I am creating an ecs_taskdefinition in ansible, but I would like the task-defintion in a sperate file. Can I somehow do something like this:
ecs_taskdefintion:
containers: {{ load_external_yaml containers.yaml }}
volumes: {{ load_external_yaml_volumes.yaml }}
So I want to load the yaml data from external files.
You may try to combine file lookup and from_yaml filter like this:
{{ lookup('file','containers.yaml') | from_yaml }}
Remember that lookups are local, so containers.yaml should be on ansible control host.
Since your file is YAML, you may use include_vars
from https://docs.ansible.com/ansible/latest/collections/ansible/builtin/include_vars_module.html :
- name: Setup vars
tags: ["always"]
include_vars:
file: "./vars/tintin.yaml"
name: tintin
Use tintin as a normal var everywhere!
Related
I am new to ansible and I have problems when I want to replace variables in a configuration file. The case is that I have tags in this file to be replaced by the value found in ansible-vault that has the same name as the tag in the configuration file.
the configuration file looks like this:
mongo.uri=<%=#dbruchost%>
mongo.replica.set=set0
mongo.database=<%=#dbrucdb%>
mongo.user=<%=#dbrucuser%>
mongo.password=<%=#dbrucpass%>
and the ansible-vault is as follows
vars:
dbruchost: "test.test:27017"
replica.set: "set0"
dbrucdb: "database1"
dbrucuser: "data"
dbrucpass: "d4t4"
jenkinsuser: "jenkinstest"
jenkinspassword: "j3nkins"
Actually I change the variables one by one with regex
- name: Replace uri
replace:
path: /tmp/artifacts/surveyMonkey/application.properties
regexp: "<%=#dbruchost%>"
replace: vars.dbruchost
But I would like to do it dynamically. Is there any possibility for ansible to read the tags from the application properties and look for them in the ansible-vault and replace them?
why dont use template for your config file:
use a template file.j2 like this for example:
mongo.uri={{ dbruchost }}
mongo.replica.set=set0
mongo.database={{ dbrucdb }}
mongo.user={{ dbrucuser }}
mongo.password={{ dbrucpass }}
you add a task to create you config file with the module template
a sample of task: put your config.j2 in templates dir
tasks:
- name: Dump all variables
template:
src: file.j2
dest: /tmp/artifacts/surveyMonkey/application.properties
i suppose you have access to your vault variables
Ansible v2.6.3
I wrote an Ansible role to create secrets in AWS secret manger, and I want to be able to call it like this
$ ansible-playbook -i "localhost," secretsmanager.yml -e command=update -e service_name=test-svc -e text_box='{"secret":"value"}'
I first copy the values of the passed-in json to
/tmp/{{ service_name }}.json
so in this example the file is
/tmp/test-svc.json
Here's the task that copies it
- name: Setup up dest file
set_fact:
secret: "{{ service_name }}"
dst_file: "/tmp/{{ service_name }}.json"
- name: "Copy {{ text_box }} to {{ dst_file }}"
shell: |
echo {{ text_box }} > {{ dst_file }}
However, when I look at /tmp/test-svc.json it looks like
$ cat /tmp/test-svc.json
{secret:value}
How can I do this so the json file is correct, that is?
{"secret":"value"}
Since this will be used by my users, I want them to be able to write the json normally, that is without incorporating escape characters in the json itself.
At least two methods to do this:
1) Use Jinja2 filter to force the output to JSON
- name: "Copy {{ text_box }} to {{ dst_file }}"
shell: |
echo {{ text_box | to_json }} > {{ dst_file }}
2) Use the Ansible copy module. I would argue this is better because it gives you more control over the file and automatically does the right thing in this case.
- copy:
dest: "{{ dst_file }}"
content: "{{ text_box }}"
As an aside, if you haven't already, could be worth having a read of the docs for Ansible Vault. Dependent on your environment, passing your secrets over the command line as arguments is not massively secure. Depending on your use case, you might find storing the secrets in Ansible Vault adds an additional layer of protection.
Can I define a var directly in a role ?
With the following I get an error with this role ansible/roles/myrole/tasks/main.yml
vars:
source: /var/www/test.xxx.com/proj/assets
dest: /var/www/test.xxx.com/
- name: eb copy files
shell: rsync -a {{ source }} {{ dest }}
either with this:
source=var/www/test.xxx.com/proj/assets
dest=var/www/test.xxx.com/
I get a
ERROR: Syntax Error while loading YAML script
To define variables inside of a task, you can use the set_fact module.
- set_fact:
source: /var/www/test.xxx.com/proj/assets
dest: /var/www/test.xxx.com/
You can also set facts in a role, by placing variables in the vars directory.
ansible/roles/myrole/vars/main.yml
Is it possible to have few .yml files and then read them as separate items for task?
Example:
- name: write templates
template: src=template.j2 dest=/some/path
with_items: ./configs/*.yml
I have found pretty elegant solution:
---
- hosts: localhost
vars:
my_items: "{{ lookup('fileglob', './configs/*.yml', wantlist=True) }}"
tasks:
- name: write templates
template: src=template.j2 dest=/some/path/{{ (item | from_yaml).name }}
with_file: "{{ my_items }}"
And then in template you have to add {% set item = (item | from_yaml) %} at the beginning.
Well, yes and no. You can loop over files and even use their content as variables. But the template module does not take parameters. There is an ugly workaround by using an include statement. Includes do take parameters and if the template task is inside the included file it will have access to them.
Something like this should work:
- include: other_file.yml parameters={{ lookup('file', item) | from_yaml }}
with_fileglob: ./configs/*.yml
And in other_file.yml then the template task:
- name: write template
template: src=template.j2 dest=/some/path
The ugly part here, beside the additional include, is that the include statement only takes parameters in the format of key=value. that's what you see in above task as parameters=.... parameters here has no special meaning, it just is the name of the variable with which the content of the file will be available inside the include.
So if your vars files have a variable foo defined, you would be able to access it in the template as {{ parameters.foo }}.
I have problem getting variables work in my templates. Variables work in my playbook but in templates, they are rendered 'as is' without getting replaced by their values. Here is a simple test-playbook.yml that I am trying.
---
- name: Test playbook vars
hosts: webservers
vars:
hello_var: Hello World
hello_file_path: /tmp/hello_file.txt
tasks:
- name: Copy hello world file
copy: src=templates/hello_world.txt.j2 dest={{ hello_file_path }}
In my templates/hello_world.txt.j2, I have the following contents
hi {{ hello_var }}
After running the playbook, I have on the host at /tmp/hello_world.txt the same content as in my template
hi {{ hello_var }}
The variable hello_file_path used in the playbook works but the variable hello_var used in my template is not working.
Inside the task you using copy module which simply copies the file without any template processing. In order to use template you need to use template module.
- name: Copy hello world file
template: src=templates/hello_world.txt.j2 dest={{ hello_file_path }}