如何在 ansible 任務中創建條件列表
[英]how to create conditional list in ansible task
問題描述
如果可能的話,我想將下面的兩個任務組合成一個任務。 只有在定義item.0.sans時,有沒有辦法在subject_alt_name (第二個任務)下添加最后兩個列表項,而不是使用when條件? 這兩個任務在其他方面是相同的。
我確實為這些行嘗試了一些額外的過濾器來默認/省略它們,但后來我得到了無法解析列表的錯誤。 我還探索了內聯模板的可能性,但我不知道在這種情況下是否支持。 模板解決方案對我來說似乎很理想......我認為該技術在許多其他場景中可能很有用。
完整的劇本很短,所以如果它對額外的上下文有幫助,我可以發布。
- name: generate endpoint CSR - no custom sans
when: item.0.sans is undefined
community.crypto.openssl_csr:
common_name: "{{item.0.name}}.{{item.1}}"
path: "{{endpoint_artifact_dir}}/{{item.1}}//CSRs/{{item.0.name}}.{{item.1}}.pem"
privatekey_path: "{{endpoint_artifact_dir}}/{{item.1}}/keys/{{item.0.name}}.{{item.1}}.pem"
subject_alt_name:
- "DNS:{{item.0.name}}.{{item.1}}"
- "DNS:{{item.0.name}}"
- "IP:127.0.0.1"
with_nested:
- "{{endpoints}}"
- "{{domains}}"
- name: generate endpoint CSR - with custom sans
when: item.0.sans is defined
community.crypto.openssl_csr:
common_name: "{{item.0.name}}.{{item.1}}"
path: "{{endpoint_artifact_dir}}/{{item.1}}/CSRs/{{item.0.name}}.{{item.1}}.pem"
privatekey_path: "{{endpoint_artifact_dir}}/{{item.1}}/keys/{{item.0.name}}.{{item.1}}.pem"
subject_alt_name:
- "DNS:{{item.0.name}}.{{item.1}}"
- "DNS:{{item.0.name}}"
- "IP:127.0.0.1"
- "{{ item.0.sans | join(',') | replace(',', '.' + item.1 + ', ') + '.' + item.1 }}"
- "{{ item.0.sans | join(',') }}"
with_nested:
- "{{endpoints}}"
- "{{domains}}"
1 個解決方案
解決方案1
0 2022-01-15 16:21:39
使用三元過濾器。 例如,給定數據
endpoints1:
- {name: srv1, sans: [alt1, alt2]}
- {name: srv2, sans: [alt1, alt2]}
endpoints2:
- {name: srv1}
- {name: srv2}
domains:
- exampleA.com
- exampleB.com
下面的任務
- debug:
msg: |-
subject_alt_name:
{{ _san|to_nice_yaml|indent(2) }}
with_nested:
- "{{ endpoints1 }}"
- "{{ domains }}"
vars:
_san1:
- "DNS:{{ item.0.name }}.{{ item.1 }}"
- "DNS:{{ item.0.name }}"
- "IP:127.0.0.1"
_sans: "{{ item.0.sans|default([]) }}"
_san2:
- "{{ _sans|join(',')|replace(',', '.' + item.1 + ', ') + '.' + item.1 }}"
- "{{ _sans|join(', ') }}"
_san: "{{ (_sans|length > 0)|ternary( _san1 + _san2, _san1) }}"
給
msg: |-
subject_alt_name:
- DNS:srv1.exampleA.com
- DNS:srv1
- IP:127.0.0.1
- alt1.exampleA.com, alt2.exampleA.com
- alt1, alt2
msg: |-
subject_alt_name:
- DNS:srv1.exampleB.com
- DNS:srv1
- IP:127.0.0.1
- alt1.exampleB.com, alt2.exampleB.com
- alt1, alt2
msg: |-
subject_alt_name:
- DNS:srv2.exampleA.com
- DNS:srv2
- IP:127.0.0.1
- alt1.exampleA.com, alt2.exampleA.com
- alt1, alt2
msg: |-
subject_alt_name:
- DNS:srv2.exampleB.com
- DNS:srv2
- IP:127.0.0.1
- alt1.exampleB.com, alt2.exampleB.com
- alt1, alt2
與列表端點2相同的任務
with_nested:
- "{{ endpoints2 }}"
- "{{ domains }}"
將省略屬性sans
msg: |-
subject_alt_name:
- DNS:srv1.exampleA.com
- DNS:srv1
- IP:127.0.0.1
msg: |-
subject_alt_name:
- DNS:srv1.exampleB.com
- DNS:srv1
- IP:127.0.0.1
msg: |-
subject_alt_name:
- DNS:srv2.exampleA.com
- DNS:srv2
- IP:127.0.0.1
msg: |-
subject_alt_name:
- DNS:srv2.exampleB.com
- DNS:srv2
- IP:127.0.0.1
筆記
- 或者,使用product和map創建主機,例如
_san2: - "{{ _sans|product([item.1])|map('join', '.')|join(', ') }}" - "{{ _sans|join(', ') }}"- 會是
- debug: msg: |- subject_alt_name: {{ _san|to_nice_yaml|indent(2) }} loop: "{{ endpoints }}" vars: _san1: - "A: {{ item.name }}" - "B: {{ item.name }}" _san2: - "C: {{ item.sans|default('') }}" _san: "{{ (item.sans|default('')|length > 0)| ternary( _san1 + _san2, _san1) }}"給
msg: |- subject_alt_name: - 'A: srv1' - 'B: srv1' - 'C: alt1' msg: |- subject_alt_name: - 'A: srv2' - 'B: srv2'
如何基於網絡(子網)成員資格在Ansible中創建條件副本
[英]How to create conditional copy in Ansible based on network (subnet) membership
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.