使用ansible从环境文件中读取多个值并将其存储为事实 [英] Reading multiple values from an env file with ansible and storing them as facts
问题描述
我有以下代码,该代码从环境(.env)文件中读取值并将其存储为事实:
I have the following code which reads values from an environment (.env) file and stores them as facts:
- name: Read values from environment
shell: "source {{ env_path }}; echo $DB_PASSWORD"
register: output
args:
executable: /bin/bash
changed_when: false
- name: Store read password
set_fact:
db_password: "{{ output.stdout }}"
when:
- db_password is undefined
changed_when: false
- name: Read values from environment
shell: "source {{ env_path }}; echo $DB_USER"
register: output
args:
executable: /bin/bash
changed_when: false
- name: Store read user
set_fact:
db_user: "{{ output.stdout }}"
when:
- db_user is undefined
changed_when: false
- name: Read values from environment
shell: "source {{ env_path }}; echo $DB_NAME"
register: output
args:
executable: /bin/bash
changed_when: false
- name: Store read db_name
set_fact:
db_name: "{{ output.stdout }}"
when:
- db_name is undefined
changed_when: false
- name: Container environment loaded; the following facts are now available for use by ansible
debug: "var={{ item }}"
with_items:
- db_name
- db_user
- db_password
它非常笨重且笨拙.我想这样写,但是我不知道怎么做:
It's quite bulky and unwieldy. I would like to write it something like this, but I can't figure out how :
vars:
values:
- db_name
- db_password
- db_user
tasks:
- name: Read values from environment
shell: "source {{ env_path }}; echo {{ item|upper }}"
register: output
with_items: values
args:
executable: /bin/bash
changed_when: false
- name: Store read value
set_fact:
"{{ item.0 }}": "{{ item.1.stdout }}"
when:
- item.0 is undefined
with_together:
- values
- output.results
changed_when: false
相反,我得到以下输出:
Instead, I get this output:
ok: [default] => (item=values) => {"changed": false, "cmd": "source /var/www/mydomain.org/.env; echo VALUES", "delta": "0:00:00.002240", "end": "2017-02-15 15:25:15.338673", "item": "values", "rc": 0, "start": "2017-02-15 15:25:15.336433", "stderr": "", "stdout": "VALUES", "stdout_lines": ["VALUES"], "warnings": []}
TASK [sql-base : Store read password] ******************************************
skipping: [default] => (item=[u'values', u'output.results']) => {"changed": false, "item": ["values", "output.results"], "skip_reason": "Conditional check failed", "skipped": true}
当然,如果有一个我忽略的ansible模块可以让我从环境文件中加载值,那当然是更加理想的选择.
Even more ideal of course would be if there is an ansible module I have overlooked that allows me to load values from an environment file.
推荐答案
通常,我要么将变量放入清单文件中,要么将其转换为 yml
格式并使用 include_vars 模块(您可以运行 sed
脚本来转换您的将环境文件发送给yml).在使用下面的代码之前,请确保确实需要使用这些环境文件,并且不能轻易使用其他机制,例如:
Generally I would either put my variables into the inventory files themselves, or convert them to yml
format and use the include_vars module (you might be able to run a sed
script to convert your environment file to yml on the fly). Before using the below code make sure you are really required to use those environment files, and you cannot easily use some other mechanism like:
- 具有 include_vars 模块 的YAML文件
- 将配置放入清单中(不需要模块)
- 将配置放入Ansible Vault文件中(不需要模块,但是您需要将解密密钥存储在某处)
- 使用其他安全存储机制,例如Hashicorp的保管库(带有 https://github之类的插件.com/jhaals/ansible-vault )
回到您的代码,它实际上几乎是正确的,您在读取任务中丢失了1美元,并且在条件中缺少了花括号:
Back to your code, it is actually almost correct, you were missing a dollar from the read task, and some curly braces from the condition:
DB_NAME=abcd
DB_PASSWORD=defg
DB_USER=fghi
注意:确保此文件符合 sh
标准,这意味着您不要在 =
符号周围放置空格.出现类似 DB_NAME = abcd
的内容会失败
Note: make sure that this file adheres to sh
standards meaning you don't put spaces around the =
sign. Having something like DB_NAME = abcd
will fail
- hosts: all
connection: local
vars:
env_path: 'test.env'
values:
- db_name
- db_password
- db_user
tasks:
- name: Read values from environment
shell: "source {{ env_path }}; echo ${{ item|upper }}"
register: output
with_items: "{{ values }}"
args:
executable: /bin/bash
changed_when: false
- name: Store read value
set_fact:
"{{ item.0 }}": "{{ item.1.stdout }}"
when: '{{ item.0 }} is undefined'
with_together:
- "{{ values }}"
- "{{ output.results }}"
changed_when: false
- name: Debug
debug:
msg: "NAME: {{db_name}} PASS: {{db_password}} USER: {{db_user}}"
运行 ansible-playbook -i 127.0.0.1,play.yml
:
TASK [Debug] *******************************************************************
ok: [127.0.0.1] => {
"msg": "NAME: abcd PASS: defg USER: fghi"
}
这篇关于使用ansible从环境文件中读取多个值并将其存储为事实的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!