Ansible 是否公开其自动发现的 Python 解释器?
[英]Does Ansible expose its auto-discovered Python interpreter?
问题描述
tl;dr: Does Ansible have a variable containing the current Python interpreter? 
tl;博士:Ansible 是否有一个包含当前 Python 解释器的变量?
As part of my playbook, I am creating a Python script on the controller (to be run by another command), and I want that script to be run by the Python interpreter being used by Ansible. As part of my playbook, I am creating a Python script on the controller (to be run by another command), and I want that script to be run by the Python interpreter being used by Ansible. To do this I am trying to set the interpreter in the shebang of the script.为此,我试图在脚本的 shebang 中设置解释器。
If I were to set the interpreter manually, I could use the ansible_python_interpreter variable (and I have had it working that way).如果我要手动设置解释器,我可以使用ansible_python_interpreter变量(我已经让它以这种方式工作)。 If I don't set the interpreter manually, then Ansible will auto-discover an interpreter, but I can no longer use the ansible_python_interpreter variable because it is not set.如果我不手动设置解释器,那么 Ansible 将自动发现解释器,但我不能再使用ansible_python_interpreter变量,因为它没有设置。
From looking through the documentation I have been unable to find any way to see which interpreter Ansible has auto-detected.通过查看文档,我无法找到任何方法来查看自动检测到的解释器 Ansible。 Is there something I've missed?有什么我错过的吗?
(Ansible version 2.9.10, Python 3.6) (Ansible 版本 2.9.10,Python 3.6)
The complete situation:完整情况:
I am running Ansible on AWX (open-source Ansible Tower), using a custom virtual environment as the runner.我在 AWX(开源 Ansible Tower)上运行 Ansible,使用自定义虚拟环境作为运行器。 I use Hashicorp Vault as a secret management system, rather than keeping secrets in AWX.我使用 Hashicorp Vault 作为秘密管理系统,而不是在 AWX 中保密。 For access to Vault I use short-lived access tokens, which doesn't work well with AWX's built-in support for pulling secrets from Vault, so instead I do it manually (so that I can supply a Vault token at job launch time).为了访问 Vault,我使用了短期访问令牌,这与 AWX 对从 Vault 中提取秘密的内置支持效果不佳,因此我手动进行(以便我可以在作业启动时提供 Vault 令牌) . That works well for me, generally.一般来说,这对我来说效果很好。
In this particular case, I am running ansible-vault (yes, there are too many things called 'vault') on the controller to decrypt a secret.在这种特殊情况下,我在 controller 上运行ansible-vault (是的,有太多称为“保险库”的东西)来解密一个秘密。 I am using the --vault-password-file argument to supply the decryption password via a script.我正在使用--vault-password-file参数通过脚本提供解密密码。 Since the virtual env that I am using already has the hvac package installed, I wish to just use a brief Python script to pull the password from Hashicorp Vault.由于我使用的虚拟环境已经安装了hvac package,我希望只使用一个简短的 Python 脚本从 Hashicorp Vault 中提取密码。 All works fine, except that I can't figure out how to set the shebang on this script to point at the virtual environment that Ansible is using.一切正常,除了我不知道如何在此脚本上设置 shebang 以指向 Ansible 正在使用的虚拟环境。
If I can't get a useable answer to this, I suppose I can change to instead pull the password directly into Ansible and then use the --ask-vault-pass flag to pass the password that way.如果我无法得到可用的答案,我想我可以改为将密码直接拉入 Ansible ,然后使用--ask-vault-pass标志以这种方式传递密码。 It just seems to me that the interpreter should really be exposed somewhere by Ansible, so I'm trying that first.在我看来,解释器真的应该被 Ansible 暴露在某个地方,所以我先尝试一下。
2 个解决方案
解决方案1
5 已采纳 2020-07-22 04:52:27
As described in Special Variables ansible_playbook_python variable holds the path to python interpreter being used by Ansible on the controller.如特殊变量中所述, ansible_playbook_python变量保存 controller 上的 Ansible 使用的 python 解释器的路径。
解决方案2
0 2020-07-22 00:44:35
With gather_facts: yes you should be able to get the active python using the ansible_facts.python variable.使用gather_facts: yes的,您应该能够使用ansible_facts.python变量获得活动的python。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.