Ansible - 寄存器變量項目屬性在循環

Question

我想註冊一個shell命令的輸出到項目列表中的項目屬性。

這發生在循環過程中，但似乎沒有註冊屬性。任務運行後，該屬性仍顯示值none。我想知道如果我做錯了什麼？或者有什麼辦法可以做到這一點？

變量：

users: 
    - username: someguy 
    description: "Some Guy" 
    groups: ['sudo', 'guy'] 
    new_id: 6001 
    old_uid: 
    old_gid: 
    user_exists: 
    password: waffles 
    - username: somedude 
    description: "Some Dude" 
    groups: ['dude'] 
    new_id: 6002 
    old_uid: 
    old_gid: 
    user_exists: 
    password: toast 

任務

--- 

- name: Check if user exists 
    shell: /usr/bin/getent passwd {{ item.username }} | /usr/bin/wc -l | tr -d ' ' 
    with_items: "{{ users }}" 
    register: item.user_exists 

- name: Check user current UID 
    shell: /usr/bin/id -u {{ item.username }} 
    with_items: "{{ users }}" 
    register: item.old_uid 
    when: item.user_exists == 1 

- name: Check user current GID 
    shell: /usr/bin/id -g {{ item.username }} 
    with_items: "{{ users }}" 
    register: item.old_gid 
    when: item.user_exists == 1 

輸出

TASK: [users | Check if user exists] ****************************************** 
changed: [bserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
changed: [aserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
changed: [aserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
changed: [bserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 

TASK: [users | Check user current UID] **************************************** 
skipping: [aserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
skipping: [aserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
skipping: [bserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
skipping: [bserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 

TASK: [users | Check user current GID] **************************************** 
skipping: [aserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
skipping: [aserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
skipping: [bserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 
skipping: [bserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None}) 

Answer 1

不幸的是，是不是它是如何工作的。

您的行register: "{{item.user_exists}}"可能會導致在名爲false的變量中註冊的結果。

您不能將任務的結果注入到任何對象中。 register功能將只接受一個字符串。

此外register有一個完整的different behavior in a loop。而不是單獨註冊每個迭代，它將註冊一個單個對象，該對象將所有項目的結果保存在密鑰results中。

您仍然可以遍歷用戶並檢查是否存在。但我不認爲你會得到這個你想成爲的地方。

首先在一個單一的變量，這裏users_checked註冊結果：

- name: Check if user exists 
    shell: /usr/bin/getent passwd {{ item.username }} | /usr/bin/wc -l | tr -d ' ' 
    with_items: users 
    register: users_checked 

我建議你與debug模塊工作，始終以什麼樣的數據結構你的工作檢查。

- debug: var=users_checked 

這將顯示你是這樣的：

"var": { 
    "users_checked": { 
     "changed": true, 
     "msg": "All items completed", 
     "results": [ 
      { 
       "changed": true, 
       "cmd": "/usr/bin/getent passwd someguy | /usr/bin/wc -l | tr -d ' '", 
       "delta": "0:00:00.005415", 
       "end": "2015-09-08 20:59:33.379516", 
       "invocation": { 
        "module_args": "/usr/bin/getent passwd someguy | /usr/bin/wc -l | tr -d ' '", 
        "module_name": "shell" 
       }, 
       "item": { 
        "description": "Some Guy", 
        "groups": [ 
         "sudo", 
         "guy" 
        ], 
        "new_id": 6001, 
        "old_gid": null, 
        "old_uid": null, 
        "password": "waffles", 
        "user_exists": null, 
        "username": "someguy" 
       }, 
       "rc": 0, 
       "start": "2015-09-08 20:59:33.374101", 
       "stderr": "", 
       "stdout": "0", 
       "stdout_lines": [ 
        "0" 
       ], 
       "warnings": [] 
      }, 
      { 
       "changed": true, 
       "cmd": "/usr/bin/getent passwd somedude | /usr/bin/wc -l | tr -d ' '", 
       "delta": "0:00:00.006362", 
       "end": "2015-09-08 20:59:33.530546", 
       "invocation": { 
        "module_args": "/usr/bin/getent passwd somedude | /usr/bin/wc -l | tr -d ' '", 
        "module_name": "shell" 
       }, 
       "item": { 
        "description": "Some Dude", 
        "groups": [ 
         "dude" 
        ], 
        "new_id": 6002, 
        "old_gid": null, 
        "old_uid": null, 
        "password": "toast", 
        "user_exists": null, 
        "username": "somedude" 
       }, 
       "rc": 0, 
       "start": "2015-09-08 20:59:33.524184", 
       "stderr": "", 
       "stdout": "0", 
       "stdout_lines": [ 
        "0" 
       ], 
       "warnings": [] 
      } 
     ] 
    } 
} 

所以其結果不僅包含所有項目的實際結果，但還有輸入對象。這使您可以循環使用users_checked.results而不是原來的users列表。

- name: Check user current UID 
    shell: /usr/bin/id -u {{ item.item.username }} 
    with_items: users_checked.results 
    when: item.stdout == 1 

但現在它會變得討厭，因爲你想檢查兩件事。你可能會繼續使用這種方法，註冊上面的結果，然後使用已註冊的數據結構作爲下一個循環的輸入，但是最終會得到深度嵌套的對象，並且最終會在registered_var.results[x].item.results[y].item.results[z].item...的某個地方產生原始對象。

爲避免此混亂，您可能需要查看creating a custom module的任務。