比较两个列表并使用rejectattr文件将结果写入文件中

问题描述 投票:0回答:1

给出列表

expired

[
    {
        "cert": "help.abc.com.cer",
        "certkey": "help.abc.com-key",
        "daystoexpiration": 0,
        "key": "help.abc.com.key"
    },
    {
        "cert": "prod.abc.ca-2020.cer",
        "certkey": "prod.abc.ca",
        "daystoexpiration": 0,
        "key": "prod.abc.ca-2020.key"
    },
    {
        "cert": "ca-profile-service-prod.abc.com.cer",
        "certkey": "ca-profile-service-prod-cert",
        "daystoexpiration": 0,
        "key": "ca-profile-service-prod.abc.com.key"
    },
    {
        "cert": "eclosing.abc.com.cer",
        "certkey": "eclosing-cert",
        "daystoexpiration": 0,
        "key": "eclosing.abc.com.key"
    },
    {
        "cert": "merlin-ldp-stg.abc.com.cer",
        "certkey": "merlin-ldp-stg.cert",
        "daystoexpiration": 0,
        "key": "merlin-ldp-stg.abc.com.key"
    },
    {
        "cert": "stg-abc.services.cer",
        "certkey": "stg-abc.services.cert",
        "daystoexpiration": 0,
        "key": "stg-abc.services.key"
    },
    {
        "cert": "fintech-ap-stg.cer",
        "certkey": "fintech-ap-stg-cer",
        "daystoexpiration": 0,
        "key": "fintech-ap-stg.key"
    },
    {
        "cert": "docker.prod.abc.com_2021.cer",
        "certkey": "docker.prod.abc.com",
        "daystoexpiration": 0,
        "key": "docker.prod.abc.com_2021.key"
    },
    {
        "cert": "merlin-ldp.cert-2023",
        "certkey": "merlin-ldp.cert-2023",
        "daystoexpiration": 0,
        "key": "merlin-ldp.cert-2023"
    },
    {
        "cert": "abc-net-etc-2023",
        "certkey": "abc-net-etc-2023",
        "daystoexpiration": 0,
        "key": "abc-net-etc-2023"
    },
    {
        "cert": "ppc01.abc.com_2024.cer",
        "certkey": "ppc01.abc-2024",
        "daystoexpiration": 0,
        "key": "ppc01.abc_2024.key"
    }
]

还有清单

certkey_binding


[
    {
        "certkey": "help.abc.com-key",
        "data": "1",
        "servername": "dfw-xyz.help.abc.com-SSL_tcp443-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "prod.abc.ca",
        "data": "1",
        "servername": "cca-canada.dfw.prod.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "ca-profile-service-prod-cert",
        "data": "1",
        "servername": "dfw-ca-profile-service-prod.abc.com_ssl_443_lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "eclosing-cert",
        "data": "1",
        "servername": "eclosing.dfw.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "merlin-ldp-stg.cert",
        "data": "1",
        "servername": "dfw.merlin-ldp-stg.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "stg-abc.services.cert",
        "data": "1",
        "servername": "stg-abc.services.abc.com-DFW-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "fintech-ap-stg-cer",
        "data": "1",
        "servername": "dfw-fintech-ap-stg.abc.com-HTTPS_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "docker.prod.abc.com",
        "data": "1",
        "servername": "dfw-thirdparty.docker.prod.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "docker.prod.abc.com",
        "data": "2",
        "servername": "dfw-us.gcr.docker.abc.com-SSL_tcp443-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "docker.prod.abc.com",
        "data": "3",
        "servername": "dfw-elasticsearch.prod.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "merlin-ldp.cert-2023",
        "data": "1",
        "servername": "merlin-ldp.merlin-ldp-DFW-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "abc-net-etc-2023",
        "data": "1",
        "servername": "abc-net-etc.dfw.prod.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    },
    {
        "certkey": "ppc01.abc-2024",
        "data": "1",
        "servername": "dfw-clho.abc.com-SSL_443tcp-lb",
        "stateflag": "2",
        "version": 2
    }
]

我尝试比较给定的列表,并拒绝列表

certkey
中与列表
expired
中的服务器名称关联的任何
certkey_binding

我的 Ansible 剧本:

- hosts: citrix_adc
  gather_facts: False

  tasks:
    - name: Filter expired certs with no binding
      set_fact:
        filtered_certs: "{{ expired | rejectattr('certkey','equalto',item.certkey) | list }}"
      loop: "{{ certkey_binding }}"
      
    - name: Write filtered certs into file
      copy:
        content: "{{ filtered_certs | to_nice_json }}"
        dest: '/Users/abcdef/Downloads/Ansible_Automation/NS_Cert_Cleanup/Certkeys_To_Delete.json'

理想情况下,我期望

filtered_certs
应该是一个空列表,因为所有
certkey
都有一个与其关联的服务器名称。但是,在结果中,我看到了列表中的所有
certkeys
expired

如何实现这一目标?

ansible ssl-certificate build-automation ansible-2.x netscaler
1个回答
0
投票

您可以通过一项任务来实现这一目标。

  1. 使用
    certkey_binding
    过滤器
    定义列表中的证书密钥列表
    map
  2. rejectattr
    结合使用该列表,但是,通过
    in
    测试,排除列表
    expired
    中也将出现在列表
    certkey_binding
  3. 中的任何证书密钥
  4. 然后在任务本身中使用结果

所以,你的任务最终是:

- copy:
    dest: example.json
    content: >-
      {{
        expired
          | rejectattr(
              'certkey','in', certkey_binding | map(attribute="certkey")
            )
          | to_nice_json
      }}
© www.soinside.com 2019 - 2024. All rights reserved.