shell commands and escaping characters
65 views
Skip to first unread message
Peter Palmieri
Oct 6, 2014, 2:36:08 PM10/6/14
to ansible...@googlegroups.com
I'm pulling data from EC2 instance metadata (from an IAM instance profile). The shell commands are:
access=`cat /home/ubuntu/creds.txt | grep "AccessKeyId" | cut -d':' -f2 | tr -d ' ' | tr -d '"' | tr -d ','`
My playbook fragment:
- name: get IAM role creds
shell: curl http://169.254.169.254/latest/meta-data/iam/security-credentials/PullCredentials > creds.txt
- name: set env variables
command: access=`cat /home/ubuntu/creds.txt | grep "AccessKeyId" | cut -d':' -f2 | tr -d ' ' | tr -d '"' | tr -d ','`
When I run this manually, the creds.txt file is created, and the cat | grep | cut etc works fine.
When it runs:
TASK: [get IAM role creds] ****************************************************
changed: [****]
TASK: [set env variables] *****************************************************
failed: [****] => {"cmd": "'access=`cat' /home/ubuntu/creds.txt '|' grep AccessKeyId '|' cut -d: -f2 '|' tr -d ' ' '|' tr -d '\"' '|' tr -d ',`'", "failed": true, "rc": 2}
msg: [Errno 2] No such file or directory
If I set everything after command: in quotes, I get a parser error:
ERROR: Syntax Error while loading YAML script, ansible-qa-ami.yml
Note: The error may actually appear before this position: line 197, column 82
- name: set env variables
command: 'access=`cat /home/ubuntu/creds.txt | grep "AccessKeyId" | cut -d':' -f2 | tr -d ' ' | tr -d '"' | tr -d ','`'
^
So I seem to have an issue with colons, quotes, and/or back ticks. Any suggestions are very welcome.
Mark
Oct 7, 2014, 10:17:52 AM10/7/14
to ansible...@googlegroups.com
Hi,
Total newb here but sometimes the simplest mistakes are the longest to find ;)
Have you tried putting a space between -d and ':' ?
Also, try an online yaml checker like yamllint?
Michael Peters
Oct 7, 2014, 10:29:47 AM10/7/14
to ansible...@googlegroups.com
The command module just takes a simple command. If you need a full
shell (for pipes, io redirection, etc) use the shell command.
But in this case it's still not going to do what you want. The
"access" variable won't be visible to anything outside of that command
so it's essentially worthless. If you need to capture it and store it,
look at using "register" and then perhaps a set_fact, or environment
keyword.
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/e7d876a3-7731-417f-9b0f-15ba8d820a15%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
shell (for pipes, io redirection, etc) use the shell command.
But in this case it's still not going to do what you want. The
"access" variable won't be visible to anything outside of that command
so it's essentially worthless. If you need to capture it and store it,
look at using "register" and then perhaps a set_fact, or environment
keyword.
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/e7d876a3-7731-417f-9b0f-15ba8d820a15%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages