct the variable names results in either
>> > syntax/templating errors or 'variable name does not exists'.
>> >
>> > ---
>> > - hosts: localhost
>> > connection: local
>> >
>> > vars:
>> > CentOS:
>> > ciphers: "a,b"
>> > hostkeys:
>> > - "ssh_host_key"
>> > - "ssh_rsa_host_key"
>> > tasks:
>> > - copy:
>> > dest: "{{ playbook_dir }}/test.out"
>> > content: |
>> >
>> > # This works:
>> > {{ CentOS.ciphers }}
>> >
>> > # This results in 'No variable found with this name':
>> > {# Ciphers {{ lookup('vars', ansible_distribution + '.ciphers') }}
>> >
>> > # Templating errors:
>> > {% for hostkey in {{ lookup('vars', ansible_distribution +
>> > '.hostkeys') }} %}
>> > {{ hostkey }}
>> > {% endfor %}
>> >
>> > # Templating errors:
>> > {% for hostkey in {{
>> > hostvars[inventory_hostname][ansible_distribution + '.hostkeys'] }} %}
>> > {{ hostkey }}
>> > {% endfor %}
>> >
>> >
>> > What is the proper way to 'assemble' the variable names? Or is there a
>> > better way of doing this?
>> >
>> > Regards,
>> > Willem.
>> >
>> > --
>> > You received this message because you are subscribed to the Google Groups
>> > "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an
>> > email to ansible...@googlegroups.com.
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msgid/ansible-project/76b24a20-1c5b-46ea-a197-f1c390fcd0f7o%40googlegroups.com.
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/97e0166f-d015-4097-a870-1a207b14c7a5o%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2ENwdysRsoXDSF6KyYutPhte8Mc7G3j4pZE1o9DXeMBWKQ%40mail.gmail.com.
Re: [ansible-project] Use lookup/dynamic variable names in jinja2 template
You can use the varnames lookup to get variable names that match given
pattern: https://docs.ansible.com/ansible/latest/plugins/lookup/varnames.html
On Wed, Jun 24, 2020 at 12:33 PM Willem Bos wrote:
>
> Hi,
>
> The playbook below should generate a file with the content:
> a,b
> ssh_host_key
> ssh_rsa_host_key
>
> However, the way I construct the variable names results in either
> syntax/templating errors or 'variable name does not exists'.
>
> ---
> - hosts: localhost
> connection: local
>
> vars:
> CentOS:
> ciphers: "a,b"
> hostkeys:
> - "ssh_host_key"
> - "ssh_rsa_host_key"
> tasks:
> - copy:
> dest: "{{ playbook_dir }}/test.out"
> content: |
>
> # This works:
> {{ CentOS.ciphers }}
>
> # This results in 'No variable found with this name':
> {# Ciphers {{ lookup('vars', ansible_distribution + '.ciphers') }}
>
> # Templating errors:
> {% for hostkey in {{ lookup('vars', ansible_distribution +
> '.hostkeys') }} %}
> {{ hostkey }}
> {% endfor %}
>
> # Templating errors:
> {% for hostkey in {{
> hostvars[inventory_hostname][ansible_distribution + '.hostkeys'] }} %}
> {{ hostkey }}
> {% endfor %}
>
>
> What is the proper way to 'assemble' the variable names? Or is there a better
> way of doing this?
>
> Regards,
> Willem.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/76b24a20-1c5b-46ea-a197-f1c390fcd0f7o%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EMKKvdmqK4hJmK7T_m%2BE5UsM3eBPLPTWjByjW4Ggm46Kg%40mail.gmail.com.
Re: [ansible-project] ternary clarification needed
On Thu, Mar 26, 2020 at 7:55 AM Davide Scrimieri wrote:
>
> Hello,
>
> Whenever a ternary is used are both conditions evaluated regardless ?
>
> For example, I want to convert "my_other_var" to an object only if it is
> passed as as string, otherwise I don't want to touch the object, and leave it
> as it is.
>
> - set_fact:
> my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
> (my_other_var | from_json, my_other_var }}"
>
Yes, this is how the ternary filter works. To work around that you can
use a ternary statement:
- set_fact:
my_var: "{{ my_other_var | from_json if (my_other_var |
type_debug == 'str') else my_other_var }}"
That should result in desired behavior.
M.
> What happens right now is this:
>
> if my_other_var is str -> It works
> if my_other_var is dict -> it gives me the error saying that my_other_var
> should be a string to be converted from_json. But I would expect that being
> the condition on the left = False, it would ignore the left condition on the
> ternary and only consider the rightmost condition.
>
> I also tried using when:
>
> -- name: Set fact for string object
> set_fact:
> my_var: "{{ my_other_var | from_json }}"
> when: (my_other_var | type_debug == 'str')
>
>
> - name: Set fat for dict object
> set_fact:
> my_var: "{{ my_other_var | from_json }}"
> when: (my_other_var | type_debug == 'dict')
>
> However, if "my_other_var" is dict, the first block (named set fact for
> string object) gives me the same error as before. I was actually expecting
> that being the when statement equals to false, it would simply ignore it.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/8e08a7c9-9f2a-4c83-a7c4-ab9aa389b4e2%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2ENmBvy7%2B1rXhJ--G1c2aYDPiwJnCDU2%3D3TiC8%3D-Ergxww%40mail.gmail.com.
Re: [ansible-project] Simple Math with String to Int
On Tue, Mar 3, 2020 at 3:15 AM M F wrote:
>
> Hi All,
>
> Im having trouble with setting a fact, doing some math, and having the result
> be an INT
>
> To start, i set the base Var
>
> set_fact: SOMENUMBER = 8
>
> Ansible stores this value as a String
>
> Later, i need to divide that number by 2 and get the result as an INT
>
> set_fact: myvar = "{{ SOMENUMBER / 2) }}"
>
> Even then though, Ansible stores it as a string.
>
> If I do this, i get an INT, but its a FLOAT 4.0 instead of 4
>
> set_fact: myvar = "{{ ((SOMENUMBER|int) / 2) }}"
>
> I am having to resort to doing the following to get my answer of 4
>
> set_fact: myvar = "{{ ((SOMENUMBER|int) / 2)|replace('.0','') }}"
>
> Is there a better way to take a single integer stored as a string, and
> perform math and output an INT more simply?
Jinja2 native types introduced in Ansible 2.7 should be what you want:
https://docs.ansible.com/ansible/latest/reference_appendices/config.html#default-jinja2-native
Martin
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2ENhz5PbhN47px3wVr3ZvTXwwnC6uUwqtFLS5ir5XeHheQ%40mail.gmail.com.
Re: [ansible-project] Ansible when logic to determine whether to use yum or dnf to install packages on ansible_os_family='RedHat'
On Tue, Feb 18, 2020 at 11:30 AM Vladimir Botka wrote:
>
> On Tue, 18 Feb 2020 01:25:18 -0800 (PST)
> Donald Jones wrote:
>
> > Up until now I've been making a logic decision with my ansible roles based
> > upon the ansible_os_family, to run the appropriate module for yum
> > ('RedHat') or apt ('Debian').
You can use `ansible_pkg_mgr` variable instead.
M.
> >
> > With the introduction of CentOS 8, dnf has been brought in as a replacement
> > for yum.
> > So my question is, is there a prefered 'when' logic that I can use to
> > determine whether I should use the dnf or yum module in a playbook/role?
> > Ideally something that maximises future proof.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EPGTPM2tLk-hr1vfRopJP-V_7i6Ngte6WNo925tokioKg%40mail.gmail.com.
Re: [ansible-project] Re: Help with meta end_host
Hello,
I have opened a pull request that should fix the issue at
https://github.com/ansible/ansible/pull/66851.
Thanks!
Martin
On Tue, Jan 28, 2020 at 12:59 PM Aleksandr Smirnov
wrote:
>
> I could just confirm such behavior, seems it's a bug in meta: end_host, what
> such action does not update ansible_play_hosts ( and ansible_play_batch ).
> And in the Ansible 2.9.2 version it's still the same behavior.
>
> As the workaround you could try meta: fail, but it's not so nice and could
> have side effects, if you're relying on the play's exist state for example.
>
> Anyway, you could try to construct similar logic by yourself with set_fact:
> and when: actions.
>
> On Friday, 20 September 2019 16:38:31 UTC+2, KSS wrote:
>>
>> Hi,
>>
>> I have a playbook that uses a meta task to end the play for hosts not
>> meeting a certain condition. Further along the playbook I have a run_once
>> task that uses the ansible_play_hosts variable to provide a list of the
>> hosts in the current play to a command.
>>
>> My issue is that although I end the play for the hosts not meeting the
>> required condition, they persist in the ansible_play_hosts variable - I
>> guess this is expected since they are not failed and therefore still
>> technically part of the play even though they will not have any further
>> tasks executed against them. Is there any way of getting or creating a list
>> of the hosts that remain active for the remaining tasks?
>>
>> Here is a test playbook demonstrating that the play has ended for a
>> particular host but remains in the play_hosts variable;
>>
>>
>> -- test_meta.yml -
>>
>> ---
>>
>>- hosts: all
>>
>> tasks:
>>
>> - name: Ending the play for hosts not meeting the required condition
>> meta: end_host
>> when:
>> - inventory_hostname == "test01"
>>
>> - block:
>>
>> - debug:
>> msg: "Host {{ inventory_hostname }}"
>>delegate_to: localhost
>>
>> - debug:
>> msg: "Host {{ item }} still in play_hosts"
>>with_items: "{{ ansible_play_hosts }}"
>>delegate_to: localhost
>>run_once: true
>>
>> rescue:
>>
>> - debug:
>> msg: "Failed host - {{ inventory_hostname }} - {{
>> ansible_failed_result.msg }}"
>>delegate_to: localhost
>>
>> --- eof -
>>
>> The playbook run;
>>
>> PLAY [all]
>> *
>>
>> TASK [Gathering Facts]
>> *
>> ok: [test01]
>> ok: [test02]
>> ok: [test03]
>>
>> TASK [debug]
>> ***
>> ok: [test02 -> localhost] => {
>> "msg": "Host test02"
>> }
>> ok: [test03 -> localhost] => {
>> "msg": "Host test03"
>> }
>>
>> TASK [debug]
>> ***
>> ok: [test02 -> localhost] => (item=test01) => {
>> "msg": "Host test01 still in play_hosts"
>> }
>> ok: [test02 -> localhost] => (item=test02) => {
>> "msg": "Host test02 still in play_hosts"
>> }
>> ok: [test02 -> localhost] => (item=test03) => {
>> "msg": "Host test03 still in play_hosts"
>> }
>>
>> PLAY RECAP
>> *
>> test03 : ok=2changed=0unreachable=0failed=0
>> skipped=0rescued=0ignored=0
>> test01 : ok=1changed=0unreachable=0failed=0
>> skipped=0rescued=0ignored=0
>> test02 : ok=3changed=0unreachable=0failed=0
>> skipped=0rescued=0ignored=0
>>
>> Can anyone suggest how I get a list of hosts actually still active (i.e.
>> still having tasks executed against them)?
>>
>> ansible-2.8.4 and 2.8.5
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/46e8d219-5eb0-42d9-83f2-ba44269c0ce7%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EPY5r%2Bx6eYf2PpNGL4TRvnKKeEgJ9s6BEi5%3D3ZA90TMmA%40mail.gmail.com.
Re: [ansible-project] authorized_key : How to put default value or bypass it
Just skip the item when ssh_key is not available (`false` in your example):
- name: "add public keys to users"
authorized_key:
user: '{{ item.name }}'
key:'{{ item.ssh_key }}'
with_items: '{{ user }}'
when: item.ssh_key
On Thu, Jan 23, 2020 at 9:25 AM Hieronymus wrote:
>
> Hi
>
> I'm using the authorized_key module in my ansible user role.
> As some user aren't ssh key yet, I would like that by default this key is not
> created and the task escaped.
> I've seen that the key string is required by this module.
> Is means that I cannot put a false default value?
>
> Here's my main task:
> [...]
> - name: "add public keys to users"
> authorized_key:
> user: '{{ item.name }}'
> key:'{{ item.ssh_key }}'
> ignore_errors: yes
> with_items: '{{ user }}'
> [...]
>
>
> Here's the definition yaml file:
> [...]
> user:
> - name: 'bob'
> password: "{{ bob_pass }}"
> comment:'Bob McKenzie'
> uid:'2000'
> group: 'bob'
> groups: 'wheel'
> shell: '/bin/bash'
> state: "{{ 'present' if bob_pass else 'absent' }}"
> ssh_key:"{{ bob_key | default(false) }}"
> [...]
>
>
> The bob_key is define in an another yaml variable file.
>
> Here's the error:
> [WARNING]: The value False (type bool) in a string field was converted to
> 'False' (type string). If this does not look like what you expect, quote the
> entire value to ensure it does not change.
>
>
> failed: [localhost] (item={'name': 'tzdkom', 'password': .
> . "msg": "invalid key specified: False"}
>
>
> Is the variable ssh_key:"{{ bob_key | default(false) }}" wrong ?
> Could you please explain me this?
> Has someone an idea to bypass this problem when no ssh_key exist?
>
> Thanks and best regards,
> M.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f78ebfe9-b916-4eed-9865-0ff47f12190c%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EP2ephg%2BoDDz0vysX1n_54x-PEK6Kq%2B2efJn5eq8B6jtQ%40mail.gmail.com.
Re: [ansible-project] ignore -has no attribute
Use "default" filter:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#defaulting-undefined-variables
Example:
- hosts: localhost
gather_facts: no
vars:
d:
key: value
tasks:
- debug:
msg: "{{ d.missing_attr | default('default_value') }}"
On Thu, Jan 23, 2020 at 11:19 AM Jegan A wrote:
>
> Hello Team,
>
>I am parsing register value using debug and using when condition to print
> particular matching value. While doing that am getting below error. some of
> the register value doesn't have "volume_attachments" variable due to that the
> when condition is failing. I want to ignore this error how can I do it. Could
> you please help me on this. Thanks in advance.
>
> fatal: [localhost]: FAILED! => {"msg": "The conditional check
> 'item.volume_attachments | length == 0' failed. The error was: error while
> evaluating conditional (item.volume_attachments | length == 0): 'dict object'
> has no attribute 'volume_attachments'\n\nThe error appears to be in
> '/var/lib/home/s': line 33, column 7, but may\nbe elsewhere in the file
> depending on the exact syntax problem.\n\nThe offending line appears to
> be:\n\n\n- debug:\n ^ here\n"}
>
>
> Regards,
> Jegan A
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b7353ab1-5a43-4d6d-a510-21d3dba61e1d%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2ENXsqTFiVEmCybYAtaYztCSZQNL1rUsVLHLMP%3Dw4EHvcw%40mail.gmail.com.
Re: [ansible-project] Re: loop
Hello,
you can find an example of using `first_found` with `loop` here:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#selecting-files-and-templates-based-on-variables.
Thanks,
Martin
On Wed, Jun 12, 2019 at 2:39 PM Ryad karkar wrote:
>
> Hi,
>
> You can see one exemple for loop :
>
> - name: "with_list -> loop"
> debug:
> msg: "{{ item }}"
> loop:
> - my first word
> - my second word
>
> When i execut this task, the result is :
>
> [item=1] => my first word
> [item=2] => my second word
>
> Do you understand ?
>
> Regards,
>
> Le mercredi 12 juin 2019 14:13:58 UTC+2, starflighter one a écrit :
>>
>> Hi all,
>>
>> how can I write with_first_found as loop?
>>
>> I can't find an example at
>> https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.5.html#migrating-from-with-x-to-loop
>> Can you give me an example?
>>
>> Thanks,
>> starflighter
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/217b6472-47c3-414c-ae84-a67332f179b3%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2ENuxaRC-QSWbqLr%2BXF9%3D66TxzE3W%3Dco3qg0bzdMYk0uOg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] tower ansible template: how to pass parameters to a python script
Hello, for passing parameters to the script please see the first example on https://docs.ansible.com/ansible/latest/modules/script_module.html#examples. If you want to pass those parameters from variables then yes you need to use Jinja2. Thanks, Martin On Mon, Jun 10, 2019 at 4:45 PM Gilles wrote: > > I am using a template to run a python script. This works fine. > >> --- >> - hosts: ISE >> connection: local >> args: >> tasks: >> - script: /usr/bin/python3 ../scripts/ise_add.py >> register: output >> - debug: var=output.stdout_lines >> >> >> > > Now I would like to pass 2 parameters to the python script (hostname and > ipaddress), either harcoded or from any file or any variable. > May I use the "extra variables" section of the template panel? > Do I have to use Jinja2? > > Thanks > Regards, > Gilles > > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To post to this group, send email to ansible-project@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/2a2296ea-3017-4842-8b2d-9f819de93df0%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADDq2EOoE3Wsq2O1OyYqbBafNGxPBh8F9fz6cpU0xDFAq7Z-%3Dw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] remote module (vmware_guest_find) does not support check mode
Hello,
how are you running 'ansible-playbook' command? If you are passing
"-C" or "--check" then the message is expected; you might want to
create a feature request for vmware_guest_find to support check_mode.
Otherwise it might be a bug.
Thanks,
Martin
On Mon, Jun 10, 2019 at 5:30 PM Kishore Hejmady
wrote:
>
> I am trying to connect to vshpere and get the below message
>
> #- name: "Find more info on {{vcenter_info[vsphere-env].vcenter_hostname}}
> {{vsphere_login}} VM - {{ vm_name }} {{vsphere_passwd}} "
> - name: "Find more info on {{ vsphere_env }} {{vsphere_login}} {{ vm_name }} "
> vmware_guest_find:
> hostname: "{{vcenter_info[vsphere_env].vcenter_hostname}}"
> username: "{{vsphere_login}}"
> password: "{{vsphere_passwd}}"
> validate_certs: False
> name: "{{ vm_name }}"
> delegate_to: localhost
> register: vm_folder
>
> - debug:
>var: vm_folder
>
> Message :
>
> skipping: [localhost] => {"changed": false, "msg": "remote module
> (vmware_guest_find) does not support check mode"}
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f3c3d1cd-b426-4440-8800-43d3d714a31a%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2EOn_ywrTZcqo7FuzaXcr0x7cK9g96jRZmP6yOF6HAg6nw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Re: I can't edit jira issue with ansible
Or just use 'implicit localhost' -
https://docs.ansible.com/ansible/latest/inventory/implicit_localhost.html.
On Fri, Jun 7, 2019 at 1:16 PM Jonathan Lozada De La Matta <
jloza...@redhat.com> wrote:
> probably need connection: local or delagate_to: localhost in the playbook
>
> On Fri, Jun 7, 2019 at 6:58 AM Rodrigo Rapozo
> wrote:
>
>> Thanks a lot for the quickly reply.
>>
>> So I change in my hosts:
>>
>> [local]
>> localhost
>>
>> and in my playbook:
>> ---
>> - hosts: local
>> vars:
>> ansible_python_interpreter: /usr/bin/python3
>> tasks:
>> - name: Jira VF/CF
>> jira:
>> uri: 'https://mycompanyjira.atlassian.net'
>> username: 'rodrigo\@mycompany.com'
>> password: 'XXX'
>> operation: edit
>> issue: 'VFNCDS-1414'
>> assignee: rodrigo
>>
>> But looks like that is necessary a local ssh.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *TASK [Gathering Facts]
>> **task
>> path: /etc/ansible/playbooks/jira_mycompany.yml:2 ESTABLISH SSH
>> CONNECTION FOR USER: None SSH: EXEC ssh -C -o ControlMaster=auto
>> -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o
>> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
>> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
>> ControlPath=/root/.ansible/cp/8a5a4c6a60 localhost '/bin/sh -c '"'"'echo ~
>> && sleep 0'"'"'' (255, '', 'ssh: connect to host localhost port
>> 22: Cannot assign requested address\r\n')fatal: [localhost]: UNREACHABLE!
>> => {"changed": false,"msg": "Failed to connect to the host via ssh:
>> ssh: connect to host localhost port 22: Cannot assign requested
>> address","unreachable": true}to retry, use: --limit
>> @/etc/ansible/playbooks/jira_mycompany.retry*
>>
>>
>>
>> Em sexta-feira, 7 de junho de 2019 11:30:01 UTC+1, Rodrigo Rapozo
>> escreveu:
>>>
>>> Hello I'm trying to edit a jira issue but I receive 404 I don't know why
>>>
>>> I think that could be because the field hosts is required, but I don't
>>> have ssh to the server and I put other host just to pass.
>>>
>>> Any ideia?
>>>
>>> ---
>>> - hosts: clients
>>> vars:
>>> ansible_python_interpreter: /usr/bin/python3
>>> tasks:
>>> - name: Jira VF/CF
>>> jira:
>>> uri: 'https://mycompanyjira.atlassian.net'
>>> username: 'rodrigo\@mycompany.com'
>>> password: 'XXX'
>>> operation: edit
>>> issue: 'VFNCDS-1414'
>>> assignee: rodrigo
>>>
>>>
>>>
>>>
>>> [root@bd9fb0ef9526 playbooks]# ansible-playbook jira_mycompany.yml -vvv
>>> ansible-playbook 2.7.10
>>> config file = /etc/ansible/ansible.cfg
>>> configured module search path = [u'/root/.ansible/plugins/modules',
>>> u'/usr/share/ansible/plugins/modules']
>>> ansible python module location =
>>> /usr/lib/python2.7/site-packages/ansible
>>> executable location = /usr/bin/ansible-playbook
>>> python version = 2.7.5 (default, Oct 30 2018, 23:45:53) [GCC 4.8.5
>>> 20150623 (Red Hat 4.8.5-36)]
>>> Using /etc/ansible/ansible.cfg as config file
>>> /etc/ansible/hosts did not meet host_list requirements, check plugin
>>> documentation if this is unexpected
>>> /etc/ansible/hosts did not meet script requirements, check plugin
>>> documentation if this is unexpected
>>> Parsed /etc/ansible/hosts inventory source with ini plugin
>>>
>>> PLAYBOOK: jira_mycompany.yml
>>> *
>>> 1 plays in jira_mycompany.yml
>>>
>>> PLAY [clients]
>>> **
>>>
>>> TASK [Gathering Facts]
>>> **
>>> task path: /etc/ansible/playbooks/jira_mycompany.yml:2
>>> <172.17.0.4> ESTABLISH SSH CONNECTION FOR USER: None
>>> <172.17.0.4> SSH: EXEC ssh -C -o ControlMaster=auto -o
>>> ControlPersist=60s -o KbdInteractiveAuthentication=no -o
>>> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
>>> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
>>> ControlPath=/root/.ansible/cp/64e7c37884 172.17.0.4 '/bin/sh -c '"'"'echo ~
>>> && sleep 0'"'"''
>>> <172.17.0.4> (0, '/root\n', '')
>>> <172.17.0.4> ESTABLISH SSH CONNECTION FOR USER: None
>>> <172.17.0.4> SSH: EXEC ssh -C -o ControlMaster=auto -o
>>> ControlPersist=60s -o KbdInteractiveAuthentication=no -o
>>>
Re: [ansible-project] Tower license query
Hello, please contact official support for questions about your license - https://docs.ansible.com/ansible-tower/3.3.1/html/installandreference/updates_support.html#support Thanks, Martin On Fri, Jun 7, 2019 at 8:24 AM rajthecomputerguy wrote: > > Hi Team, > > We bought tower license two months ago but never used, the question is > license duration will be counted after activation or from purchase date. > > thanks, > Pushparaj > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To post to this group, send email to ansible-project@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/2a77ca8d-e2eb-4416-a0c4-d21ff4dae135%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADDq2EO1oxW2mAKAsB6fCST%2BZUaKYK5Tn1HNhkfhE17-bGr2TQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Mail Callback
On Fri, Sep 7, 2018 at 1:15 PM Martin Krizek wrote: > > The traceback you're getting says "unexpected keyword argument > 'flags'". That argument was added in Python 2.7 which is also the > minimal Python version supported by Ansible on the controller side. But that's being done for 2.7. What Ansible version are you running? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADDq2EP%2BXsDmEKQ72XQFujS1j12zPBD7xMW7MfP%2Brnoc63HL4w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Mail Callback
The traceback you're getting says "unexpected keyword argument 'flags'". That argument was added in Python 2.7 which is also the minimal Python version supported by Ansible on the controller side. M. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADDq2EMEYf%2By68%2Bv0TWfvE_wQ0_YLQEQFv9XH-XDqZEYRim-Pg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
