使用ansible从环境文件中读取多个值并将其存储为事实 [英] Reading multiple values from an env file with ansible and storing them as facts

问题描述

我有以下代码，该代码从环境(.env)文件中读取值并将其存储为事实:

I have the following code which reads values from an environment (.env) file and stores them as facts:

- name: Read values from environment
  shell: "source {{ env_path }}; echo $DB_PASSWORD"
  register: output
  args:
    executable: /bin/bash
  changed_when: false

- name: Store read password
  set_fact:
    db_password: "{{ output.stdout }}"
  when:
    - db_password is undefined
  changed_when: false

- name: Read values from environment
  shell: "source {{ env_path }}; echo $DB_USER"
  register: output
  args:
    executable: /bin/bash
  changed_when: false

- name: Store read user
  set_fact:
    db_user: "{{ output.stdout }}"
  when:
    - db_user is undefined
  changed_when: false

- name: Read values from environment
  shell: "source {{ env_path }}; echo $DB_NAME"
  register: output
  args:
    executable: /bin/bash
  changed_when: false

- name: Store read db_name
  set_fact:
    db_name: "{{ output.stdout }}"
  when:
    - db_name is undefined
  changed_when: false

- name: Container environment loaded; the following facts are now available for use by ansible
  debug: "var={{ item }}"
  with_items:
    - db_name
    - db_user
    - db_password

它非常笨重且笨拙.我想这样写，但是我不知道怎么做:

It's quite bulky and unwieldy. I would like to write it something like this, but I can't figure out how :

vars:
    values:
       - db_name
       - db_password
       - db_user
tasks:
- name: Read values from environment
  shell: "source {{ env_path }}; echo {{ item|upper }}"
  register: output
  with_items: values
  args:
    executable: /bin/bash
  changed_when: false

- name: Store read value
  set_fact:
    "{{ item.0 }}": "{{ item.1.stdout }}"
  when:
    - item.0 is undefined
  with_together:
    - values
    - output.results
  changed_when: false

相反，我得到以下输出:

Instead, I get this output:

ok: [default] => (item=values) => {"changed": false, "cmd": "source /var/www/mydomain.org/.env; echo VALUES", "delta": "0:00:00.002240", "end": "2017-02-15 15:25:15.338673", "item": "values", "rc": 0, "start": "2017-02-15 15:25:15.336433", "stderr": "", "stdout": "VALUES", "stdout_lines": ["VALUES"], "warnings": []}

TASK [sql-base : Store read password] ******************************************
skipping: [default] => (item=[u'values', u'output.results'])  => {"changed": false, "item": ["values", "output.results"], "skip_reason": "Conditional check failed", "skipped": true}

当然，如果有一个我忽略的ansible模块可以让我从环境文件中加载值，那当然是更加理想的选择.

Even more ideal of course would be if there is an ansible module I have overlooked that allows me to load values from an environment file.

推荐答案

通常，我要么将变量放入清单文件中，要么将其转换为 yml 格式并使用 include_vars 模块(您可以运行 sed 脚本来转换您的将环境文件发送给yml).在使用下面的代码之前，请确保确实需要使用这些环境文件，并且不能轻易使用其他机制，例如:

Generally I would either put my variables into the inventory files themselves, or convert them to yml format and use the include_vars module (you might be able to run a sed script to convert your environment file to yml on the fly). Before using the below code make sure you are really required to use those environment files, and you cannot easily use some other mechanism like:

• 具有 include_vars 模块
的YAML文件
• 将配置放入清单中(不需要模块)
• 将配置放入Ansible Vault文件中(不需要模块，但是您需要将解密密钥存储在某处)
• 使用其他安全存储机制，例如Hashicorp的保管库(带有 https://github之类的插件.com/jhaals/ansible-vault )

回到您的代码，它实际上几乎是正确的，您在读取任务中丢失了1美元，并且在条件中缺少了花括号:

Back to your code, it is actually almost correct, you were missing a dollar from the read task, and some curly braces from the condition:

DB_NAME=abcd
DB_PASSWORD=defg
DB_USER=fghi

注意:确保此文件符合 sh 标准，这意味着您不要在 = 符号周围放置空格.出现类似 DB_NAME = abcd 的内容会失败

Note: make sure that this file adheres to sh standards meaning you don't put spaces around the = sign. Having something like DB_NAME = abcd will fail

- hosts: all
  connection: local
  vars:
      env_path: 'test.env'
      values:
         - db_name
         - db_password
         - db_user
  tasks:
  - name: Read values from environment
    shell: "source {{ env_path }}; echo ${{ item|upper }}"
    register: output
    with_items: "{{ values }}"
    args:
      executable: /bin/bash
    changed_when: false

  - name: Store read value
    set_fact:
      "{{ item.0 }}": "{{ item.1.stdout }}"
    when: '{{ item.0 }} is undefined'
    with_together:
      - "{{ values }}"
      - "{{ output.results }}"
    changed_when: false

  - name: Debug
    debug:
      msg: "NAME: {{db_name}} PASS: {{db_password}} USER: {{db_user}}"

运行 ansible-playbook -i 127.0.0.1，play.yml :

TASK [Debug] *******************************************************************
ok: [127.0.0.1] => {
    "msg": "NAME: abcd PASS: defg USER: fghi"
}

这篇关于使用ansible从环境文件中读取多个值并将其存储为事实的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！