[ansible-project] jinja2 templating error : template error while templating string: unexpected char '@'
Dear all,
I have defined a var which contains some special characters (actually, a
password in a vault).
Let's assume the vault contains :
myPasswd: foo@bar
There is no problem when creating the encrypted file.
When I use it somewhere in a playbook, for example :
password: "{{ myPasswd }}"
I get the error message in the subject :
jinja2 templating error : template error while templating string:
unexpected char '@' at 5. String: {{foo@bar}}"
So, though the var is encrypted in the vault (and can be correctl decrypted
when viewing or editing), and is actually decrypted when used, it cannot be
"jinja2 evaluated".
Note that when removing such a character (! has the same problem, and I
often use it in passwords), there is no more problem and the var is
correctly set and used.
It is clear not a vault problem.
Could it be a bug around jinja2 templating, or is there something to use in
order to escape such characters ?
Thanks for your help !
Best Regards
J-L
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/ef022781-a5a0-464e-ad74-daaa3ca957f9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: [Solved] jenkins_plugins mdule : error when playing again a playbook
Finally, I have found the problem... something like between keyboard and
chair ...
I simply forget to set the jenkins_home (default to /var/lib/jenkins) which
is actually /var/lib/jenkins within the container, but
/home/jenkins/jenkins_home on the ansible controler machine which is the
ansible target for the playbook.
So, thanks for your help ;)
This question is closed.
Best Regards.
J-L
Le lundi 24 juin 2019 11:48:20 UTC+2, JiElPe-Fr38 a écrit :
>
> Dear all,
>
> I have a problem with the jenkins_plugins module.
> Within a playbook that pull a jenkins docker image
> (jenkins/jenkins:lts-alpine) and runs it to install the instance and
> configure it, I have a task that install a list of plugins on an instance,
> which is :
>
> - name: Install plugins
> jenkins_plugin:
> owner: "{{ jenkins_process_user }}"
> group: "{{ jenkins_process_group }}"
> name: "{{ item }}"
> state: latest
> timeout: 120
> url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{
> jenkins_url_prefix }}"
> url_username: "{{ jenkins_admin_name }}"
> url_password: "{{ jenkins_admin_password }}"
> with_dependencies: yes
> loop: "{{ jenkinsPlugins }}"
> register: pluginResult
> until: not pluginResult.failed
> retries: 5
> notify: restart_image
> become: True
> become_user: "{{ jenkins_process_user }}"
>
>
> It works correctly when the playbook is run for the first time.
> All plugins are installed, and possibly retried in case of problem.
>
> But, when I relaunch exactly the same playbook, Each and every plugin
> installation is retried up to the max nbr of retry and fails with (for
> example):
> failed: [devEnv] (item=blueocean) => {"ansible_loop_var": "item",
> "attempts": 5, "changed": false, "item": "blueocean", "msg": "Jenkins
> home directory doesn't exist."}
>
>
> For sure, I have verified that the jenkins home directory actually exists
> and has the awaited "{{ jenkins_process_user }}" and
> "{{ jenkins_process_group }}" owner and group, which is jenkins:jenkins.
>
> I really cannot explain why I get this error, which clearly makes this
> playbook not idempotent !
>
> For sure, I can give the whole playbook if you need additional information.
>
> Thanks for your help.
> J-L
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/b9448821-c309-4908-881e-1dcbf2214904%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] jenkins_plugins mdule : error when playing again a playbook
Dear all,
I have a problem with the jenkins_plugins module.
Within a playbook that pull a jenkins docker image
(jenkins/jenkins:lts-alpine) and runs it to install the instance and
configure it, I have a task that install a list of plugins on an instance,
which is :
- name: Install plugins
jenkins_plugin:
owner: "{{ jenkins_process_user }}"
group: "{{ jenkins_process_group }}"
name: "{{ item }}"
state: latest
timeout: 120
url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{
jenkins_url_prefix }}"
url_username: "{{ jenkins_admin_name }}"
url_password: "{{ jenkins_admin_password }}"
with_dependencies: yes
loop: "{{ jenkinsPlugins }}"
register: pluginResult
until: not pluginResult.failed
retries: 5
notify: restart_image
become: True
become_user: "{{ jenkins_process_user }}"
It works correctly when the playbook is run for the first time.
All plugins are installed, and possibly retried in case of problem.
But, when I relaunch exactly the same playbook, Each and every plugin
installation is retried up to the max nbr of retry and fails with (for
example):
failed: [devEnv] (item=blueocean) => {"ansible_loop_var": "item", "attempts"
: 5, "changed": false, "item": "blueocean", "msg": "Jenkins home directory
doesn't exist."}
For sure, I have verified that the jenkins home directory actually exists
and has the awaited "{{ jenkins_process_user }}" and
"{{ jenkins_process_group }}" owner and group, which is jenkins:jenkins.
I really cannot explain why I get this error, which clearly makes this
playbook not idempotent !
For sure, I can give the whole playbook if you need additional information.
Thanks for your help.
J-L
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/b2d17aed-fb6e-485c-a022-00da8b00aa71%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Installing Jenkins plugins with their dependencies
Thanks a lot... After removing latest dependencies have been installed.
So... let's wait for the fix !
Best Regards
J-L
Le mercredi 4 avril 2018 10:52:09 UTC+2, Biswadip Dutta a écrit :
>
> state: latest
>>
>
> Please remove this and try. Apparently this is an open issue on Github.
> #24864
> <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fansible%2Fansible%2Fissues%2F24864=D=1=AFQjCNGO8ycAoswwat7sZlQPyoBVfGr-vQ>
>
> On Tuesday, April 3, 2018 at 5:43:45 PM UTC+5:30, JiElPe-Fr38 wrote:
>>
>> Dear all,
>>
>> I have created a jenkins role that creates a jenkins instance and add
>> plugins.
>> The task related to plugins is as follows :
>>
>> - name: Install plugins
>> jenkins_plugin:
>> group: "{{ jenkins_process_group }}"
>> owner: "{{ jenkins_process_user }}"
>> name: "{{ item }}"
>> state: latest
>> url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{
>> jenkins_url_prefix }}"
>> url_username: "{{ jenkins_admin_name }}"
>> url_password: "{{ jenkins_admin_password }}"
>> with_dependencies: yes
>>
>> with_items: "{{ jenkins_plugins }}"
>> notify: restart jenkins
>> become: True
>> become_user: "{{ jenkins_process_user }}"
>>
>>
>> All variables being known from files in vars or defaults.
>>
>> Plugins listed in the {{ jenkins_plugins }} list are those I actually
>> want. No dependency is listed here as I was hoping that the
>> with_dependencies: yes clause will install them.
>>
>> *It is absolutely not the case !*The listed plugins are installed (so
>> there is no access rights or credentials problem), but the dependencies are
>> not.
>> When going to the WEB UI, I have a context page that suggests me to
>> install dependencies.
>>
>>
>> I can't find a way to get rid off that... If someone could help ?
>>
>> Best Regards
>> J-L
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/34630b12-0742-4296-b01f-939a473f35d9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Installing Jenkins plugins with their dependencies
Dear all,
I have created a jenkins role that creates a jenkins instance and add
plugins.
The task related to plugins is as follows :
- name: Install plugins
jenkins_plugin:
group: "{{ jenkins_process_group }}"
owner: "{{ jenkins_process_user }}"
name: "{{ item }}"
state: latest
url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{
jenkins_url_prefix }}"
url_username: "{{ jenkins_admin_name }}"
url_password: "{{ jenkins_admin_password }}"
with_dependencies: yes
with_items: "{{ jenkins_plugins }}"
notify: restart jenkins
become: True
become_user: "{{ jenkins_process_user }}"
All variables being known from files in vars or defaults.
Plugins listed in the {{ jenkins_plugins }} list are those I actually want.
No dependency is listed here as I was hoping that the
with_dependencies: yes clause will install them.
*It is absolutely not the case !*The listed plugins are installed (so there
is no access rights or credentials problem), but the dependencies are not.
When going to the WEB UI, I have a context page that suggests me to install
dependencies.
I can't find a way to get rid off that... If someone could help ?
Best Regards
J-L
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7bb0d591-7110-437c-a9c5-7aa95e39a1b2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Cannot get password from a vault file
Dear all,
I am really stucked with this problem.
I have a vault file which is referenced within ansible.cfg and its password
is stored in a file referenced on the command line through
--vault-password-file.
This seems to be ok.
My vault contains (silly example for trials):
jenkins: totototo
I thought that I had understood that jenkins is considered as a var ( by
the way, the file is included through include_vars), and therefore must be
used as {{ jenkins }}.
And as it is about password used to create a user, the task could be
something like :
-name: Create Jenkins User
user:
name: jenkins
groups: jenkins
state: present
password: "{{ jenkins | password_hash('sha512') }}"
comment: "Jenkins Instance user"
createhome: yes
home: /home/jenkins
shell: /usr/bin/bash
become: yes
become_user: root
The playbook runs OK.
But when going into the machine (a VM created with vagrant) through ssh as
vagrant user, I cannot run su jenkins. The password *totototo* is refused.
Note that if I replace the password line with :
*password: "{{ 'totototo' | password_hash('sha512') }}"*
I can run a su jenkins with password totototo.
So ... what ?
Thanks for your help.
J-L
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/99f4554b-ac39-4225-b813-ef0f8510d11a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Ansible-vault password file not found
Thanks for the idea...
In fact, I already used the verbose mode, so yes I can confirm that it uses
the awaited config file.
Which is not a good news, because it would have been a good reason for the
problem.
J-L
Le jeudi 8 mars 2018 11:49:16 UTC+1, JiElPe-Fr38 a écrit :
>
> Dear all,
>
> I am "auto learning" ansible and currently try to understand how to use
> vault.
> To summarize things, I have created a vault.yml file in the vars
> directory, and included it in the main.yml task. Then, I put the vault
> password within a .vault_passwd file created at the same level than
> ansible.cfg.
>
> When I run :
> ansible-playbook with --vault-password-file .vault_passwd
>
> It is ok.
>
> So, I tried to put the vault password file path within ansible.cfg as
> follows :
> vault_password_file = .vault_passwd
>
> When running the playbook (without --vault-password-file ), it fails with
> :
> fatal: [ci-server]: FAILED! => {
> "ansible_facts": {},
> "ansible_included_var_files": [],
> "changed": false,
> "message": "Attempting to decrypt but no vault secrets found"
> }
>
> at the line were the vault.yml file is imported. So, it looks like if it
> does not find the vault password file to decrypt the vault file.
>
> I can't understand why, and have already tried with the aboslute path, or
> changing _ with -, just in case documentation had a typo... but without any
> success.
>
> If someone could have an idea to help, I would be glad.
>
> Have a nice day!
>
> J-L
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7b2fd075-1380-44d9-9b7c-dcdcb70592bf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Ansible-vault password file not found
Dear all,
I am "auto learning" ansible and currently try to understand how to use
vault.
To summarize things, I have created a vault.yml file in the vars directory,
and included it in the main.yml task. Then, I put the vault password within
a .vault_passwd file created at the same level than ansible.cfg.
When I run :
ansible-playbook with --vault-password-file .vault_passwd
It is ok.
So, I tried to put the vault password file path within ansible.cfg as
follows :
vault_password_file = .vault_passwd
When running the playbook (without --vault-password-file ), it fails with :
fatal: [ci-server]: FAILED! => {
"ansible_facts": {},
"ansible_included_var_files": [],
"changed": false,
"message": "Attempting to decrypt but no vault secrets found"
}
at the line were the vault.yml file is imported. So, it looks like if it
does not find the vault password file to decrypt the vault file.
I can't understand why, and have already tried with the aboslute path, or
changing _ with -, just in case documentation had a typo... but without any
success.
If someone could have an idea to help, I would be glad.
Have a nice day!
J-L
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/1029fe38-50d2-45ce-806c-b9097b9f2e7f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Need help about Ansible block syntax
Thanks all for your help.
I have been really bored with the block... but I finally succeed. The
ansible / yaml syntax is not always straightforward to understand (or I
lack some skills).
I went back to the ansible block documentation
<https://docs.ansible.com/ansible/latest/playbooks_blocks.html>, and make a
trial replacing my main.yml file with the example on the page, i.e. :
cat roles/devTools/tasks/main.yml
tasks:
- name: Install Apache
block:
- yum: name={{ item }} state=installed
with_items:
- httpd
- memcached
- template: src=templates/src.j2 dest=/etc/foo.conf
- service: name=bar state=started enabled=True
when: ansible_distribution == 'CentOS'
become: true
become_user: root
And I still get an error saying that the role must contain a list of task :
ERROR! The tasks/main.yml file for role 'devTools' must contain a list of
tasks
The error appears to have been in
'/home/jeanlupi/centos_test/myKnowledge/devOps/playbook/roles/devTools/tasks/main.yml'
: line 1, column 1, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
tasks:
^ here
Ok... I removed "tasks" (don't clearly understand why it must not be
there...) and the problem disappeared.
After several other syntax errors (probably not totally sticked to block),
I succeeded with :
cat roles/devTools/tasks/RedHat.yml
- name: Update Red Hat machine
block:
- yum: update_cache=yes name="*" state=latest
notify: "restart {{ ansible_os_family }} host"
- yum: name="{{item}}" state=present
with_items: "{{ toolList }}"
notify: "restart {{ ansible_os_family }} host"
when: ansible_pkg_mgr == 'yum'
become: true
become_user: root
As mentioned in the answers, notify must not be set at block level, but
after each enclosed task.
Thanks for your help.
Have a nice day.
JiElPe
Le mercredi 31 janvier 2018 16:29:00 UTC+1, JiElPe-Fr38 a écrit :
>
> Dear all,
>
> I am quite new to Ansible and try to "make a tour"...
> I am using ansible 2.4.2.0 with cygwin64 on Win7.
>
>
> I am currently make a personal training and find that I could use a block
> to "enclose" (ok, perhaps wrong term) a couple of task that have some
> common "properties" (like become_user: root ...).
> The idea is to change this :
>
> ---
> - name: Update Red Hat machine
> yum:
> update_cache: yes
> name: '*'
> state: latest
> when: ansible_pkg_mgr == 'yum'
> become: true
> become_user: root
> ignore_errors: yes
> notify: "restart {{ ansible_os_family }} host"
>
> - name: Install RedHat tools
> yum:
> name: "{{ item }}"
> state: present
> with_items: "{{ toolList }}"
> when: ansible_pkg_mgr == 'yum'
> become: true
> become_user: root
> ignore_errors: yes
> notify: "restart {{ ansible_os_family }} host"
>
>
>
> into a block based syntax so that I can factorize the become / notify and
> when statement.
> II have made several trials without any success.
> Playing the file below :
> ---
> -block:
> - name: Update Red Hat machine
> yum:
> update_cache: yes
> name: '*'
> state: latest
>
> - name: Install RedHat tools
> yum:
> name: "{{ item }}"
> state: present
> with_items: "{{ toolList }}"
>
> when: ansible_pkg_mgr == 'yum'
> become: true
> become_user: root
> ignore_errors: yes
> notify: "restart {{ ansible_os_family }} host"
>
> I get this error :
> fatal: [ci-server]: FAILED! => {"reason": "Syntax Error while loading
> YAML.\n\n\nThe error appears to have been in
> '/home/jeanlupi/centos_test/myKnowledge/devOps/playbook/roles/devTools/tasks/RedHat.yml':
>
> line 16, column 3, but may\nbe elsewhere in the file depending on the exact
> syntax problem.\n\nThe offending line appears to be:\n\n\n when:
> ansible_pkg_mgr == 'yum'\n ^ here\n\nexception type: 'yaml.parser.ParserError'>\nexception: while parsing a block collection\n
> in \"\", line 3, column 3:\n - name: Update Red Hat
> machine\n ^\nexpected , but found '?'\n in \" string>\", line 16, column 3:\n when: ansible_pkg_mgr == 'yum'\n
> ^"}
>
>
>
> If someone could help I would be very glad !
>
> Thanks !
> JiElPe
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/01e8cbe9-15eb-4c6a-bc6c-ef9831b745d2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Need help about Ansible block syntax
Dear all,
I am quite new to Ansible and try to "make a tour"...
I am using ansible 2.4.2.0 with cygwin64 on Win7.
I am currently make a personal training and find that I could use a block
to "enclose" (ok, perhaps wrong term) a couple of task that have some
common "properties" (like become_user: root ...).
The idea is to change this :
---
- name: Update Red Hat machine
yum:
update_cache: yes
name: '*'
state: latest
when: ansible_pkg_mgr == 'yum'
become: true
become_user: root
ignore_errors: yes
notify: "restart {{ ansible_os_family }} host"
- name: Install RedHat tools
yum:
name: "{{ item }}"
state: present
with_items: "{{ toolList }}"
when: ansible_pkg_mgr == 'yum'
become: true
become_user: root
ignore_errors: yes
notify: "restart {{ ansible_os_family }} host"
into a block based syntax so that I can factorize the become / notify and
when statement.
II have made several trials without any success.
Playing the file below :
---
-block:
- name: Update Red Hat machine
yum:
update_cache: yes
name: '*'
state: latest
- name: Install RedHat tools
yum:
name: "{{ item }}"
state: present
with_items: "{{ toolList }}"
when: ansible_pkg_mgr == 'yum'
become: true
become_user: root
ignore_errors: yes
notify: "restart {{ ansible_os_family }} host"
I get this error :
fatal: [ci-server]: FAILED! => {"reason": "Syntax Error while loading
YAML.\n\n\nThe error appears to have been in
'/home/jeanlupi/centos_test/myKnowledge/devOps/playbook/roles/devTools/tasks/RedHat.yml':
line 16, column 3, but may\nbe elsewhere in the file depending on the exact
syntax problem.\n\nThe offending line appears to be:\n\n\n when:
ansible_pkg_mgr == 'yum'\n ^ here\n\nexception type: \nexception: while parsing a block collection\n
in \"\", line 3, column 3:\n - name: Update Red Hat
machine\n ^\nexpected , but found '?'\n in \"\", line 16, column 3:\n when: ansible_pkg_mgr == 'yum'\n
^"}
If someone could help I would be very glad !
Thanks !
JiElPe
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/0bd0691e-d8a4-4093-9258-b22c20e41ece%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
