String templating issue in lookup plugin command
10 views
Skip to first unread message
MKPhil
Jul 23, 2019, 5:25:34 AM7/23/19
to Ansible Project
This is my playbook:
From the error I think it is not replacing the variable with its value. I've tried various type of quotes but to no avail.
---
- name: retrieve password
hosts: localhost
gather_facts: no
vars:
vmware_user: "SOMEUSER"
# This Doesn't work:
vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username={{ vmware_user }}', Output='Password').password }}"
# This works:
# vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username=SOMEUSER', Output='Password').password }}"
If I try the first one I get:
PLAY [retrieve password] ********************************************************************************************************************************************************************************************************************
TASK [debug] ********************************************************************************************************************************************************************************************************************************fatal: [localhost]: FAILED! => {"failed": true, "msg": "{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username={{ vmware_user }} ', Output='Password').password }}: An unhandled exception occurred while running the lookup plugin 'cyberarkpassword'. Error was a <class 'ansible.errors.AnsibleError'>, original message: APPAP004E Password object matching query [address=mydomain.corp;username={{ vmware_user }} ] was not found (Diagnostic Info: 5). Please check that there is a password object that answers your query in the Vault and that both the Provider and the application user have the appropriate permissions needed in order to use the password.\n"}
PLAY RECAP **********************************************************************************************************************************************************************************************************************************localhost : ok=0 changed=0 unreachable=0 failed=1
Stefan Hornburg (Racke)
Jul 23, 2019, 5:33:25 AM7/23/19
to ansible...@googlegroups.com
On 7/23/19 11:25 AM, MKPhil wrote:
>
> I've got a Playbook that uses a lookup plugin to retrieve a value but I seem to have a string templating issue.
>
> This is my playbook:
>
> |
> ---
> -name:retrieve password
>
> I've got a Playbook that uses a lookup plugin to retrieve a value but I seem to have a string templating issue.
>
> This is my playbook:
>
> |
> ---
> hosts:localhost
> gather_facts:no
>
> vars:
> vmware_user:"SOMEUSER"
>
> # This Doesn't work:
> vmware_password:"{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username={{ vmware_user
> }}', Output='Password').password }}"
>
> # This works:
> # vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username=SOMEUSER',
> Output='Password').password }}"
> |
>
The curly braces can't be nested, so in this case you try to use vars['vmware_user'] instead.
> gather_facts:no
>
> vars:
> vmware_user:"SOMEUSER"
>
> # This Doesn't work:
> vmware_password:"{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username={{ vmware_user
> }}', Output='Password').password }}"
>
> # This works:
> # vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp', Query='address=mydomain.corp;username=SOMEUSER',
> Output='Password').password }}"
> |
>
Regards
Racke
>
> If I try the first one I get:
> |
> PLAY [retrieve password]
> ********************************************************************************************************************************************************************************************************************
>
> TASK [debug]
> ********************************************************************************************************************************************************************************************************************************
> fatal: [localhost]: FAILED! => {"failed": true, "msg": "{{ lookup('cyberarkpassword', AppID='myapp',
> Query='address=mydomain.corp;username={{ vmware_user }} ', Output='Password').password }}: An unhandled exception
> occurred while running the lookup plugin 'cyberarkpassword'. Error was a <class 'ansible.errors.AnsibleError'>, original
> message: APPAP004E Password object matching query [address=mydomain.corp;username={{ vmware_user }} ] was not found
> (Diagnostic Info: 5). Please check that there is a password object that answers your query in the Vault and that both
> the Provider and the application user have the appropriate permissions needed in order to use the password.\n"}
>
> PLAY RECAP
> **********************************************************************************************************************************************************************************************************************************
> localhost : ok=0 changed=0 unreachable=0 failed=1
> |
>
> From the error I think it is not replacing the variable with its value. I've tried various type of quotes but to no avail.
>
>
>
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/79366b1b-68f8-43f1-afc6-e72f729e4ea8%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/79366b1b-68f8-43f1-afc6-e72f729e4ea8%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
Kai Stian Olstad
Jul 23, 2019, 5:43:53 AM7/23/19
to ansible...@googlegroups.com
On 23.07.2019 11:25, MKPhil wrote:
> I've got a Playbook that uses a lookup plugin to retrieve a value but I
> seem to have a string templating issue.
>
> This is my playbook:
>
> ---
> - name: retrieve password
> hosts: localhost
> gather_facts: no
>
> vars:
> vmware_user: "SOMEUSER"
>
> # This Doesn't work:
> vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp',
> Query='address=mydomain.corp;username={{ vmware_user }}',
> Output='Password').password }}"
You are already in template mode so you can't use {{ }} inside {{ }}.
> I've got a Playbook that uses a lookup plugin to retrieve a value but I
> seem to have a string templating issue.
>
> This is my playbook:
>
> ---
> - name: retrieve password
> hosts: localhost
> gather_facts: no
>
> vars:
> vmware_user: "SOMEUSER"
>
> # This Doesn't work:
> vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp',
> Query='address=mydomain.corp;username={{ vmware_user }}',
> Output='Password').password }}"
You need to use string concatenation with tilde, so I think this should
work.
vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp',
Output='Password').password }}"
--
Kai Stian Olstad
Reply all
Reply to author
Forward
0 new messages