Using formatted PS JSON in play.
69 views
Skip to first unread message
jesse...@gmail.com
Nov 5, 2020, 5:16:20 PM11/5/20
to Ansible Project
So i'm having difficulties and am quite stuck...
My goal is to capture details from a UNC paths NTFS ACLS.
Important details are below.
- name: Teach him to fish - Run it
win_shell: |
. C:\Temp\grp_enum.ps1
enumerate -path "{{ path }}"
become: yes
become_method: runas
vars:
ansible_become_user: '{{ h_become_user }}'
ansible_become_pass: '{{ h_become_pass }}'
register: fishing
- name: process fish
set_fact:
chum: "{{ fishing.stdout | from_json }}"
- name: plate SamAccountName's
set_fact:
caughtfish: "{{ chum | json_query(jmesquery) }}"
vars:
jmesquery: 'chum.SamAccountName'
- name: serve samaccountnames
debug:
msg: " Fucking output something already! {{caughtfish}}"
win_shell: |
. C:\Temp\grp_enum.ps1
enumerate -path "{{ path }}"
become: yes
become_method: runas
vars:
ansible_become_user: '{{ h_become_user }}'
ansible_become_pass: '{{ h_become_pass }}'
register: fishing
- name: process fish
set_fact:
chum: "{{ fishing.stdout | from_json }}"
- name: plate SamAccountName's
set_fact:
caughtfish: "{{ chum | json_query(jmesquery) }}"
vars:
jmesquery: 'chum.SamAccountName'
- name: serve samaccountnames
debug:
msg: " Fucking output something already! {{caughtfish}}"
Spits out JSON formatted
"ansible_facts": {
"chum": [
{
"DistinguishedName": "CN=LASTNAME\\, FIRSTNAME (USN123),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN123"
},
{
"DistinguishedName": "CN=LASTNAME1\\, FIRSTNAME1 (USN234),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN234"
}
]
},
"ansible_facts": {
"chum": [
{
"DistinguishedName": "CN=LASTNAME\\, FIRSTNAME (USN123),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN123"
},
{
"DistinguishedName": "CN=LASTNAME1\\, FIRSTNAME1 (USN234),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN234"
}
]
},
Yet no matter how I skin this fish...
PLATES results
ok: [l1pnchwmgt12.columbuschildrens.net] => {
"ansible_facts": {
"caughtfish": ""
},
"changed": false
}
SERVES results
I can't get this thing to give me any data, what so ever...
P.s. google groups sucks in conversion, no format as code is a sin.
Dick Visser
Nov 6, 2020, 1:09:51 AM11/6/20
to ansible...@googlegroups.com
It does give you data, but judging from your comments, not the data you want, or in a different format. But it's not clear what you want ('skin fish'??).
What are you exactly looking for?
What is the expected result?
P.s. google groups sucks in conversion, no format as code is a sin.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/27f9734c-f60a-43e9-93a4-2b022c377710n%40googlegroups.com.
Sent from a mobile device - please excuse the brevity, spelling and punctuation.
jesse...@gmail.com
Nov 6, 2020, 9:08:28 AM11/6/20
to Ansible Project
No, pretty positive when I'm asking for the value of a variable, I'm expecting for more output than none.
- name: plate SamAccountName's
set_fact:
caughtfish: "{{ chum | json_query(jmesquery) }}"
vars:
jmesquery: 'chum.SamAccountName'
- name: serve samaccountnames
debug:
msg: " Fucking output something already! {{ caughtfish }}"
set_fact:
caughtfish: "{{ chum | json_query(jmesquery) }}"
vars:
jmesquery: 'chum.SamAccountName'
- name: serve samaccountnames
debug:
msg: " Fucking output something already! {{ caughtfish }}"
I'm mostly at a loss of what I'm doing wrong with json_query for it to net me ... no results... each time when simply asking for it to query SamAccountName.
Either I'm grossly misunderstanding how it functions, or my data/query is boned.
jesse...@gmail.com
Nov 6, 2020, 9:12:26 AM11/6/20
to Ansible Project
Also, the variable names are a bit eclectic I know, but...
Give a man a fish, feed him for a day, teach him for a fish, feed him for life.
Playbook name is fishing
chum the water
catch fish,
prep fish
serve fish,
silly I know, but it makes sense.
Dick Visser
Nov 6, 2020, 10:51:00 AM11/6/20
to ansible...@googlegroups.com
It's not getting any clearer to me. Let's take some steps back. Please
confirm if I'm on the right track.
You end up with this data structure:
"ansible_facts": {
"chum": [
{
"DistinguishedName": "CN=LASTNAME\\, FIRSTNAME
(USN123),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN123"
},
{
"DistinguishedName": "CN=LASTNAME1\\, FIRSTNAME1
(USN234),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN234"
}
]
},
Is that the correct data? I.e. does it contain everything you need?
And if so, what do you want to do/extract from this?
You want perhaps to end up with a list of the SamAccountNames, i.e.:
- USN123
- USN234
?
Or something entirely different?
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5035f606-85ff-40dd-bad5-e1ed329180b6n%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
confirm if I'm on the right track.
You end up with this data structure:
"ansible_facts": {
"chum": [
{
"DistinguishedName": "CN=LASTNAME\\, FIRSTNAME
(USN123),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN123"
},
{
"DistinguishedName": "CN=LASTNAME1\\, FIRSTNAME1
(USN234),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN234"
}
]
},
And if so, what do you want to do/extract from this?
You want perhaps to end up with a list of the SamAccountNames, i.e.:
- USN123
- USN234
?
Or something entirely different?
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
jesse...@gmail.com
Nov 6, 2020, 11:20:25 AM11/6/20
to Ansible Project
I want to get the samaccountnames in a dictionary list that I can then use in further plays, yes.
Dick Visser
Nov 6, 2020, 12:05:20 PM11/6/20
to ansible...@googlegroups.com
> - name: plate SamAccountName's
> set_fact:
> caughtfish: "{{ chum | json_query(jmesquery) }}"
> vars:
> jmesquery: 'chum.SamAccountName'
You are already piping 'chum' to json_query, so it should not be part
> set_fact:
> caughtfish: "{{ chum | json_query(jmesquery) }}"
> vars:
> jmesquery: 'chum.SamAccountName'
of the query itself again.
Also, because it's a list, you need to select all entries first with [].
And a relatively simple query like this doesn't need a dedicated variable.
Try this:
- name: plate SamAccountName's
set_fact:
jesse...@gmail.com
Nov 6, 2020, 12:29:52 PM11/6/20
to Ansible Project
That absolutely worked and made a huge difference.
so using [] like that selects all entries from the variable being piped into it to query?
Is there literature I can read to help understand this facet better?
Thank you again!.
Dick Visser
Nov 6, 2020, 1:40:10 PM11/6/20
to ansible...@googlegroups.com
https://jmespath.org/tutorial.html is a good start, the examples have
the data in editable forms, so you can quickly test things out.
For trial/error with complex data structures that come from
expensive/slow APIs or playbooks, I usually make a dummy playbook with
hard coded data, to focus on the json_query part itself, for example:
---
- hosts: localhost
connection: local
gather_facts: no
vars:
- set_fact:
test: "{{ chum|from_json|json_query('[].SamAccountName') }}"
- debug: var=test
the data in editable forms, so you can quickly test things out.
For trial/error with complex data structures that come from
expensive/slow APIs or playbooks, I usually make a dummy playbook with
hard coded data, to focus on the json_query part itself, for example:
---
- hosts: localhost
connection: local
gather_facts: no
vars:
chum: |
[
{
"DistinguishedName": "CN=LASTNAME\\, FIRSTNAME
(USN123),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN123"
},
{
"DistinguishedName": "CN=LASTNAME1\\, FIRSTNAME1
(USN234),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN234"
}
]
tasks:
[
{
"DistinguishedName": "CN=LASTNAME\\, FIRSTNAME
(USN123),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN123"
},
{
"DistinguishedName": "CN=LASTNAME1\\, FIRSTNAME1
(USN234),OU=Users,OU=ORGANIZATION,DC=CONSONTO,DC=net",
"SamAccountName": "USN234"
}
]
- set_fact:
test: "{{ chum|from_json|json_query('[].SamAccountName') }}"
- debug: var=test
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/da6396b6-2768-4644-965f-8d32d0716e45n%40googlegroups.com.
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
flowerysong
Nov 6, 2020, 1:59:29 PM11/6/20
to Ansible Project
On Thursday, November 5, 2020 at 5:16:20 PM UTC-5, jesse...@gmail.com wrote:
So i'm having difficulties and am quite stuck...My goal is to capture details from a UNC paths NTFS ACLS.
- name: process fish
set_fact:
chum: "{{ fishing.stdout | from_json }}"
- name: plate SamAccountName's
set_fact:
caughtfish: "{{ chum | json_query(jmesquery) }}"
vars:
jmesquery: 'chum.SamAccountName'
json_query() is almost never needed, and adds a whole other language to learn (JMESPath) on top of the Jinja that you need to learn in order to use Ansible.
You can replace both of your set_fact calls with:
- name: plate fish
set_fact:
caughtfish: "{{ fishing.stdout | from_json | map(attribute='SamAccountName') | list }}"See https://jinja.palletsprojects.com/en/2.11.x/templates/#map for more information on map().
Vladimir Botka
Nov 6, 2020, 6:33:46 PM11/6/20
to flowerysong, ansible...@googlegroups.com
On Fri, 6 Nov 2020 10:59:29 -0800 (PST)
flowerysong <ezek...@umich.edu> wrote:
> json_query() is almost never needed, ...
FWIW, Let me add to this statement:
"json_query() is almost never needed when the data is stored in
lists. json_query() is essential when the data is stored in nested
dictionaries."
Sometimes the result of using the nested dictionaries is a cleaner
code. Then json_query() is essential to help with searching. In other
words, without json_query() it might be a trade-off between a clean
code and optimal structure. See the examples below.
------------------------------------------------------------------
1) Trivial. The task below gives "msg: [A, D, G]"
- debug:
msg: "{{ data|map(attribute='a1')|list|
to_yaml }}"
vars:
data:
- {a1: A, a2: B, a3: C}
- {a1: D, a2: E, a3: F}
- {a1: G, a2: H, a3: I}
2) Feasible. First level nested dictionaries can be solved by
dict2items. The task below gives the same result "msg: [A, D, G]"
- debug:
msg: "{{ data|dict2items|
map(attribute='value')|
map(attribute='a1')|list|
to_yaml }}"
vars:
data:
dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
dic3: {a1: G, a2: H, a3: I}
3) Problem. The task is more complicated when the data is stored in
nested dictionaries. For example the task below
- debug:
msg: "{{ data|dict2items|
map(attribute='value')|list|
to_yaml }}"
vars:
data:
section1:
dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
section2:
dic3: {a1: G, a2: H, a3: I}
gives the list of dictionaries. It's both tricky and error-prone to
proceed in the pipe.
msg:
- dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
- dic3: {a1: G, a2: H, a3: I}
4) Solution. Using json_query() to process the same data is trivial.
The task below gives the same result "msg: [A, D, G]"
- debug:
msg: "{{ data|json_query('*.*.a1')|flatten|
to_yaml }}"
vars:
data:
section1:
dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
section2:
dic3: {a1: G, a2: H, a3: I}
5) Dilemma. json_query() is not needed if the same data is stored in
the lists. The task below gives the same result "msg: [A, D, G]".
Is this structure optimal for the case? Isn't nested dictionaries
a better structure? If yes, put the data into the nested
dictionaries and use json_query().
- debug:
msg: "{{ data|
map(attribute='list')|flatten|
map(attribute='a1')|list|
to_yaml }}"
vars:
data:
- section: section1
list:
- {a1: A, a2: B, a3: C}
- {a1: D, a2: E, a3: F}
- section: section2
list:
- {a1: G, a2: H, a3: I}
--
Vladimir Botka
flowerysong <ezek...@umich.edu> wrote:
> json_query() is almost never needed, ...
FWIW, Let me add to this statement:
"json_query() is almost never needed when the data is stored in
lists. json_query() is essential when the data is stored in nested
dictionaries."
Sometimes the result of using the nested dictionaries is a cleaner
code. Then json_query() is essential to help with searching. In other
words, without json_query() it might be a trade-off between a clean
code and optimal structure. See the examples below.
------------------------------------------------------------------
1) Trivial. The task below gives "msg: [A, D, G]"
- debug:
msg: "{{ data|map(attribute='a1')|list|
to_yaml }}"
vars:
data:
- {a1: A, a2: B, a3: C}
- {a1: D, a2: E, a3: F}
- {a1: G, a2: H, a3: I}
2) Feasible. First level nested dictionaries can be solved by
dict2items. The task below gives the same result "msg: [A, D, G]"
- debug:
msg: "{{ data|dict2items|
map(attribute='value')|
map(attribute='a1')|list|
to_yaml }}"
vars:
data:
dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
dic3: {a1: G, a2: H, a3: I}
3) Problem. The task is more complicated when the data is stored in
nested dictionaries. For example the task below
- debug:
msg: "{{ data|dict2items|
map(attribute='value')|list|
to_yaml }}"
vars:
data:
section1:
dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
section2:
dic3: {a1: G, a2: H, a3: I}
gives the list of dictionaries. It's both tricky and error-prone to
proceed in the pipe.
msg:
- dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
- dic3: {a1: G, a2: H, a3: I}
4) Solution. Using json_query() to process the same data is trivial.
The task below gives the same result "msg: [A, D, G]"
- debug:
msg: "{{ data|json_query('*.*.a1')|flatten|
to_yaml }}"
vars:
data:
section1:
dic1: {a1: A, a2: B, a3: C}
dic2: {a1: D, a2: E, a3: F}
section2:
dic3: {a1: G, a2: H, a3: I}
5) Dilemma. json_query() is not needed if the same data is stored in
the lists. The task below gives the same result "msg: [A, D, G]".
Is this structure optimal for the case? Isn't nested dictionaries
a better structure? If yes, put the data into the nested
dictionaries and use json_query().
- debug:
msg: "{{ data|
map(attribute='list')|flatten|
map(attribute='a1')|list|
to_yaml }}"
vars:
data:
- section: section1
list:
- {a1: A, a2: B, a3: C}
- {a1: D, a2: E, a3: F}
- section: section2
list:
- {a1: G, a2: H, a3: I}
--
Vladimir Botka
Stefan Hornburg (Racke)
Nov 7, 2020, 6:37:25 AM11/7/20
to ansible...@googlegroups.com
thanks a lot for your exhaustive analysis of json_query vs. Jinja filters.
Very much appreciated!!
Regards
Racke
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
Jess L
Nov 7, 2020, 12:01:22 PM11/7/20
to ansible...@googlegroups.com
Absolutely thank you for the breakdowns and information, I know I'll be referencing this in the VERY near future :)
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/nccjo_TJX3Q/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a79413f0-03cb-b390-08d4-7056e82e2ea4%40linuxia.de.
Reply all
Reply to author
Forward
0 new messages