[ansible-project] String templating issue in lookup plugin command

Tue, 23 Jul 2019 02:26:06 -0700 

I've got a Playbook that uses a lookup plugin to retrieve a value but I 
seem to have a string templating issue.

This is my playbook:

---
- name: retrieve password
  hosts: localhost
  gather_facts: no

  vars:
    vmware_user: "SOMEUSER"

    # This Doesn't work:
    vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp', 
Query='address=mydomain.corp;username={{ vmware_user }}', 
Output='Password').password }}"

    # This works:
    # vmware_password: "{{ lookup('cyberarkpassword', AppID='myapp', 
Query='address=mydomain.corp;username=SOMEUSER', 
Output='Password').password }}"


If I try the first one I get:
PLAY [retrieve password] 
********************************************************************************************************************************************************************************************************************

TASK [debug] 
********************************************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"failed": true, "msg": "{{ 
lookup('cyberarkpassword', AppID='myapp', 
Query='address=mydomain.corp;username={{ vmware_user }} ', 
Output='Password').password }}: An unhandled exception occurred while 
running the lookup plugin 'cyberarkpassword'. Error was a <class 
'ansible.errors.AnsibleError'>, original message: APPAP004E Password object 
matching query [address=mydomain.corp;username={{ vmware_user }} ] was not 
found (Diagnostic Info: 5). Please check that there is a password object 
that answers your query in the Vault and that both the Provider and the 
application user have the appropriate permissions needed in order to use 
the password.\n"}

PLAY RECAP 
**********************************************************************************************************************************************************************************************************************************
localhost                  : ok=0    changed=0    unreachable=0    failed=1

>From the error I think it is not replacing the variable with its value. 
I've tried various type of quotes but to no avail.  



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/79366b1b-68f8-43f1-afc6-e72f729e4ea8%40googlegroups.com.

Reply via email to