Combining several facts into one array

36 views
Skip to first unread message

lift...@gmail.com

unread,
Oct 5, 2021, 2:28:09 PM10/5/21
to Ansible Project
I'm querying our FreeIPA server for user information.  What I need is there UID, GID, and Home directory.  I can get those individually, but how can I set a fact that combines all of these items?  Here's the 3 separate facts, I just can't figure out how to have an array of them:

  - name: Set User facts
    set_fact:
      user_uid: "{{ user_find.json.result | json_query('result[].uid[]') }}"
      user_gid: "{{ user_find.json.result | json_query('result[].gidnumber[]') }}"
      user_list: "{{ user_find.json.result | json_query('result[].homedirectory[]') }}"

Any ideas?
Harry

Dick Visser

unread,
Oct 5, 2021, 2:40:04 PM10/5/21
to ansible...@googlegroups.com
Before we try to do this manually in anisble- are you sure it's really impossible to craft a radius query that returns all the info you need?

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/bf8cb50a-1a92-4d92-a72c-30aef23231d9n%40googlegroups.com.
--
Sent from a mobile device - please excuse the brevity, spelling and punctuation.

lift...@gmail.com

unread,
Oct 5, 2021, 2:51:29 PM10/5/21
to Ansible Project
Our IPA server is really Red Hat IDM, but we're using the APIs to return all of the user information.  I can debug message that info so I know I have it.  I just don't know how to say " I want a list of this, this, and this" so I can use that later.  What I'm ultimately looking for is to traverse this list and copy a file to the user's home folder, and make sure the ownership is right (uid/gid).

Thanks,
Harry

flowerysong

unread,
Oct 5, 2021, 6:03:38 PM10/5/21
to Ansible Project
While the use of json_query obscures the actual structure that you're dealing with (and you haven't provided an example), this looks an awful lot like you're taking something where you already have all of the information you want in a list, and turning it into three lists. Is there a reason you can't just use user_find.json.result.result directly?

lift...@gmail.com

unread,
Oct 6, 2021, 8:38:19 AM10/6/21
to Ansible Project
So I'm close.  I am able to get the items from the returned list via the IPA API:

  - name: Run user_find from IDM API using previously stored session cookie
    uri:
      url: "https://{{idmfqdn}}/ipa/session/json"
      method: POST
      headers:
        Cookie: "{{ login.set_cookie }}"
        Referer: "https://{{idmfqdn}}/ipa"
        Content-Type: "application/json"
        Accept: "application/json"
      body_format: json
      body: "{\"method\": \"user_find/1\",\"params\": [[],{\"version\": \"{{ api_vers }}\"}]}"
    register: user_find

I can print them out and get the info I need:

  - name: Print output
    debug:
      msg: "{{ item.uid[0] }}:  {{ item.gidnumber[0] }}:  {{ item.homedirectory[0] }}"
    with_items: "{{ user_find.json.result.result| }}"

However, in my other thread about removing items from the list, I'm trying the suggestion as follows:

  - name: Print output
    debug:
      msg: "{{ item.uid[0] }}:  {{ item.gidnumber[0] }}:  {{ item.homedirectory[0] }}"
    loop: "{{ user_find.json.result.result|difference(deny) }}"
    vars:
    deny: ["/home/admin","/home/test"]

This gives me the following validation error:

ERROR! conflicting action statements: debug, deny

I won't be using debug in the final version of the playbook, so since I know that I can get the info I need, should I  just move onto that?  Or is there a way to get debug and deny to coexist to I can be SURE I'm getting what I need first?

Thanks,
Harry

Sandip Bhattacharya

unread,
Oct 6, 2021, 10:51:18 AM10/6/21
to ansible...@googlegroups.com


On 06.10.21 14:38, lift...@gmail.com wrote:
> However, in my other thread about removing items from the list, I'm trying the suggestion as follows:
>
>   - name: Print output
>     debug:
>       msg: "{{ item.uid[0] }}:  {{ item.gidnumber[0] }}:  {{ item.homedirectory[0] }}"
>     loop: "{{ user_find.json.result.result|difference(deny) }}"
>     vars:
>     deny: ["/home/admin","/home/test"]
>
> This gives me the following validation error:
>
> ERROR! conflicting action statements: debug, deny

'deny' is wrongly indented. It is a variable. Should be indented under 'vars'.

--
https://blog.sandipb.net
https://twitter.com/sandipb

lift...@gmail.com

unread,
Oct 6, 2021, 2:19:03 PM10/6/21
to Ansible Project
I wanted to let you know that I got this working.  I looped through the users list that was generated and skipped over the folders I didn't need by using:

when: item.homedirectory[0] not in ["/home/admin", "/home/test2"]

I also referenced the UID and GID in a similar manner (item.uid[0] and item.gidnumber[0]) and was able to use the information I needed to complete the task.

Thanks for the tips!
Harry

Reply all
Reply to author
Forward
0 new messages