我在 Ansible 中有一个 shell 任务,它在
if-elseechoelse我需要一个针对
ifelse- name: Extract certificate or key information
shell: >
if [[ "{{ certlocation }}" != *.key ]]; then
cert_cn=$(openssl x509 -in "{{ certlocation }}" -noout -subject -nameopt sep_multiline)
echo "~$cert_cn"
cert_san=$(openssl x509 -in "{{ certlocation }}" -noout -ext subjectAltName)
echo "~$cert_san"
else
cert_san=$(openssl x509 -in "{{ certlocation }}" -noout -ext subjectAltName)
echo "~$cert_san"
fi
register: cert_info
delegate_to: localhost
- name: Print specific information
debug:
msg: |
cert_cn: "{{ cert_info.stdout_lines[0].split('~')[1] | default('NA') }}"
cert_san: "{{ cert_info.stdout_lines[1].split('~')[1] | default(cert_info.stdout_lines[0].split('~')[1]) }}"
我尝试了上述方法,但在打印一行的
elseTASK [Print specific informations] ***************************************************************************************************************************Monday 29 July 2024 23:51:46 -0500 (0:00:00.022) 0:00:00.517 ***********
fatal: [localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: list object has no element 1\n\nThe error appears to be in '/home/wladmin/teststdoutlines.yml': line 17, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: Print lines using index from stdout_lines\n ^ here\n"}
我预计失败后它会默认为具有有效值的
cert_info.stdout_lines[0].split('~')[1]一旦
debugset_facts如何在 Ansible 中处理此类情况?
这里,首先需要在ansible playbook中定义一个变量,你可以通过三种方式定义变量。
- name: extract key information hosts: all gather_facts: false vars: certlocation: "/path/to/your/keyfile" tasks: - name: Extract certificate or key information shell: > if [[ "{{ certlocation }}" != *.key ]]; then cert_cn=$(openssl x509 -in "{{ certlocation }}" -noout -subject -nameopt sep_multiline) echo "~$cert_cn" cert_san=$(openssl x509 -in "{{ certlocation }}" -noout -ext subjectAltName) echo "~$cert_san" else cert_san=$(openssl x509 -in "{{ certlocation }}" -noout -ext subjectAltName) echo "~$cert_san" fi register: cert_info delegate_to: localhost - name: Print specific information debug: msg: | cert_cn: "{{ cert_info.stdout_lines[0].split('~')[1] | default('NA') }}" cert_san: "{{ cert_info.stdout_lines[1].split('~')[1] | default(cert_info.stdout_lines[0].split('~')[1]) }}"
现在,第二种方法是你可以在额外的变量中定义一个变量
ansible-playbook main.yml --extra-vars “certlocation = /路径/到/您的/密钥文件”
因此,第三种方法就像这样使用 setfact 定义变量
---
- name: extract key information
hosts: all
gather_facts: false
tasks:
- name: Set certlocation
set_fact:
certlocation: "/path/to/your/certificate/or/key/file"
- name: Extract certificate or key information
shell: >
if [[ "{{ certlocation }}" != *.key ]]; then
cert_cn=$(openssl x509 -in "{{ certlocation }}" -noout -subject -nameopt sep_multiline)
echo "~$cert_cn"
cert_san=$(openssl x509 -in "{{ certlocation }}" -noout -ext subjectAltName)
echo "~$cert_san"
else
cert_san=$(openssl x509 -in "{{ certlocation }}" -noout -ext subjectAltName)
echo "~$cert_san"
fi
register: cert_info
delegate_to: localhost
- name: Print specific information
debug:
msg: |
cert_cn: "{{ cert_info.stdout_lines[0].split('~')[1] | default('NA') }}"
cert_san: "{{ cert_info.stdout_lines[1].split('~')[1] | default(cert_info.stdout_lines[0].split('~')[1]) }}"
像这样你可以通过三种方式定义变量