[ansible-project] jinja2 templating error : template error while templating string: unexpected char '@'
Dear all, I have defined a var which contains some special characters (actually, a password in a vault). Let's assume the vault contains : myPasswd: foo@bar There is no problem when creating the encrypted file. When I use it somewhere in a playbook, for example : password: "{{ myPasswd }}" I get the error message in the subject : jinja2 templating error : template error while templating string: unexpected char '@' at 5. String: {{foo@bar}}" So, though the var is encrypted in the vault (and can be correctl decrypted when viewing or editing), and is actually decrypted when used, it cannot be "jinja2 evaluated". Note that when removing such a character (! has the same problem, and I often use it in passwords), there is no more problem and the var is correctly set and used. It is clear not a vault problem. Could it be a bug around jinja2 templating, or is there something to use in order to escape such characters ? Thanks for your help ! Best Regards J-L -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ef022781-a5a0-464e-ad74-daaa3ca957f9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: [Solved] jenkins_plugins mdule : error when playing again a playbook
Finally, I have found the problem... something like between keyboard and chair ... I simply forget to set the jenkins_home (default to /var/lib/jenkins) which is actually /var/lib/jenkins within the container, but /home/jenkins/jenkins_home on the ansible controler machine which is the ansible target for the playbook. So, thanks for your help ;) This question is closed. Best Regards. J-L Le lundi 24 juin 2019 11:48:20 UTC+2, JiElPe-Fr38 a écrit : > > Dear all, > > I have a problem with the jenkins_plugins module. > Within a playbook that pull a jenkins docker image > (jenkins/jenkins:lts-alpine) and runs it to install the instance and > configure it, I have a task that install a list of plugins on an instance, > which is : > > - name: Install plugins > jenkins_plugin: > owner: "{{ jenkins_process_user }}" > group: "{{ jenkins_process_group }}" > name: "{{ item }}" > state: latest > timeout: 120 > url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ > jenkins_url_prefix }}" > url_username: "{{ jenkins_admin_name }}" > url_password: "{{ jenkins_admin_password }}" > with_dependencies: yes > loop: "{{ jenkinsPlugins }}" > register: pluginResult > until: not pluginResult.failed > retries: 5 > notify: restart_image > become: True > become_user: "{{ jenkins_process_user }}" > > > It works correctly when the playbook is run for the first time. > All plugins are installed, and possibly retried in case of problem. > > But, when I relaunch exactly the same playbook, Each and every plugin > installation is retried up to the max nbr of retry and fails with (for > example): > failed: [devEnv] (item=blueocean) => {"ansible_loop_var": "item", > "attempts": 5, "changed": false, "item": "blueocean", "msg": "Jenkins > home directory doesn't exist."} > > > For sure, I have verified that the jenkins home directory actually exists > and has the awaited "{{ jenkins_process_user }}" and > "{{ jenkins_process_group }}" owner and group, which is jenkins:jenkins. > > I really cannot explain why I get this error, which clearly makes this > playbook not idempotent ! > > For sure, I can give the whole playbook if you need additional information. > > Thanks for your help. > J-L > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/b9448821-c309-4908-881e-1dcbf2214904%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] jenkins_plugins mdule : error when playing again a playbook
Dear all, I have a problem with the jenkins_plugins module. Within a playbook that pull a jenkins docker image (jenkins/jenkins:lts-alpine) and runs it to install the instance and configure it, I have a task that install a list of plugins on an instance, which is : - name: Install plugins jenkins_plugin: owner: "{{ jenkins_process_user }}" group: "{{ jenkins_process_group }}" name: "{{ item }}" state: latest timeout: 120 url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ jenkins_url_prefix }}" url_username: "{{ jenkins_admin_name }}" url_password: "{{ jenkins_admin_password }}" with_dependencies: yes loop: "{{ jenkinsPlugins }}" register: pluginResult until: not pluginResult.failed retries: 5 notify: restart_image become: True become_user: "{{ jenkins_process_user }}" It works correctly when the playbook is run for the first time. All plugins are installed, and possibly retried in case of problem. But, when I relaunch exactly the same playbook, Each and every plugin installation is retried up to the max nbr of retry and fails with (for example): failed: [devEnv] (item=blueocean) => {"ansible_loop_var": "item", "attempts" : 5, "changed": false, "item": "blueocean", "msg": "Jenkins home directory doesn't exist."} For sure, I have verified that the jenkins home directory actually exists and has the awaited "{{ jenkins_process_user }}" and "{{ jenkins_process_group }}" owner and group, which is jenkins:jenkins. I really cannot explain why I get this error, which clearly makes this playbook not idempotent ! For sure, I can give the whole playbook if you need additional information. Thanks for your help. J-L -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/b2d17aed-fb6e-485c-a022-00da8b00aa71%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Installing Jenkins plugins with their dependencies
Thanks a lot... After removing latest dependencies have been installed. So... let's wait for the fix ! Best Regards J-L Le mercredi 4 avril 2018 10:52:09 UTC+2, Biswadip Dutta a écrit : > > state: latest >> > > Please remove this and try. Apparently this is an open issue on Github. > #24864 > <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fansible%2Fansible%2Fissues%2F24864=D=1=AFQjCNGO8ycAoswwat7sZlQPyoBVfGr-vQ> > > On Tuesday, April 3, 2018 at 5:43:45 PM UTC+5:30, JiElPe-Fr38 wrote: >> >> Dear all, >> >> I have created a jenkins role that creates a jenkins instance and add >> plugins. >> The task related to plugins is as follows : >> >> - name: Install plugins >> jenkins_plugin: >> group: "{{ jenkins_process_group }}" >> owner: "{{ jenkins_process_user }}" >> name: "{{ item }}" >> state: latest >> url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ >> jenkins_url_prefix }}" >> url_username: "{{ jenkins_admin_name }}" >> url_password: "{{ jenkins_admin_password }}" >> with_dependencies: yes >> >> with_items: "{{ jenkins_plugins }}" >> notify: restart jenkins >> become: True >> become_user: "{{ jenkins_process_user }}" >> >> >> All variables being known from files in vars or defaults. >> >> Plugins listed in the {{ jenkins_plugins }} list are those I actually >> want. No dependency is listed here as I was hoping that the >> with_dependencies: yes clause will install them. >> >> *It is absolutely not the case !*The listed plugins are installed (so >> there is no access rights or credentials problem), but the dependencies are >> not. >> When going to the WEB UI, I have a context page that suggests me to >> install dependencies. >> >> >> I can't find a way to get rid off that... If someone could help ? >> >> Best Regards >> J-L >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/34630b12-0742-4296-b01f-939a473f35d9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Installing Jenkins plugins with their dependencies
Dear all, I have created a jenkins role that creates a jenkins instance and add plugins. The task related to plugins is as follows : - name: Install plugins jenkins_plugin: group: "{{ jenkins_process_group }}" owner: "{{ jenkins_process_user }}" name: "{{ item }}" state: latest url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ jenkins_url_prefix }}" url_username: "{{ jenkins_admin_name }}" url_password: "{{ jenkins_admin_password }}" with_dependencies: yes with_items: "{{ jenkins_plugins }}" notify: restart jenkins become: True become_user: "{{ jenkins_process_user }}" All variables being known from files in vars or defaults. Plugins listed in the {{ jenkins_plugins }} list are those I actually want. No dependency is listed here as I was hoping that the with_dependencies: yes clause will install them. *It is absolutely not the case !*The listed plugins are installed (so there is no access rights or credentials problem), but the dependencies are not. When going to the WEB UI, I have a context page that suggests me to install dependencies. I can't find a way to get rid off that... If someone could help ? Best Regards J-L -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7bb0d591-7110-437c-a9c5-7aa95e39a1b2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Cannot get password from a vault file
Dear all, I am really stucked with this problem. I have a vault file which is referenced within ansible.cfg and its password is stored in a file referenced on the command line through --vault-password-file. This seems to be ok. My vault contains (silly example for trials): jenkins: totototo I thought that I had understood that jenkins is considered as a var ( by the way, the file is included through include_vars), and therefore must be used as {{ jenkins }}. And as it is about password used to create a user, the task could be something like : -name: Create Jenkins User user: name: jenkins groups: jenkins state: present password: "{{ jenkins | password_hash('sha512') }}" comment: "Jenkins Instance user" createhome: yes home: /home/jenkins shell: /usr/bin/bash become: yes become_user: root The playbook runs OK. But when going into the machine (a VM created with vagrant) through ssh as vagrant user, I cannot run su jenkins. The password *totototo* is refused. Note that if I replace the password line with : *password: "{{ 'totototo' | password_hash('sha512') }}"* I can run a su jenkins with password totototo. So ... what ? Thanks for your help. J-L -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/99f4554b-ac39-4225-b813-ef0f8510d11a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Ansible-vault password file not found
Thanks for the idea... In fact, I already used the verbose mode, so yes I can confirm that it uses the awaited config file. Which is not a good news, because it would have been a good reason for the problem. J-L Le jeudi 8 mars 2018 11:49:16 UTC+1, JiElPe-Fr38 a écrit : > > Dear all, > > I am "auto learning" ansible and currently try to understand how to use > vault. > To summarize things, I have created a vault.yml file in the vars > directory, and included it in the main.yml task. Then, I put the vault > password within a .vault_passwd file created at the same level than > ansible.cfg. > > When I run : > ansible-playbook with --vault-password-file .vault_passwd > > It is ok. > > So, I tried to put the vault password file path within ansible.cfg as > follows : > vault_password_file = .vault_passwd > > When running the playbook (without --vault-password-file ), it fails with > : > fatal: [ci-server]: FAILED! => { > "ansible_facts": {}, > "ansible_included_var_files": [], > "changed": false, > "message": "Attempting to decrypt but no vault secrets found" > } > > at the line were the vault.yml file is imported. So, it looks like if it > does not find the vault password file to decrypt the vault file. > > I can't understand why, and have already tried with the aboslute path, or > changing _ with -, just in case documentation had a typo... but without any > success. > > If someone could have an idea to help, I would be glad. > > Have a nice day! > > J-L > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7b2fd075-1380-44d9-9b7c-dcdcb70592bf%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Ansible-vault password file not found
Dear all, I am "auto learning" ansible and currently try to understand how to use vault. To summarize things, I have created a vault.yml file in the vars directory, and included it in the main.yml task. Then, I put the vault password within a .vault_passwd file created at the same level than ansible.cfg. When I run : ansible-playbook with --vault-password-file .vault_passwd It is ok. So, I tried to put the vault password file path within ansible.cfg as follows : vault_password_file = .vault_passwd When running the playbook (without --vault-password-file ), it fails with : fatal: [ci-server]: FAILED! => { "ansible_facts": {}, "ansible_included_var_files": [], "changed": false, "message": "Attempting to decrypt but no vault secrets found" } at the line were the vault.yml file is imported. So, it looks like if it does not find the vault password file to decrypt the vault file. I can't understand why, and have already tried with the aboslute path, or changing _ with -, just in case documentation had a typo... but without any success. If someone could have an idea to help, I would be glad. Have a nice day! J-L -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1029fe38-50d2-45ce-806c-b9097b9f2e7f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Need help about Ansible block syntax
Thanks all for your help. I have been really bored with the block... but I finally succeed. The ansible / yaml syntax is not always straightforward to understand (or I lack some skills). I went back to the ansible block documentation <https://docs.ansible.com/ansible/latest/playbooks_blocks.html>, and make a trial replacing my main.yml file with the example on the page, i.e. : cat roles/devTools/tasks/main.yml tasks: - name: Install Apache block: - yum: name={{ item }} state=installed with_items: - httpd - memcached - template: src=templates/src.j2 dest=/etc/foo.conf - service: name=bar state=started enabled=True when: ansible_distribution == 'CentOS' become: true become_user: root And I still get an error saying that the role must contain a list of task : ERROR! The tasks/main.yml file for role 'devTools' must contain a list of tasks The error appears to have been in '/home/jeanlupi/centos_test/myKnowledge/devOps/playbook/roles/devTools/tasks/main.yml' : line 1, column 1, but may be elsewhere in the file depending on the exact syntax problem. The offending line appears to be: tasks: ^ here Ok... I removed "tasks" (don't clearly understand why it must not be there...) and the problem disappeared. After several other syntax errors (probably not totally sticked to block), I succeeded with : cat roles/devTools/tasks/RedHat.yml - name: Update Red Hat machine block: - yum: update_cache=yes name="*" state=latest notify: "restart {{ ansible_os_family }} host" - yum: name="{{item}}" state=present with_items: "{{ toolList }}" notify: "restart {{ ansible_os_family }} host" when: ansible_pkg_mgr == 'yum' become: true become_user: root As mentioned in the answers, notify must not be set at block level, but after each enclosed task. Thanks for your help. Have a nice day. JiElPe Le mercredi 31 janvier 2018 16:29:00 UTC+1, JiElPe-Fr38 a écrit : > > Dear all, > > I am quite new to Ansible and try to "make a tour"... > I am using ansible 2.4.2.0 with cygwin64 on Win7. > > > I am currently make a personal training and find that I could use a block > to "enclose" (ok, perhaps wrong term) a couple of task that have some > common "properties" (like become_user: root ...). > The idea is to change this : > > --- > - name: Update Red Hat machine > yum: > update_cache: yes > name: '*' > state: latest > when: ansible_pkg_mgr == 'yum' > become: true > become_user: root > ignore_errors: yes > notify: "restart {{ ansible_os_family }} host" > > - name: Install RedHat tools > yum: > name: "{{ item }}" > state: present > with_items: "{{ toolList }}" > when: ansible_pkg_mgr == 'yum' > become: true > become_user: root > ignore_errors: yes > notify: "restart {{ ansible_os_family }} host" > > > > into a block based syntax so that I can factorize the become / notify and > when statement. > II have made several trials without any success. > Playing the file below : > --- > -block: > - name: Update Red Hat machine > yum: > update_cache: yes > name: '*' > state: latest > > - name: Install RedHat tools > yum: > name: "{{ item }}" > state: present > with_items: "{{ toolList }}" > > when: ansible_pkg_mgr == 'yum' > become: true > become_user: root > ignore_errors: yes > notify: "restart {{ ansible_os_family }} host" > > I get this error : > fatal: [ci-server]: FAILED! => {"reason": "Syntax Error while loading > YAML.\n\n\nThe error appears to have been in > '/home/jeanlupi/centos_test/myKnowledge/devOps/playbook/roles/devTools/tasks/RedHat.yml': > > line 16, column 3, but may\nbe elsewhere in the file depending on the exact > syntax problem.\n\nThe offending line appears to be:\n\n\n when: > ansible_pkg_mgr == 'yum'\n ^ here\n\nexception type: 'yaml.parser.ParserError'>\nexception: while parsing a block collection\n > in \"\", line 3, column 3:\n - name: Update Red Hat > machine\n ^\nexpected , but found '?'\n in \" string>\", line 16, column 3:\n when: ansible_pkg_mgr == 'yum'\n > ^"} > > > > If someone could help I would be very glad ! > > Thanks ! > JiElPe > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/01e8cbe9-15eb-4c6a-bc6c-ef9831b745d2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Need help about Ansible block syntax
Dear all, I am quite new to Ansible and try to "make a tour"... I am using ansible 2.4.2.0 with cygwin64 on Win7. I am currently make a personal training and find that I could use a block to "enclose" (ok, perhaps wrong term) a couple of task that have some common "properties" (like become_user: root ...). The idea is to change this : --- - name: Update Red Hat machine yum: update_cache: yes name: '*' state: latest when: ansible_pkg_mgr == 'yum' become: true become_user: root ignore_errors: yes notify: "restart {{ ansible_os_family }} host" - name: Install RedHat tools yum: name: "{{ item }}" state: present with_items: "{{ toolList }}" when: ansible_pkg_mgr == 'yum' become: true become_user: root ignore_errors: yes notify: "restart {{ ansible_os_family }} host" into a block based syntax so that I can factorize the become / notify and when statement. II have made several trials without any success. Playing the file below : --- -block: - name: Update Red Hat machine yum: update_cache: yes name: '*' state: latest - name: Install RedHat tools yum: name: "{{ item }}" state: present with_items: "{{ toolList }}" when: ansible_pkg_mgr == 'yum' become: true become_user: root ignore_errors: yes notify: "restart {{ ansible_os_family }} host" I get this error : fatal: [ci-server]: FAILED! => {"reason": "Syntax Error while loading YAML.\n\n\nThe error appears to have been in '/home/jeanlupi/centos_test/myKnowledge/devOps/playbook/roles/devTools/tasks/RedHat.yml': line 16, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n when: ansible_pkg_mgr == 'yum'\n ^ here\n\nexception type: \nexception: while parsing a block collection\n in \"\", line 3, column 3:\n - name: Update Red Hat machine\n ^\nexpected , but found '?'\n in \"\", line 16, column 3:\n when: ansible_pkg_mgr == 'yum'\n ^"} If someone could help I would be very glad ! Thanks ! JiElPe -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0bd0691e-d8a4-4093-9258-b22c20e41ece%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.