new warning in Ansible 2.3

[Philippe Eveque]

The warning is: 

[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. 

Not sure how to avoid it in the below case. Any hint ?

See https://github.com/ansible/ansible/issues/22397. Sorry for commenting in a closed issue

consider the following variable:

to_be_removed_users:
  - name: 'adm'
    remove: False 
  - name: 'ftp'
    remove: True
  - name: 'games'
    remove: False  
  - name: 'gopher'
    remove: True
  - name: 'operator'
    remove: False
  - name: 'uucp'
    remove: True

then the following tasks generate the warning. Not sure how to avoid it as item.name is the result of iteration on the list

name: Get users list 
 getent: 
   database: passwd
 tags:
   - userdel

- name: Make sure the following users are removed
 user: 
   name: "{{ item.name }}"
   state: absent 
   remove: "{{item.remove}}"
 with_items: '{{ to_be_removed_users }}'
 when: getent_passwd.{{ item.name }} is defined
 tags:
   - userdel

[Josh Smift]

PE> Not sure how to avoid it in the below case. Any hint ?

I often find it helps to use the more Pythonic expression of the
variables, thing['foo'][bar], so you can tell that 'foo' is a literal
string and bar is a variable, rather than the sloppy thing.foo.bar, where
you can't.

So instead of

when: getent_passwd.{{ item.name }} is defined

try

when: getent_passwd[item['name']] is defined

I'm not 100% sure that's the problem you're having, but if it is, does
that work?

-Josh (j...@care.com)

(apologies for the automatic corporate disclaimer that follows)

This email is intended for the person(s) to whom it is addressed and may contain information that is PRIVILEGED or CONFIDENTIAL. Any unauthorized use, distribution, copying, or disclosure by any person other than the addressee(s) is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email and delete the message and any attachments from your system.

[Matt Martz]

Technically, while what you have there worked, it's not recommended.

Instead what you want, is something like:

when: hostvars[inventory_hostname]['getent_passwd'][item.name] is defined

Or potentially:

when: vars['getent_passwd']['item.name'] is defined

When you use {{ }} a jinja2 statement, it can create unintended consequences, because the when statement and the {{ }} you put in the when statement are evaluated at different times, and can actually cause Undefined errors.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAB1FMuSpS4VKk80KQXdJku6GJdWHrKQQQ4tJLqbLZmEXcbaeTg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--

Matt Martz
@sivel
sivel.net

[Matt Martz]

Yeah, or what Josh said too :)

[Philippe Eveque]

Thanks Matt and Josh

using the below works perfectly

 when: getent_passwd[item['name']] is defined

So this addressed the warning ansible2.3.0 was reporting and 

I also got a better understanding about why to avoid jinja in when statement

Phil 

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAD8N0v90HvhfX0MLtXZgEAj26gxS%3DD_gTEkFUwRsEj6KXQdw1Q%40mail.gmail.com.