我有一个JSON文件,其中包含要创建用户的用户详细信息。如果JSON中的所有内容均为纯文本,则一切正常。但是我想将密码保留在Ansible保管库中,然后从那里将其读取到我的JSON中。但是,当我加载文件时,该变量未替换为密码。我可以打印将密码以纯文本格式打印的password变量。
我需要将用户详细信息作为JSON对象提供给使用该信息创建用户的API之一。我的密码在ansible保险库中。我有一个带有此密码的无用哈希值的变量。我的JSON文件如下所示。
{"Users":
[
{
"databaseName" : "admin",
"roles" : [ {
"databaseName" : "admin",
"roleName" : "readAnyDatabase"
} ],
"username" : "AnsibleReadUser",
"password" : "{{ apikey }}"
},
{
"databaseName" : "admin",
"roles" : [ {
"databaseName" : "admin",
"roleName" : "readWriteAnyDatabase"
} ],
"username" : "AnsibleReadWriteUser",
"password" : "{{ apikey }}"
}
]
}
这是我的任务,需要加载JSON文件。
- name: Load Input files
set_fact:
userinfo_json: "{{ lookup('file', 'UserDetails.json') | from_json }}"
当我打印'userinfo_json'的内容时,该变量不会被替换。
"msg": "UserDetails JSON: {'Users': [{'databaseName': 'admin', 'roles': [{'databaseName': 'admin', 'roleName': 'readAnyDatabase'}], 'username': 'AnsibleReadUser', 'password': '{{ apikey }}'}, {'databaseName': 'admin', 'roles': [{'databaseName': 'admin', 'roleName': 'readWriteAnyDatabase'}], 'username': 'AnsibleReadWriteUser', 'password': '{{ apikey }}'}]}"
}
我希望将{{apikey}}'替换为变量值。
{"Users":
[
{
"databaseName" : "admin",
"roles" : [ {
"databaseName" : "admin",
"roleName" : "readAnyDatabase"
} ],
"username" : "AnsibleReadUser",
"password" : "Password"
},
{
"databaseName" : "admin",
"roles" : [ {
"databaseName" : "admin",
"roleName" : "readWriteAnyDatabase"
} ],
"username" : "AnsibleReadWriteUser",
"password" : "Password"
}
]
}
答案 0 :(得分:0)
我希望将{{apikey}}'替换为变量值。
然后,您将需要使用template查找,而不是file; file仅读取文字文本
在将字符串替换为JSON文件(特别是密码字符串)到JSON文件时,您还需要格外小心,因为jinja2不知道您的文档是JSON。因此,密码abc"def将作为"password": "abc"def"呈现到您的文档中,这是无效的。有很多技术可以解决该问题,也许它们不适用于您,因为它是一个“ apikey”(根据您的变量名),但请注意。
答案 1 :(得分:0)
lookup('file', ...和过滤器(from_yaml对我都不起作用,from_jason失败)都不能扩展变量
vars:
apikey: my-secret-apikey
tasks:
- set_fact:
userinfo_json: "{{ lookup('file', 'UserDetails.json') | from_yaml }}"
- debug:
msg: "{{ userinfo_json.Users|json_query('[*].password') }}"
上面的任务给
"msg": [
"{{ apikey }}",
"{{ apikey }}"
]
改为使用include_vars
vars:
apikey: my-secret-apikey # replace with vault encrypted variable
tasks:
- name: Load Input files
include_vars:
file: UserDetails.json
name: userinfo_json
- debug:
var: userinfo_json
这给
"userinfo_json": {
"Users": [
{
"databaseName": "admin",
"password": "my-secret-apikey",
"roles": [
{
"databaseName": "admin",
"roleName": "readAnyDatabase"
}
],
"username": "AnsibleReadUser"
},
{
"databaseName": "admin",
"password": "my-secret-apikey",
"roles": [
{
"databaseName": "admin",
"roleName": "readWriteAnyDatabase"
}
],
"username": "AnsibleReadWriteUser"
}
]
}
注意。 name: userinfo_json是不必要的。如果省略此参数,则用户列表将存储在变量Users中。
vars:
apikey: my-secret-apikey
vars_files:
- UserDetails.json
tasks:
- debug:
var: Users
Q:“ I was trying to load two files as below. But only anotherfileinfo_json has the json content and userinfo_json is empty.”
- include_vars:
file: UserDetails.json
name: userinfo_json
file: AnotherFile.json
name: anotherfileinfo_json
A:查看下面的Examples任务应该可以工作
- include_vars: "{{ lookup('file', my_files) }}"
vars:
my_files:
- UserDetails.json
- AnotherFile.json