I'm looking for a way to reuse variables defined in my list on YAML, I have a YAML list with the following sample entries :
workstreams:
- name: tigers
service_workstream: tigers-svc
virtual_user:
- {name: inbound-tigers, pass: '123', access: inbound, env: app1}
- {name: outbound-tigers, pass: '123', access: outbound, env: app1}
email: tigers#my-fqdn.com
mount_dir: /mnt/tigers
app_config_dir: /opt/tigers
Using the example from above I want to reuse a defined value, like tigers. The ideal solution would be something like this :
workstreams:
- name: tigers
service_workstream: "{{ vars['name'] }}-svc"
virtual_user:
- {name: "inbound-{{ vars['name'] }}", pass: '123', access: inbound, env: app1}
- {name: "outbound-{{ vars['name'] }}", pass: '123', access: outbound, env: app1}
email: "{{ vars['name'] }}#my-fqdn.com"
mount_dir: "/mnt/{{ vars['name'] }}"
app_config_dir: "/opt/{{ vars['name'] }}"
Any points as to how I can do this in YAML ?
You can do:
workstreams:
- name: &name tigers # the scalar "tigers" with an anchor &name
service_workstream: *name # alias, references the anchored scalar above
However, you can not do string concatenation or anything like it in YAML 1.2. It cannot do any transformations on the input data. An alias is really a reference to the node that holds the corresponding anchor, it is not a variable.
Quite some YAML-using software provides non-YAML solutions to that problem, for example, preprocessing the YAML file with Jinja or whatnot. Depending on context, that may or may not be a viable solution for you.
Related
I started using the role argument validation which was introduced in Ansible 2.11. For example an easy variable of type string looks like this in meta/argument_specs.yml:
argument_specs:
main:
short_description: "Checking firewall global policies"
options:
openwrt_firewall_default_forward:
type: "str"
choices:
- "ACCEPT"
- "REJECT"
- "DROP"
But I have more complex variables than that, for example dicts. This is what the variables can look like:
openwrt_firewall_zoneshost:
MGMT:
forward: "REJECT"
input: "ACCEPT"
output: "ACCEPT"
#log: 1
interfaces:
- "mgmt"
SECURE:
forward: "ACCEPT"
input: "ACCEPT"
output: "ACCEPT"
#log: 1
interfaces:
- "secure"
or like this:
openwrt_firewall_ruleshost:
"syslog logrx1":
src: "*"
dest: "RXFORELLE"
dest_ip:
- "{{ hostvars['alsomyhost.mydomain.de']['primary_ip6'] }}"
dest_port: "514"
target: "ACCEPT"
"MGMT myhost":
src: "MGMT"
dest: "RXFORELLE"
dest_ip:
- "{{ hostvars['myhost.mydomain.de']['primary_ip6'] }}"
proto: "tcp"
dest_port: "22"
target: "ACCEPT"
I would like to be able to validate those, meaning. Some of the attributes are mandatory like src or destination. Some others are optional, but if given I would like to make sure they are of the correct type.
Honestly I don't understand the documentation with reference to this very problem having dict variables. Could someone please outline what the validation structure would look like for those type of variables.
Reference:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_reuse_roles.html#role-argument-validation
You can repeat options: in the definition of an option, these are sometimes called "suboptions", and within there you can use all the same fields to define what that dict should contain.
argument_specs:
main:
short_description: "Checking firewall global policies"
options:
openwrt_firewall_ruleshost:
type: "dict"
required: true
options:
src:
required: true
type: str
I'm using Ansible
os_project_facts module to gather admin project id of OpenStack.
This is the ansible_fact log:
ansible_facts:
openstack_projects:
- description: Bootstrap project for initializing the cloud.
domain_id: default
enabled: true
id: <PROJECT_ID>
is_domain: false
is_enabled: true
location:
cloud: envvars
project:
domain_id: default
domain_name: null
id: default
name: null
region_name: null
zone: null
name: admin
options: {}
parent_id: default
properties:
options: {}
tags: []
tags: []
Apparently, this is not a dictionary, and I can't get openstack_projects.id since it is not a dictionary. How can I retrieve PROJECT_ID and use it in other tasks?
Since the openstack_projects facts contains single list element with a dictionary, we can use the array indexing method to get the id, i.e. openstack_projects[0]['id'].
You can use it directly, or use something like set_fact:
- name: get the project id
set_fact:
project_id: "{{ openstack_projects[0]['id'] }}"
This is my first time working with YAML, but I am running into an issue where it seems like if I want to include a variable-group (i.e., signing certificate password) with local pipeline-related variables then I cannot use the simplified naming convention where the variable's name and value can both be defined and set on the same line.
For example, wat I want is something similar to this (I made sure spacing is correct in the YAML):
variables:
solutionName: Foo.sln
projectName: Bar
buildPlatform: x64
buildConfiguration: development
major: '1'
minor: '0'
build: '0'
revision: $[counter('rev', 0)]
vhdxSize: '200'
- group: legacy-pipeline
signingCertPwd: $[variables.SigningCertificatePassword]
But, this results in a parsing error. As a result, I have to use a denser, but more bloated looking, format of:
variables:
- name: solutionName
value: Foo.sln
- name: projectName
value: Bar
- name: buildPlatform
value: x64
- name: buildConfiguration
value: development
- name: major
value: '1'
- name: minor
value: '0'
- name: build
value: '0'
- name: revision
value: $[counter('rev', 0)]
- name: vhdxSize
value: '200'
- group: legacy-pipeline
- name: signingCertPwd
value: $[variables.SigningCertificatePassword]
It seems like the simplified naming format is only available if I use it for local variables, but if I add a variable-group then the simplified format goes away. I have tried searching the web for a solution for this, but I am not able find anything useful for this. Is what I am trying to achieve possible or no? If yes, how can it be done?
Unfortunately mixing the styles is not possible, but you can work around that using templates:
# pipeline.yaml
stages:
- stage: declare_vars
variables:
- template: templates/vars.yaml
- group: my-group
- template: templates/inline-vars.yaml
parameters:
vars:
inline_var: yes!
and_more: why not
jobs:
- job:
steps:
- pwsh: |
echo 'foo=$(foo)'
echo 'bar=$(bar)'
echo 'var1=$(var1)'
echo 'inline_var=$(inline_var)'
# templates/vars.yaml
variables:
foo: bar
bar: something else
# templates/inline-vars.yaml
parameters:
- name: vars
type: object
default: {}
variables:
${{ each var in parameters.vars}}:
${{var.key}}: ${{var.value}}
templates/vars.yaml is just simply moving variables to another file.
templates/inline-vars.yaml lets you define inline variables using the denser syntax together with referencing groups, but there's additional ceremony of writing template:, parameters:, vars:.
I am trying to make my roles readable and at the same time enable tags for them
- { role: 'init' }
- role: common, tags: 'common'
pA: "pA"
pB: "pB"
pC: "pC"
- role: special
sA: "sA"
But the above is not allowed/gives an error. Any suggestions on how to define tags in my playbook for my roles and still have lots of parameters?
Here you are:
- role: common
tags: common
pA: pA
pB: pB
pC: pC
or for increased readability:
- role: common
tags: common
vars:
pA: pA
pB: pB
pC: pC
All values are strings, so quotes are unnecessary.
I have a playbook creating EC2 by using a dictionary declared in vars: then registering the IPs into a group to be used later on.
The dict looks like this:
servers:
serv1:
name: tag1
type: t2.small
region: us-west-1
image: ami-****
serv2:
name: tag2
type: t2.medium
region: us-east-1
image: ami-****
serv3:
[...]
I would like to apply tags to this playbook in the simplest way so I can create just some of them using tags. For example, running the playbook with --tags tag1,tag3 would only start EC2 matching serv1 and serv3.
Applying tags on the dictionary doesn't seem possible and I would like to avoid doing multiplying tasks like:
Creatinge EC2
Register infos
Getting private IP from previously registered infos
adding host to group
While I already have a working loop for the case I want to create all EC2 at once, is there any way to achieve that (without relying on --extra-vars, which would need key=value) ? For example, filtering out the dictionary by keeping only what is tagged before running the EC2 loop ?
I doubt you can do this out of the box. And not sure this is good idea at all.
Because tags are used to filter tasks in Ansible, so you will have to mark all tasks with tags: always.
You can accomplish this with custom filter plugin, for example (./filter_plugins/apply_tags.py):
try:
from __main__ import cli
except ImportError:
cli = False
def apply_tags(src):
if cli:
tags = cli.options.tags.split(',')
res = {}
for k,v in src.iteritems():
keep = True
if 'name' in v:
if v['name'] not in tags:
keep = False
if keep:
res[k] = v
return res
else:
return src
class FilterModule(object):
def filters(self):
return {
'apply_tags': apply_tags
}
And in your playbook:
- debug: msg="{{ servers | apply_tags }}"
tags: always
I found a way to match my needs without touching to the rest so I'm sharing it in case other might have a similar need.
I needed to combine dictionaries depending on tags, so my "main" dictionary wouldn't be static.
Variables became :
- serv1:
- name: tag1
type: t2.small
region: us-west-1
image: ami-****
- serv2:
- name: tag2
type: t2.medium
region: us-east-1
image: ami-****
- serv3:
[...]
So instead of duplicating my tasks, I used set_fact with tags like this:
- name: Combined dict
# Declaring empty dict
set_fact:
servers: []
tags: ['always']
- name: Add Server 1
set_fact:
servers: "{{ servers + serv1 }}"
tags: ['tag1']
- name: Add Server 2
set_fact:
servers: "{{ servers + serv2 }}"
tags: ['tag2']
[..]
20 lines instead of multiply tasks for each server, change vars from dictionary to lists, a few tags and all good :) Now if I add a new server it will only take a few lines.