json_query with authorized_key-module output
31 views
Skip to first unread message
Goetz Leupold
Oct 12, 2017, 2:23:33 AM10/12/17
to Ansible Project
Hi,
i have a problem with the response of the authorized_key-module in combination with the Jinja2 Filter "json_query". This filter works already fine for me with the prompt-Module where i extract all the inputs with "y"(query: "results[?user_input=='y']").
ansible --version
ansible 2.4.0.0
python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
This is a testplay to prey my problem(you'll need 2 testssh keys in /tmp with ".pub" ending, example content "ssh-rsa 123== Comment 1" ):
---
- hosts: localhost
tasks:
- name: test
authorized_key:
user: "{{ ansible_user }}"
state: present
path: "/tmp/test_authorized_keys"
manage_dir: no
key: "{{ lookup('file', item) }}"
with_fileglob:
- /tmp/*.pub
register: sshKey
- debug:
msg: "{{ sshKey }}"
- debug:
msg: "{{ item.item }}"
with_items: "{{ sshKey | json_query(query) }}"
vars:
query: "results[?changed==true]"
...
I expect that the second debug-module prints out the path of the changed key. Any ideas what i am doing wrong?
Best regards
i have a problem with the response of the authorized_key-module in combination with the Jinja2 Filter "json_query". This filter works already fine for me with the prompt-Module where i extract all the inputs with "y"(query: "results[?user_input=='y']").
ansible --version
ansible 2.4.0.0
python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
This is a testplay to prey my problem(you'll need 2 testssh keys in /tmp with ".pub" ending, example content "ssh-rsa 123== Comment 1" ):
---
- hosts: localhost
tasks:
- name: test
authorized_key:
user: "{{ ansible_user }}"
state: present
path: "/tmp/test_authorized_keys"
manage_dir: no
key: "{{ lookup('file', item) }}"
with_fileglob:
- /tmp/*.pub
register: sshKey
- debug:
msg: "{{ sshKey }}"
- debug:
msg: "{{ item.item }}"
with_items: "{{ sshKey | json_query(query) }}"
vars:
query: "results[?changed==true]"
...
I expect that the second debug-module prints out the path of the changed key. Any ideas what i am doing wrong?
Best regards
Kai Stian Olstad
Oct 12, 2017, 5:14:53 AM10/12/17
to ansible...@googlegroups.com
On 12.10.2017 08:23, Goetz Leupold wrote:
> Hi,
>
> i have a problem with the response of the authorized_key-module in
> combination with the Jinja2 Filter "json_query". This filter works
> already
> fine for me with the prompt-Module where i extract all the inputs with
> "y"(query: "results[?user_input=='y']").
>
> ansible --version
> ansible 2.4.0.0
> python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1
> Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
>
> This is a testplay to prey my problem(you'll need 2 testssh keys in
> /tmp
> with ".pub" ending, example content "ssh-rsa 123== Comment 1" ):
Instead of we recreate this why don't you run it for us and post the
> Hi,
>
> i have a problem with the response of the authorized_key-module in
> combination with the Jinja2 Filter "json_query". This filter works
> already
> fine for me with the prompt-Module where i extract all the inputs with
> "y"(query: "results[?user_input=='y']").
>
> ansible --version
> ansible 2.4.0.0
> python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1
> Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
>
> This is a testplay to prey my problem(you'll need 2 testssh keys in
> /tmp
> with ".pub" ending, example content "ssh-rsa 123== Comment 1" ):
output?
Preferably with
"ANSIBLE_STDOUT_CALLBACK=debug ansible-playbook -v playbook.yaml"
--
Kai Stian Olstad
Goetz Leupold
Oct 12, 2017, 5:42:08 AM10/12/17
to Ansible Project
There is no output of the second debug-task. Dont know why...
Output of the command:
Using /Users/blackended_user/git/project/ansible/ansible.cfg as config file
PLAY [localhost] ****************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************
ok: [localhost]
TASK [test] *********************************************************************************************************
ok: [localhost] => (item=/tmp/1.pub) => {
"changed": false,
"comment": null,
"exclusive": false,
"failed": false,
"gid": 31346032,
"group": "blackended_group",
"item": "/tmp/1.pub",
"key": "ssh-rsa 123== Comment 1",
"key_options": null,
"keyfile": "/tmp/test_authorized_keys",
"manage_dir": false,
"mode": "0600",
"owner": "blackended_user",
"path": "/tmp/test_authorized_keys",
"size": 24,
"state": "file",
"uid": 218476800,
"unique": false,
"user": "blackended_user",
"validate_certs": true
}
changed: [localhost] => (item=/tmp/2.pub) => {
"changed": true,
"comment": null,
"exclusive": false,
"failed": false,
"gid": 31346032,
"group": "blackended_group",
"item": "/tmp/2.pub",
"key": "ssh-rsa 456== Comment 2",
"key_options": null,
"keyfile": "/tmp/test_authorized_keys",
"manage_dir": false,
"mode": "0600",
"owner": "blackended_user",
"path": "/tmp/test_authorized_keys",
"size": 48,
"state": "file",
"uid": 218476800,
"unique": false,
"user": "blackended_user",
"validate_certs": true
}
TASK [debug] ********************************************************************************************************
ok: [localhost] => {}
MSG:
{'msg': u'All items completed', 'changed': True, 'results': [{u'comment': None, u'exclusive': False, u'uid': 218476800, u'owner': u'blackended_user', u'manage_dir': False, u'group': u'ADS\\Dom\xe4nen-Benutzer', 'failed': False, u'state': u'file', u'gid': 31346032, u'invocation': {u'module_args': {u'comment': None, u'exclusive': False, u'validate_certs': True, u'key_options': None, u'state': u'present', u'user': u'blackended_user', u'key': u'ssh-rsa 123== Comment 1', u'path': u'/tmp/test_authorized_keys', u'unique': False, u'keyfile': u'/tmp/test_authorized_keys', u'manage_dir': False}}, u'size': 24, '_ansible_parsed': True, '_ansible_item_result': True, u'key_options': None, u'user': u'blackended_user', u'key': u'ssh-rsa 123== Comment 1', u'path': u'/tmp/test_authorized_keys', u'unique': False, '_ansible_no_log': False, u'keyfile': u'/tmp/test_authorized_keys', 'changed': False, 'item': u'/tmp/1.pub', u'mode': u'0600', u'validate_certs': True}, {u'comment': None, u'exclusive': False, u'uid': 218476800, u'owner': u'blackended_user', u'manage_dir': False, u'group': u'ADS\\Dom\xe4nen-Benutzer', 'failed': False, u'state': u'file', u'gid': 31346032, u'invocation': {u'module_args': {u'comment': None, u'exclusive': False, u'validate_certs': True, u'changed': True, u'key_options': None, u'state': u'present', u'user': u'blackended_user', u'key': u'ssh-rsa 456== Comment 2', u'path': u'/tmp/test_authorized_keys', u'unique': False, u'keyfile': u'/tmp/test_authorized_keys', u'manage_dir': False}}, u'size': 48, '_ansible_parsed': True, '_ansible_item_result': True, u'key_options': None, u'user': u'blackended_user', u'key': u'ssh-rsa 456== Comment 2', u'path': u'/tmp/test_authorized_keys', u'unique': False, '_ansible_no_log': False, u'keyfile': u'/tmp/test_authorized_keys', u'changed': True, 'item': u'/tmp/2.pub', u'mode': u'0600', u'validate_certs': True}]}
TASK [debug] ********************************************************************************************************
PLAY RECAP **********************************************************************************************************
localhost : ok=3 changed=1 unreachable=0 failed=0
PLAY [localhost] ****************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************
ok: [localhost]
TASK [test] *********************************************************************************************************
ok: [localhost] => (item=/tmp/1.pub) => {
"changed": false,
"comment": null,
"exclusive": false,
"failed": false,
"gid": 31346032,
"group": "blackended_group",
"item": "/tmp/1.pub",
"key": "ssh-rsa 123== Comment 1",
"key_options": null,
"keyfile": "/tmp/test_authorized_keys",
"manage_dir": false,
"mode": "0600",
"owner": "blackended_user",
"path": "/tmp/test_authorized_keys",
"size": 24,
"state": "file",
"uid": 218476800,
"unique": false,
"user": "blackended_user",
"validate_certs": true
}
changed: [localhost] => (item=/tmp/2.pub) => {
"changed": true,
"comment": null,
"exclusive": false,
"failed": false,
"gid": 31346032,
"group": "blackended_group",
"item": "/tmp/2.pub",
"key": "ssh-rsa 456== Comment 2",
"key_options": null,
"keyfile": "/tmp/test_authorized_keys",
"manage_dir": false,
"mode": "0600",
"owner": "blackended_user",
"path": "/tmp/test_authorized_keys",
"size": 48,
"state": "file",
"uid": 218476800,
"unique": false,
"user": "blackended_user",
"validate_certs": true
}
TASK [debug] ********************************************************************************************************
ok: [localhost] => {}
MSG:
{'msg': u'All items completed', 'changed': True, 'results': [{u'comment': None, u'exclusive': False, u'uid': 218476800, u'owner': u'blackended_user', u'manage_dir': False, u'group': u'ADS\\Dom\xe4nen-Benutzer', 'failed': False, u'state': u'file', u'gid': 31346032, u'invocation': {u'module_args': {u'comment': None, u'exclusive': False, u'validate_certs': True, u'key_options': None, u'state': u'present', u'user': u'blackended_user', u'key': u'ssh-rsa 123== Comment 1', u'path': u'/tmp/test_authorized_keys', u'unique': False, u'keyfile': u'/tmp/test_authorized_keys', u'manage_dir': False}}, u'size': 24, '_ansible_parsed': True, '_ansible_item_result': True, u'key_options': None, u'user': u'blackended_user', u'key': u'ssh-rsa 123== Comment 1', u'path': u'/tmp/test_authorized_keys', u'unique': False, '_ansible_no_log': False, u'keyfile': u'/tmp/test_authorized_keys', 'changed': False, 'item': u'/tmp/1.pub', u'mode': u'0600', u'validate_certs': True}, {u'comment': None, u'exclusive': False, u'uid': 218476800, u'owner': u'blackended_user', u'manage_dir': False, u'group': u'ADS\\Dom\xe4nen-Benutzer', 'failed': False, u'state': u'file', u'gid': 31346032, u'invocation': {u'module_args': {u'comment': None, u'exclusive': False, u'validate_certs': True, u'changed': True, u'key_options': None, u'state': u'present', u'user': u'blackended_user', u'key': u'ssh-rsa 456== Comment 2', u'path': u'/tmp/test_authorized_keys', u'unique': False, u'keyfile': u'/tmp/test_authorized_keys', u'manage_dir': False}}, u'size': 48, '_ansible_parsed': True, '_ansible_item_result': True, u'key_options': None, u'user': u'blackended_user', u'key': u'ssh-rsa 456== Comment 2', u'path': u'/tmp/test_authorized_keys', u'unique': False, '_ansible_no_log': False, u'keyfile': u'/tmp/test_authorized_keys', u'changed': True, 'item': u'/tmp/2.pub', u'mode': u'0600', u'validate_certs': True}]}
TASK [debug] ********************************************************************************************************
PLAY RECAP **********************************************************************************************************
localhost : ok=3 changed=1 unreachable=0 failed=0
Kai Stian Olstad
Oct 12, 2017, 6:24:00 AM10/12/17
to ansible...@googlegroups.com
On 12.10.2017 11:42, Goetz Leupold wrote:
>
> There is no output of the second debug-task. Dont know why...
> Output of the command:
>
<snip />
>
> There is no output of the second debug-task. Dont know why...
> Output of the command:
>
- debug:
msg: "{{ item.item }}"
with_items: "{{ sshKey | json_query(query) }}"
vars:
query: "results[?changed==true]"
You can use this
msg: "{{ item.item }}"
with_items: "{{ sshKey | json_query(query) }}"
vars:
query: "results[?changed==true]"
- debug:
msg: "{{ item.item }}"
with_items: '{{ sshKey.results }}'
when: item.changed
--
Kai Stian Olstad
Goetz Leupold
Oct 12, 2017, 6:36:52 AM10/12/17
to Ansible Project
Instead of
- debug:
msg: "{{ item.item }}"
with_items: "{{ sshKey | json_query(query) }}"
vars:
query: "results[?changed==true]"
You can use this
- debug:
msg: "{{ item.item }}"
with_items: '{{ sshKey.results }}'
when: item.changed
--
Kai Stian Olstad
Thank you a lot. Sometimes i dont see the forest for the trees ;) But nevertheless i am unhappy i cant use the json_query filter on that. I neither know if it is a bug or my bad.
Goetz Leupold
Oct 12, 2017, 7:35:11 AM10/12/17
to Ansible Project
Sorry, but your suggested solution doesnt cover my request full:
- debug:
msg: "{{ item.item }}"
with_items: "{{ sshKey.results }}"
when:
msg: "{{ item.item }}"
with_items: "{{ sshKey.results }}"
when:
- sshKey.changed
- debug:
msg: "{{ item.item }}"
with_items: "{{ sshKey.results }}"
when:
- not sshKey.changed
The conditional isnt based on the results.(item).changed. It is based on "sshKey.changed" and if one of the keys has changed, it is for every item true.
Is it possible to take the actual item in the when clause?
Kai Stian Olstad
Oct 12, 2017, 9:18:51 AM10/12/17
to ansible...@googlegroups.com, Goetz Leupold
On 12.10.2017 13:35, Goetz Leupold wrote:
> Am Donnerstag, 12. Oktober 2017 12:36:52 UTC+2 schrieb Goetz Leupold:
>>> You can use this
>>>
>>> - debug:
>>> msg: "{{ item.item }}"
>>> with_items: '{{ sshKey.results }}'
>>> when: item.changed
>>>
>>
> Am Donnerstag, 12. Oktober 2017 12:36:52 UTC+2 schrieb Goetz Leupold:
>>> You can use this
>>>
>>> - debug:
>>> msg: "{{ item.item }}"
>>> with_items: '{{ sshKey.results }}'
>>> when: item.changed
>>>
>>
>> Thank you a lot. Sometimes i dont see the forest for the trees ;) But
>> nevertheless i am unhappy i cant use the json_query filter on that. I
>> neither know if it is a bug or my bad.
>>
>
> Sorry, but your suggested solution doesnt cover my request full:
>
> - debug:
> msg: "{{ item.item }}"
> with_items: "{{ sshKey.results }}"
> when:
> - sshKey.changed
>
> - debug:
> msg: "{{ item.item }}"
> with_items: "{{ sshKey.results }}"
> when:
> - not sshKey.changed
>
> The conditional isnt based on the results.(item).changed. It is based
> on
> "sshKey.changed" and if one of the keys has changed, it is for every
> item
> true.
> Is it possible to take the actual item in the when clause?
Well, my example did, if you check it you'll see "when: item.changed".
>> nevertheless i am unhappy i cant use the json_query filter on that. I
>> neither know if it is a bug or my bad.
>>
>
> Sorry, but your suggested solution doesnt cover my request full:
>
> - debug:
> msg: "{{ item.item }}"
> with_items: "{{ sshKey.results }}"
> when:
> - sshKey.changed
>
> - debug:
> msg: "{{ item.item }}"
> with_items: "{{ sshKey.results }}"
> when:
> - not sshKey.changed
>
> The conditional isnt based on the results.(item).changed. It is based
> on
> "sshKey.changed" and if one of the keys has changed, it is for every
> item
> true.
> Is it possible to take the actual item in the when clause?
--
Kai Stian Olstad
Goetz Leupold
Oct 12, 2017, 9:25:21 AM10/12/17
to Ansible Project
I am sorry, my bad! Should had have copy your snipet ;) Thank you so much!
Reply all
Reply to author
Forward
0 new messages