Task performs work despite conditional
95 views
Skip to first unread message
James Morgan
Jan 17, 2015, 11:04:47 AM1/17/15
to ansible...@googlegroups.com
Hi,
I have the following task
when: ec2_key_material is defined
ec2_key:
name: "{{ ec2_key_name }}"
region: "{{ ec2_region }}"
key_material: "{{ item }}"
with_file: /path/to/public_key.id_rsa.pub
Code was taking from http://docs.ansible.com/ec2_key_module.html
ec2_key_material is not defined
Whilst it does skip it tries to find the file. If I wanted to pass the file into the role and do the following
with_file: "{{ ec2_key_material }}"I get
fatal: [localhost] => could not locate file in lookup: {{ ec2_key_material }}
If I add a real path then it logs out the key. I really don't want that happening
skipping: [localhost] => (item=-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAkYI6Fxq0Qlxmn0rwWlyVX4VERtahcjZDFMA8VnJiPCcHMcGSZWmqkVusrm39
.....
9B5yU8q4D9vEzuLYmbaRJji9YpTnPCHEHJ7Dn9a85UMIk+D0AYsHDMW3rqkovcsXhwft5CdIVDJ0
gNgSLOyND24AHxTwxBhHnAf3oSsoYpx5PgcT75ydE123nGFWa4siMZiV/vP4+ycOUF4=
-----END RSA PRIVATE KEY-----)
Any suggestions. The latter issue seems worrying
Thanks
James
Dan Vaida
Jan 17, 2015, 11:54:10 AM1/17/15
to ansible...@googlegroups.com
Try with_file: "{{ lookup('file', 'path/goes/here' ) }}"
James Morgan
Jan 17, 2015, 12:13:24 PM1/17/15
to ansible...@googlegroups.com
Hi,
That gives me the following
TASK: [openbet/aws/ec2-create-instance | Create ec2 key pair using local key] ***
fatal: [localhost] => could not locate file in lookup: -----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAkYI6Fxq0Qlxmn0rwWlyVX4VERtahcjZDFMA8VnJiPCcHMcGSZWmqkVusrm39
wIHi16uUwyj+D0BpoNEDy8mvaRvE9apwn2s/Ampyb8nQnHCNdx43wu+AIN3PG8PAfRbrcGlPpKpQ
The location is correct.
I'm running ansible-playbook 1.8.2
It still logs the private key which is iffy and
when: ec2_key_material is defined
isn't stopping it from looking for the file. I would have thought it would have short circuited itself before doing any lookups
James
Dan Vaida
Jan 17, 2015, 12:30:26 PM1/17/15
to ansible...@googlegroups.com
If you read the documentation page of this module careful enough, you will see that, in fact, the “{{ item }}” comes from the with_file, not from your vars. That is the material :)
> --
> You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/S-_Fe4V0Ebo/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fe6d92ef-1948-4112-a5ef-e53c286f1424%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
> You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/S-_Fe4V0Ebo/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fe6d92ef-1948-4112-a5ef-e53c286f1424%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
James Morgan
Jan 17, 2015, 1:03:05 PM1/17/15
to ansible...@googlegroups.com
Hi,
Not sure I follow, I understand that {{ item }} comes from with_file. The same as other loops
Maybe i'm missing something and I apologise
All I want to achieve is to conditionally handle the key if the path to a key is specified.
I also don't want it to log the key if its skipped and I want it to skip if the path isn't specified.
The docs don't mention using lookup
# Creates a new ec2 key pair named `example` if not present using provided key
# material
- name: example3 ec2 key
local_action:
module: ec2_key
name: example3
key_material: "{{ item }}"
with_file: /path/to/public_key.id_rsa.pubAlso just found that if the key changes the documentation claims that the key is returned. I just get the following message returned
TASK: [openbet/aws/ec2-security | Create ec2 key pair] ************************
changed: [localhost]
TASK: [openbet/aws/ec2-security | copy content={{ ec2_key }} dest="~/{{ec2_key_name}}.pem"] ***
ok: [localhost -> 127.0.0.1]
TASK: [openbet/aws/ec2-security | debug msg={{ ec2_key }}] ********************
ok: [localhost] => {
"msg": "{'invocation':"
}
James Morgan
Jan 17, 2015, 1:54:22 PM1/17/15
to ansible...@googlegroups.com
Regarding the second point. This post helped correct the saving .pem logic
Brian Coca
Jan 19, 2015, 9:22:40 AM1/19/15
to ansible...@googlegroups.com
try:
with_file: "{{ ec2_key_material|default[] }}"
with_ lookups always happen before the when clause (to allow for use
of item in when), so if you don't specify a key this will be an error.
with_file: "{{ ec2_key_material|default[] }}"
with_ lookups always happen before the when clause (to allow for use
of item in when), so if you don't specify a key this will be an error.
James Morgan
Jan 20, 2015, 4:56:50 AM1/20/15
to ansible...@googlegroups.com
Perfect thanks
Reply all
Reply to author
Forward
0 new messages