I have a kubernetes template yaml file that has the following
{{ when get "db" false }}
- name: DB_PASSWORD
value: {{ .password }}
- name: DB_USERNAME
value: {{ .username }}
{{ end }}
It gets the db, password, and username from a file that looks like
db:
password: "password"
username: "username"
I understand with is changing the scope and get is a method that has 2 parameters
the dictionary to read from
the key to get the value of
I'm totally new to GO and can't find anywhere in the documentation of Helm or Sprig to explain why using a key of false works to get the password and username. I'm guessing it has to do with how go parses the yaml and assigns a key value pair of "false": interface{}.
Can anyone point me to the right place or help me understand why this works?
Related
I got a map in values.yaml:
Schedule:
app1: node01
app2: node07
app3: node13
and I want to use it in template/app.yaml:
{{- $tuplei := untilStep 1 4 1 -}}
{{- range $keyi, $vali := $tuplei }}
---
spec:
template:
spec:
nodeName: {{ $.Values.Schedule.node$vali }}
It can't work:
Error: parse error at (xxx/templates/app.yaml:51): bad character U+0024 '$'
helm.go:94: [debug] parse error at (xxx/templates/app.yaml:51): bad character U+0024 '$'
I have tried some ways, but still can't make it.
#{{- $ScheduleName := printf "app%d" $vali }}
#nodeName: get $.Values.Schedule "$ScheduleName"
#can't work, too.
The Go text/template language includes an index function, which does an arbitrary lookup by key or index. So your last form is almost correct: you need to construct the key in a string, and then use index to retrieve it.
{{- $scheduleName := printf "app%d" $vali -}}
nodeName: {{ index $.Values.Schedule $scheduleName }}
Make sure to not quote the $scheduleName variable reference, lest the template language interpret it as a string literal.
I am trying to extract specific value from kv2 hashicorp vault in ansible playbook using hashi_vault module
- name: Return specific value from vault
ansible.builtin.set_fact:
secret: "{{ lookup('hashi_vault', 'secret=my.secrets/data/dev/heslo:value token=vault-plaintext-root-token url=http://10.47.0.235:8200/')}}" register: secret
I am getting
{"msg": ""An unhandled exception occurred while running the lookup plugin 'hashi_vault'. Error was a <class 'ansible.errors.AnsibleError'>, original message: The secret my.secrets/data/dev/heslo doesn't seem to exist for hashi_vault lookup"}
Query works for all of the secrets in path using
secret=my.secrets/data/dev/
"heslo" record exists in the path
"ansible_facts": {
"secret": {
"data": {
"heslo": "heslo",
"password": "test",
"username": "ahoj"
},
Thank you in advance
The syntax for your lookup is for the KV1 engine. We can update it for the KV2 secrets engine:
- name: Return specific value from vault
ansible.builtin.set_fact:
secret: "{{ lookup('hashi_vault', 'secret=my.secrets/data/dev token=vault-plaintext-root-token url=http://10.47.0.235:8200/') }}"
The secret fact will then be a dictionary containing all of the key value pairs at the specified secrets path my.secrets/data/dev. You can access the value of the key heslo with the normal syntax secret['heslo'].
Finally, you may also want to update to the Vault collection for Ansible with all of its newer features.
I have a YAML file used for helm chart:
my_project_deployment.yaml:
- name: unzipper.storageMounts.persistent
value: {{- range $index, $item := .Values.base.storage.netapp.persistent }}{{- if $index }},{{- end }} {{ print .mountPath "/studies_001" }}{{- end }}
I know that it is being used for defining properties for specific project. However, I don't understand what it means.
I have a file called dev_value.yaml file which this .Values are referencing to.
dev_value.yaml:
base:
storage:
netapp:
transient:
volumeI:
serverIp:
imageStorePath: /cache001
mountPath: /mnt/i
claim:
core: pvc-core-cache001
persistent:
- name: volumeR
serverIp:
imageStorePath: /imagestore001
mountPath: /mnt/r
claim:
core: pvc-core-imagestore001
- name: volumeS
serverIp:
imageStorePath: /imagestore002
mountPath: /mnt/s
claim:
core: pvc-core-imagestore002
what would be the value in my_project_deployment.yaml? And can anyone please explain how to come up with the value?
This has little to do with YAML, it is Go's text/template syntax. The YAML file is processed by the templating engine before it is parsed by the YAML processor, so by the time the input is parsed as YAML, the value has already been set.
Helm does have docs about how templating works and particularly on values files.
The instructions to the templating engine can be formatted so that it is obvious what happens:
{{- range $index, $item := .Values.base.storage.netapp.persistent }}
{{- if $index }},{{- end }} {{ print .mountPath "/studies_001" }}
{{- end }}
It says:
For each sequence item in the values file at path base.storage.netapp.persistent, write a comma if it's not the first one ($index will be interpreted as false if it's 0), then print its mountPath suffixed by /studies_001.
With your values file, you will get
value: /mnt/r/studies_001, /mnt/s/studies_001
I need help with converting a Unicode variable to a string in order for the below Ansible construct to work.
In this particular case, I want to use the item.keys() method in order to get the current env name (i.e. uat) but I get [u'uat'] instead. I have been searching the Internet but could not find a way to convert [u'uat'] to a simple uat.
defaults/main.yml:
blablabla:
env:
- uat:
accounts:
- david:
email: david#example.com
- anna:
email: anna#example.com
- develop:
accounts:
- john:
email: john#example.com
tasks/main.yml:
- include_tasks: dosomething.yml
with_items:
- "{{ blablabla.env }}"
tasks/dosomething.yml:
- name: Get accounts
set_fact:
accounts: "{%- set tmp = [] -%}
{%- for account in item[item.keys()].accounts -%}
{{ tmp.append(account) }}
{%- endfor -%}
{{ tmp }}"
error message:
<?xml version="1.0" encoding="UTF-8"?>
<root>
<failed value="True"/>
<msg value="The task includes an option with an undefined variable. The error was: dict object has no element [u'uat']
The error appears to have been in 'dosomething.yml': line 9, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Get accounts
^ here
exception type: <class 'ansible.errors.AnsibleUndefinedVariable'>
exception: dict object has no element [u'uat']"/>
</root>
Alternatively, I would also welcome alternative approaches, as long the data structure (i.e. the defaults/main.yml file) remains unchanged.
I get [u'uat']
This is not a "Unicode string", this is a list ― pay attention to [ ].
As item.keys() returns a list, but you want to use it as an index to item[], you must select the element. So either use first filter or [0]:
- name: Get accounts
set_fact:
accounts: "{%- set tmp = [] -%}
{%- for account in item[item.keys()|first].accounts -%}
{{ tmp.append(account) }}
{%- endfor -%}
{{ tmp }}"
I am using ansible to template a jinja2 file.
IP:{{ ansible_eth0.ipv4.address }}
IP:{{ ansible_docker0.ipv4.address }}
IP:{{ ansible_{{ ka_interface }}.ipv4.address }}
there is a var named ka_interface for network adapter.
but you will get error in 3rd var
(IP:{{ ansible_{{ ka_interface }}.ipv4.address }} )
It seems that var in jinja2 template can be nested.
It's not possible to construct a dynamic variable with Jinja2 syntax.
However, you can access any play-bound variables via the builit-in vars hash object:
{{ vars['ansible_' + ka_interface]['ipv4']['address] }}
Edit: Fixed hash syntax
follow Chris Lam 's advice,
It works
- name: test
shell: echo {{ vars['ansible_' + ka_interface]['ipv4']['address'] }}
tags: test