Question

我有list，实际上是dict的键列表。我希望在dict个密钥上过滤list的串联字符串，并在模块选项中使用它。

我的用例是具有公钥名称列表的用户，以生成authorized_keys文件。

 1 ---
 2 - hosts: localhost
 3   become: false
 4   vars:
 5     pub_keys:
 6       key01: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ[…]5/ someuser@somehost
 7       key02: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ[…]ea otheruser@somewher
 8       key03: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ[…]dN anyser@anyhost
 9     users:
10       root:
11         home: /root
12         shell: /bin/bash
13         authorized_keys:
14           - key01
15       mgmtusr:
16         home: /home/mgmtusr
17         shell: /bin/bash
18         authorized_keys:
19           - key01
20           - key02
21           - key03
22
23   tasks:
24     - name: Debug Authorized Keys
25       debug:
26         msg: "USER:{{ item.key }} AUTHKEYSLIST:{{ pub_keys|selectattr(item.authorized_keys) }}"
27       with_dict: "{{ users }}"
28
29     - name: Manage users Authorized Keys
30       authorized_key:
31         user: "{{ item.key }}"
32         key: "{{ pub_keys|selectattr(item.authorized_keys) }}"
33         exclusive: yes
34       with_dict: "{{ users }}"
35

正如您在此处所见，我尝试使用dict|selectattr(list)，但它失败了。

在调试模块中获取<generator object select_or_reject at 0x…>，当然在authorized_key模块中获得invalid key specified。

TASK [Debug Authorized Keys] **************************************************************************************************************************************************************************************************************************************************
ok: [localhost] => (item={'key': u'mgmtusr', 'value': {u'home': u'/home/mgmtusr', u'shell': u'/bin/bash', u'authorized_keys': [u'key01', u'key02', u'key03']}}) => {
    "item": {
        "key": "mgmtusr",
        "value": {
            "authorized_keys": [
                "key01",
                "key02",
                "key03"
            ],
            "home": "/home/mgmtusr",
            "shell": "/bin/bash"
        }
    },
    "msg": "USER:mgmtusr AUTHKEYSLIST:"
}
ok: [localhost] => (item={'key': u'root', 'value': {u'home': u'/root', u'shell': u'/bin/bash', u'authorized_keys': [u'key01']}}) => {
    "item": {
        "key": "root",
        "value": {
            "authorized_keys": [
                "key01"
            ],
            "home": "/root",
            "shell": "/bin/bash"
        }
    },
    "msg": "USER:root AUTHKEYSLIST:"
}

TASK [Manage users Authorized Keys] *******************************************************************************************************************************************************************************************************************************************
failed: [localhost] (item={'key': u'mgmtusr', 'value': {u'home': u'/home/mgmtusr', u'shell': u'/bin/bash', u'authorized_keys': [u'key01', u'key02', u'key03']}}) => {"changed": false, "failed": true, "item": {"key": "mgmtusr", "value": {"authorized_keys": ["key01", "key02", "key03"], "home": "/home/mgmtusr", "shell": "/bin/bash"}}, "msg": "Failed to lookup user mgmtusr: 'getpwnam(): name not found: mgmtusr'"}
failed: [localhost] (item={'key': u'root', 'value': {u'home': u'/root', u'shell': u'/bin/bash', u'authorized_keys': [u'key01']}}) => {"changed": false, "failed": true, "item": {"key": "root", "value": {"authorized_keys": ["key01"], "home": "/root", "shell": "/bin/bash"}}, "msg": "invalid key specified: "}

与其他尝试一样（with_subelements，lookup('template'，...）selectattr似乎不是解决方案。任何命题？

Answer 1

你走了：

- name: Manage users Authorized Keys
  authorized_key:
    user: "{{ item.key }}"
    key: "{{ item.value.authorized_keys | map('extract',pub_keys) | list | join('\n') }}"
    exclusive: yes
  with_dict: "{{ users }}"

请参阅extract过滤器使用情况。

此外，当您使用map时，您几乎应该将其强制转换为list以防止generator object值。

Ansible - 使用键列表过滤dict

1 个答案: