我正在尝试使用with_item中的变量来创建一个名称更改的事实:
- name: get ABC Root CA pem from chamber
shell: AWS_PROFILE={{aws_profile}} chamber read -q secrets abc_ca_{{ item }} | awk 'NR==2 { FS="[ \t+]"; print($2); }' | base64 -d | gunzip
changed_when: false
delegate_to: localhost
vars:
ansible_become: no
with_items: "{{ abc_environments }}" # see defaults/main.yml
when: ('chamber' in chamber_installed.stdout)
register: abc_returned_environment
tags:
- service-discovery
- name: set ABC root ca pem secrets
set_fact:
aws_secrets: "{{ aws_secrets|default({}) | combine( {item.item: item.stdout} ) }}"
with_items: "{{abc_returned_environment.results}}"
when: ('chamber' in chamber_installed.stdout)
tags:
- service-discovery
- name: Write aws_secrets ABC root CA file
vars:
env: "{{ item }}"
copy:
content: "{{ aws_secrets.(lookup('vars', env )) }}\n"
dest: /etc/prometheus/abc_{{ item }}_file_sd/ca_{{ item }}.pem
owner: prometheus
group: prometheus
mode: 0600
with_items: "{{ abc_environments }}"
when: ('chamber' in chamber_installed.stdout)
tags:
- service-discovery
如何使content行的行为类似?
content: "{{ aws_secrets.abc_ca_dev }}\n"
abc_environments设置为:
abc_environments:
- dev
- qa
- int
- staging-green
- staging-blue
- prod-green
- prod-blue
答案 0 :(得分:0)
所以实际上很简单:
- name: Write aws_secrets ABC root CA file
copy:
content: "{{ aws_secrets[ item ] }}\n"
dest: /etc/prometheus/abc_{{ item }}_file_sd/ca_{{ item }}.pem
owner: prometheus
group: prometheus
mode: 0600
with_items: "{{ abc_environments }}"
when: ('chamber' in chamber_installed.stdout)
tags:
- service-discovery
还可以处理变量名称中的破折号。