Ansible playbook - 环境变量 [英] Ansible playbook - environment variables

查看:34
本文介绍了Ansible playbook - 环境变量的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试(新手)设置一个剧本,它将使用查找插件从保险库中获取秘密(https://github.com/jhaals/ansible-vault),但每次都会因为缺少环境变量而失败.任何人都可以帮忙吗?感谢您的帮助.

I am trying (newbie) to setup a playbook, which will use lookup plugin to fetch secrets from vault (https://github.com/jhaals/ansible-vault), but it will fail on missing environment variables every time. Can anyone help? Thanks for the help.

PS:令牌用于测试目的

PS: token is for a test purposes

查找模块中有条件:

url = os.getenv('VAULT_ADDR')
        if not url:
            raise AnsibleError('VAULT_ADDR environment variable is missing')

剧本:

---
- hosts: localhost
  vars:
    vault1_env:
      VAULT_ADDR: https://localhost:8200/
      VAULT_TOKEN: my-token-id
      VAULT_SKIP_VERIFY: True

  tasks:
     - shell: echo VAULT_ADDR is $VAULT_ADDR, VAULT_TOKEN is $VAULT_TOKEN, VAULT_SKIP_VERIFY is $VAULT_SKIP_VERIFY
       environment: "{{ vault1_env }}"
       register: shellout
     - debug: var=shellout
     - debug: msg="{{ lookup('vault', 'secret/hello', 'value') }}"

输出:

PLAY ***************************************************************************

TASK [setup] *******************************************************************
ok: [localhost]

TASK [command] *****************************************************************
changed: [localhost]

TASK [debug] *******************************************************************
ok: [localhost] => {
    "shellout": {
        "changed": true, 
        "cmd": "echo VAULT_ADDR is $VAULT_ADDR, VAULT_TOKEN is $VAULT_TOKEN, VAULT_SKIP_VERIFY is $VAULT_SKIP_VERIFY", 
        "delta": "0:00:00.001268", 
        "end": "2016-05-17 15:46:34.144735", 
        "rc": 0, 
        "start": "2016-05-17 15:46:34.143467", 
        "stderr": "", 
        "stdout": "VAULT_ADDR is https://localhost:8200/, VAULT_TOKEN is ab9b16c6-52d9-2051-0802-6f047d929b63, VAULT_SKIP_VERIFY is True", 
        "stdout_lines": [
            "VAULT_ADDR is https://localhost:8200/, VAULT_TOKEN is ab9b16c6-52d9-2051-0802-6f047d929b63, VAULT_SKIP_VERIFY is True"
        ], 
        "warnings": []
    }
}

TASK [debug] *******************************************************************
fatal: [localhost]: FAILED! => {"failed": true, "msg": "ERROR! VAULT_ADDR environment variable is missing"}

PLAY RECAP *********************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=1

推荐答案

这里你只是为 shell 模块设置环境变量,而不是为其他模块设置环境变量.如果要跨多个模块或整个主机使用变量,则应该 使用 environment 属性 在所有模块上,或在主机本身上,如下所示:

Here you are only setting environmental variables for the shell module, and not for the others. If you want to use variables across multiple modules, or for an entire a host, you should use the environment attribute on all of the modules, or on the host itself, something like this:

---
- hosts: localhost
  environment:
    VAULT_ADDR: https://localhost:8200/
    VAULT_TOKEN: my-token-id
    VAULT_SKIP_VERIFY: True

这篇关于Ansible playbook - 环境变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆