Ansible playbook - 环境变量 [英] Ansible playbook - environment variables
问题描述
我正在尝试(新手)设置一个剧本,它将使用查找插件从保险库中获取秘密(https://github.com/jhaals/ansible-vault),但每次都会因为缺少环境变量而失败.任何人都可以帮忙吗?感谢您的帮助.
I am trying (newbie) to setup a playbook, which will use lookup plugin to fetch secrets from vault (https://github.com/jhaals/ansible-vault), but it will fail on missing environment variables every time. Can anyone help? Thanks for the help.
PS:令牌用于测试目的
PS: token is for a test purposes
查找模块中有条件:
url = os.getenv('VAULT_ADDR')
if not url:
raise AnsibleError('VAULT_ADDR environment variable is missing')
剧本:
---
- hosts: localhost
vars:
vault1_env:
VAULT_ADDR: https://localhost:8200/
VAULT_TOKEN: my-token-id
VAULT_SKIP_VERIFY: True
tasks:
- shell: echo VAULT_ADDR is $VAULT_ADDR, VAULT_TOKEN is $VAULT_TOKEN, VAULT_SKIP_VERIFY is $VAULT_SKIP_VERIFY
environment: "{{ vault1_env }}"
register: shellout
- debug: var=shellout
- debug: msg="{{ lookup('vault', 'secret/hello', 'value') }}"
输出:
PLAY ***************************************************************************
TASK [setup] *******************************************************************
ok: [localhost]
TASK [command] *****************************************************************
changed: [localhost]
TASK [debug] *******************************************************************
ok: [localhost] => {
"shellout": {
"changed": true,
"cmd": "echo VAULT_ADDR is $VAULT_ADDR, VAULT_TOKEN is $VAULT_TOKEN, VAULT_SKIP_VERIFY is $VAULT_SKIP_VERIFY",
"delta": "0:00:00.001268",
"end": "2016-05-17 15:46:34.144735",
"rc": 0,
"start": "2016-05-17 15:46:34.143467",
"stderr": "",
"stdout": "VAULT_ADDR is https://localhost:8200/, VAULT_TOKEN is ab9b16c6-52d9-2051-0802-6f047d929b63, VAULT_SKIP_VERIFY is True",
"stdout_lines": [
"VAULT_ADDR is https://localhost:8200/, VAULT_TOKEN is ab9b16c6-52d9-2051-0802-6f047d929b63, VAULT_SKIP_VERIFY is True"
],
"warnings": []
}
}
TASK [debug] *******************************************************************
fatal: [localhost]: FAILED! => {"failed": true, "msg": "ERROR! VAULT_ADDR environment variable is missing"}
PLAY RECAP *********************************************************************
localhost : ok=3 changed=1 unreachable=0 failed=1
推荐答案
这里你只是为 shell
模块设置环境变量,而不是为其他模块设置环境变量.如果要跨多个模块或整个主机使用变量,则应该 使用 environment
属性 在所有模块上,或在主机本身上,如下所示:
Here you are only setting environmental variables for the shell
module, and not for the others. If you want to use variables across multiple modules, or for an entire a host, you should use the environment
attribute on all of the modules, or on the host itself, something like this:
---
- hosts: localhost
environment:
VAULT_ADDR: https://localhost:8200/
VAULT_TOKEN: my-token-id
VAULT_SKIP_VERIFY: True
这篇关于Ansible playbook - 环境变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!