We Keep Coding

Ansible: Print path and contents of multiple files - ssh

I am trying to write a playbook that scans a host for the authorized_keys file, and then prints out the path and contents of the file.
Every attempt I have made and all the researching I have done and I am still unable to get the behaviour that I want, which is the following:
For each instance of the found file, print:
path to file
contents of file
Here is the playbook:
---
- name: Show File Contents
vars_prompt:
- name: host
prompt: Enter host(s) to search
private: no
- name: file
prompt: Enter file to show the contents of
private: no
hosts: "{{ host }}"
tasks:
- name: Find Files
find:
patterns: "{{ file }}"
recurse: true
paths: /
register: files_matched
- name: Cat authorized keys
shell: cat {{ item.path }}
register: cat
loop: "{{ files_matched.files }}"
- name: Print output
loop: "{{ cat | json_query('results[*].stdout') }}"
debug:
msg: "{{ item.results }}"
become: true
...
Here is the output when the above playbook is run against a single host:
TASK [Print output] ****************************************************************************************************************
ok: [ansible-testinghost.local] => {
"msg": [
{
"ansible_loop_var": "item",
"changed": true,
"cmd": "cat /root/.ssh/authorized_keys",
"delta": "0:00:00.003527",
"end": "2022-04-10 14:56:27.867035",
"failed": false,
"invocation": {
"module_args": {
"_raw_params": "cat /root/.ssh/authorized_keys",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"item": {
"atime": 1649599428.4008615,
"ctime": 1648947238.992,
"dev": 64768,
"gid": 0,
"gr_name": "root",
"inode": 661181,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mode": "0600",
"mtime": 1648947238.992,
"nlink": 1,
"path": "/root/.ssh/authorized_keys",
"pw_name": "root",
"rgrp": false,
"roth": false,
"rusr": true,
"size": 0,
"uid": 0,
"wgrp": false,
"woth": false,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
},
"rc": 0,
"start": "2022-04-10 14:56:27.863508",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
},
{
"ansible_loop_var": "item",
"changed": true,
"cmd": "cat /home/ansible/.ssh/authorized_keys",
"delta": "0:00:00.003548",
"end": "2022-04-10 14:56:28.138414",
"failed": false,
"invocation": {
"module_args": {
"_raw_params": "cat /home/ansible/.ssh/authorized_keys",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"item": {
"atime": 1649587940.6308339,
"ctime": 1649458786.3099895,
"dev": 64768,
"gid": 1001,
"gr_name": "ansible",
"inode": 661196,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mode": "0600",
"mtime": 1649458786.3099895,
"nlink": 1,
"path": "/home/ansible/.ssh/authorized_keys",
"pw_name": "ansible",
"rgrp": false,
"roth": false,
"rusr": true,
"size": 561,
"uid": 1001,
"wgrp": false,
"woth": false,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
},
"rc": 0,
"start": "2022-04-10 14:56:28.134866",
"stderr": "",
"stderr_lines": [],
"stdout": "ssh key",
"stdout_lines": [
"ssh key"
]
},
{
"ansible_loop_var": "item",
"changed": true,
"cmd": "cat /home/primary-admin/.ssh/authorized_keys",
"delta": "0:00:00.003515",
"end": "2022-04-10 14:56:28.408766",
"failed": false,
"invocation": {
"module_args": {
"_raw_params": "cat /home/primary-admin/.ssh/authorized_keys",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"item": {
"atime": 1649587950.2066748,
"ctime": 1649495080.4039176,
"dev": 64768,
"gid": 1000,
"gr_name": "primary-admin",
"inode": 661199,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mode": "0600",
"mtime": 1649495080.4039176,
"nlink": 1,
"path": "/home/primary-admin/.ssh/authorized_keys",
"pw_name": "primary-admin",
"rgrp": false,
"roth": false,
"rusr": true,
"size": 277,
"uid": 1000,
"wgrp": false,
"woth": false,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
},
"rc": 0,
"start": "2022-04-10 14:56:28.405251",
"stderr": "",
"stderr_lines": [],
"stdout": "ssh key",
"stdout_lines": [
"ssh key"
]
}
]
}
Which I have summarised to be a list of 3 dictionaries:
"msg": [
{},
{},
{}
]
How do I get my playbook to print just the path and contents?
Thanks for your time!

Fix the last task "Print output". Otherwise, your code is working as expected. For example, given the files at the remote host for testing
shell> ssh admin#test_11 'find /tmp -name authorized_keys'
/tmp/root/.ssh/authorized_keys
/tmp/admin/.ssh/authorized_keys
shell> ssh admin#test_11 'cat /tmp/root/.ssh/authorized_keys'
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
shell> ssh admin#test_11 'cat /tmp/admin/.ssh/authorized_keys'
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
Running the playbook
shell> ansible-playbook playbook.yml
Enter host(s) to search: test_11
Enter file to show the contents of: authorized_keys
Set a list
- name: Print output
set_fact:
path_content: "{{ cat.results|
json_query('[].{path: item.path, content: stdout}') }}"
- debug:
var: path_content
gives
path_content:
- content: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
path: /tmp/root/.ssh/authorized_keys
- content: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
path: /tmp/admin/.ssh/authorized_keys
, or a dictionary
- name: Print output
set_fact:
path_content: "{{ cat.results|
json_query('[].{path: item.path, content: stdout}')|
items2dict(key_name='path', value_name='content') }}"
- debug:
var: path_content
gives
path_content:
/tmp/admin/.ssh/authorized_keys: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
/tmp/root/.ssh/authorized_keys: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
If you run the code on multiple hosts collect all results in a dictionary. For example, running the playbook
shell> ansible-playbook playbook.yml
Enter host(s) to search: test_11,test_12
Enter file to show the contents of: authorized_keys
Set the dictionary of all hosts
- name: Print output of all hosts
set_fact:
host_path_content: "{{ dict(ansible_play_hosts|
zip(ansible_play_hosts|
map('extract', hostvars, 'path_content'))) }}"
run_once: true
- debug:
var: host_path_content
gives
host_path_content:
test_11:
/tmp/admin/.ssh/authorized_keys: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
/tmp/root/.ssh/authorized_keys: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_12
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
test_12:
/tmp/admin/.ssh/authorized_keys: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_11
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13
/tmp/root/.ssh/authorized_keys: |-
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_11
ssh-rsa 111111111111111111
22222222222222222222222222
333333333333 admin#test_13

Related

I would like to do something like:
- name: Wait until the file is touched
ansible.builtin.wait_for:
path: 192.168.1.1:/home/test.txt
timeout: 300
where 192.168.1.1 is some remote host I am connected to. Is this possible?

I don't believe it's possible with wait_for module.
My workaround is to use until:
- name: Wait until file exists on remote.
shell: ssh $USER#192.168.1.1 ls /home/test.txt
register: filecheck
until: filecheck.stdout == "/home/test.txt"
retries: 10
delay: 1
I copied the file to the host while the playbook was running through the 9th attempt:
changed: [localhost] => {
"attempts": 9,
"changed": true,
"cmd": "ssh root#192.168.1.1 ls /home/test.txt",
"delta": "0:00:01.548091",
"end": "2022-08-11 15:31:05.276277",
"invocation": {
"module_args": {
"_raw_params": "ssh root#192.168.1.1 ls /home/test.txt",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": false
}
},
"msg": "",
"rc": 0,
"start": "2022-08-11 15:31:03.728186",
"stderr": "",
"stderr_lines": [],
"stdout": "/home/test.txt",
"stdout_lines": [
"/home/test.txt"
]

I can't extract the ip from the register var after ping command from "shell" module.
ping.yml
---
- name: "Ping computers"
shell:
cmd: "ping -c1 -w 2 {{ pinging_host }}"
register: pingged_host
ignore_errors: yes
with_items:
- 192.168.1.27
- 192.168.1.42
loop_control:
loop_var: pinging_host
- name: "Result ping"
debug:
var: pingged_host
- name: " ***Ip ping"
debug:
var: pingged_host.results.value.pinging_host
...
output from jenkins:
TASK [ Result ping] **********************
ok: [computer1] => {
"pingged_host": {
"changed": true,
"failed": true,
"msg": "All items completed",
"results": [
{
"ansible_loop_var": "pinging_host",
"changed": true,
"cmd": "ping -c1 -w 2 192.168.1.27",
"delta": "0:00:00.003363",
"end": "2021-02-25 17:08:48.994930",
"failed": false,
"invocation": {
"module_args": {
"_raw_params": "ping -c1 -w 2 192.168.1.27",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"pinging_host": "192.168.1.27",
"rc": 0,
"start": "2021-02-25 17:08:48.991567",
"stderr": "",
"stderr_lines": [],
"stdout": "PING 192.168.1.27 (192.168.1.27) 56(84) bytes of data.\n64 bytes from 192.168.1.27: icmp_seq=1 ttl=128 time=0.337 ms\n\n--- 192.168.1.27 ping statistics ---\n1 packets transmitted, 1 received, 0% packet loss, time 0ms\nrtt min/avg/max/mdev = 0.337/0.337/0.337/0.000 ms",
"stdout_lines": [
"PING 192.168.1.27 (192.168.1.27) 56(84) bytes of data.",
"64 bytes from 192.168.1.27: icmp_seq=1 ttl=128 time=0.337 ms",
"",
"--- 192.168.1.27 ping statistics ---",
"1 packets transmitted, 1 received, 0% packet loss, time 0ms",
"rtt min/avg/max/mdev = 0.337/0.337/0.337/0.000 ms"
]
},
{
"ansible_loop_var": "pinging_host",
"changed": true,
"cmd": "ping -c1 -w 2 192.168.1.42",
"delta": "0:00:02.003313",
"end": "2021-02-25 17:08:51.269047",
"failed": true,
"invocation": {
"module_args": {
"_raw_params": "ping -c1 -w 2 192.168.1.42",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"msg": "non-zero return code",
"pinging_host": "192.168.1.42",
"rc": 1,
"start": "2021-02-25 17:08:49.265734",
"stderr": "",
"stderr_lines": [],
"stdout": "PING 192.168.1.42 (192.168.1.42) 56(84) bytes of data.\n\n--- 192.168.1.42 ping statistics ---\n2 packets transmitted, 0 received, 100% packet loss, time 10ms",
"stdout_lines": [
"PING 192.168.1.42 (192.168.1.42) 56(84) bytes of data.",
"",
"--- 192.168.1.42 ping statistics ---",
"2 packets transmitted, 0 received, 100% packet loss, time 10ms"
]
}
]
}
}
TASK [ ***Result ping] *******************
ok: [computer1] => {
"pingged_host.results.value.pinging_host": "VARIABLE IS NOT DEFINED!"
}
Nota: "VARIABLE IS NOT DEFINED!" or "...template error while templating string: expected name...", I have this result when I put other path's:
pingged_host.results.value.pinging_host
pingged_host.results.pinging_host
pingged_host.results.[pinging_host]
pingged_host.results[pinging_host]
pingged_host.results['pinging_host']
How I can read "pinging_host" or "rc" from my register var???????
Thank's

Your data structure in yaml looks like this
pingged_host:
results:
- pinging_host: 192.168.1.27
rc: 0
- pinging_host: 192.168.1.42
rc: 0
Since result contains an array, you have to reference exact element of the array.
i.e to get first result you should use
- name: " {{ role_name }} | ***Ip ping"
debug:
var: pingged_host.results[0].pinging_host
To get every attribute you can use map and list filters, as explained here https://ansiblemaster.wordpress.com/2017/02/24/debug-properly-data-registered-with-a-loop/ , if you want to get all rc's, you can use the following:
- name: " {{ role_name }} | ***Ip ping"
debug:
msg: "{{ pingged_host.results|map(attribute='rc')|list }}"
resulting in:
TASK [{{ role_name }} | ***Ip ping] **********************************************************************************************************************************************
ok: [localhost] => {
"msg": [
0,
0
]
}

I have a playbook that downloads a list of files from S3, this list can be set dynamically by utilizing with_items and |default([]).
After pulling this I need to get a list of destinations of the stored files and perform other actions. I registered the var output and see that invocation module_args has the value "Dest" which is what i want to access.
I've tried things like:
debug: msg="{{ item }}"
with_items: "{{ output.results }}
Or even accessing output.invocation but get undefined variable
Task:
- name: "Download Apps from S3"
aws_s3:
bucket: "{{ resource_bucket_name }}"
object: "{{ s3_apps[item].src }}"
dest: "{{ s3_apps[item].dest }}"
mode: get
with_items: "{{ s3_apps_decl |default([]) }}"
register: output
My output variable with debug:
"msg": [
{
"ansible_loop_var": "item",
"changed": true,
"failed": false,
"invocation": {
"module_args": {
"aws_access_key": null,
"aws_secret_key": null,
"bucket": "bucket-resources",
"debug_botocore_endpoint_logs": false,
"dest": "/tmp/test_app.tgz",
"dualstack": false,
"ec2_url": null,
"encrypt": true,
"encryption_kms_key_id": null,
"encryption_mode": "AES256",
"expiry": 600,
"headers": null,
"ignore_nonexistent_bucket": false,
"marker": "",
"max_keys": 1000,
"metadata": null,
"mode": "get",
"object": "test_app.tgz",
"overwrite": "always",
"permission": [
"private"
],
"prefix": "",
"profile": null,
"region": null,
"retries": 0,
"rgw": false,
"s3_url": null,
"security_token": null,
"src": null,
"validate_certs": true,
"version": null
}
},
"item": "test_app",
"msg": "GET operation complete"
},
{
"ansible_loop_var": "item",
"changed": true,
"failed": false,
"invocation": {
"module_args": {
"aws_access_key": null,
"aws_secret_key": null,
"bucket": "bucket-resources",
"debug_botocore_endpoint_logs": false,
"dest": "/tmp/testanotherapp.spl",
"dualstack": false,
"ec2_url": null,
"encrypt": true,
"encryption_kms_key_id": null,
"encryption_mode": "AES256",
"expiry": 600,
"headers": null,
"ignore_nonexistent_bucket": false,
"marker": "",
"max_keys": 1000,
"metadata": null,
"mode": "get",
"object": "testanotherapp.spl",
"overwrite": "always",
"permission": [
"private"
],
"prefix": "",
"profile": null,
"region": null,
"retries": 0,
"rgw": false,
"s3_url": null,
"security_token": null,
"src": null,
"validate_certs": true,
"version": null
}
},
"item": "testanotherapp",
"msg": "GET operation complete"
}
]
}
My expected output would be to define a variable that outputs:
['/tmp/testanotherapp.spl'.'/tmp/test_app.tgz']
I've tried set_fact with the similar syntax as my task above however that only saves the last value...

What you should expect in output is exactly what you get since you are receiving the return values from an aws_s3 module call which you are registering in a loop.
Now, if you want to get a list of only paths of all dest you have saved on your target host, you have to extract the corresponding attribute from your data structure.
- name: Show a list of dest paths from previous run
debug:
msg: "{{ output.results | map(attribute='invocation.module_args.dest') | list }}"

when getting an object from an S3 bucket using the following Ansible command:
- name: "copy object from s3://{{ s3_bucket }}/{{ s3_object }} to {{ dest }}"
s3:
bucket: "{{ s3_bucket }}"
object: "{{ s3_object }}"
dest: "{{ dest }}"
mode: get
I get the following error:
fatal: [som_fake_host]: FAILED! => {
"changed": false,
"failed": true,
"invocation": {
"module_args": {
"aws_access_key": null,
"aws_secret_key": null,
"bucket": "some-fake-bucket",
"dest": "/some-fake-dest/",
"ec2_url": null,
"encrypt": true,
"expiry": "600",
"headers": null,
"ignore_nonexistent_bucket": false,
"marker": null,
"max_keys": "1000",
"metadata": null,
"mode": "get",
"object": "some_fake_file",
"overwrite": "always",
"permission": [
"private"
],
"prefix": null,
"profile": null,
"region": null,
"retries": 0,
"rgw": false,
"s3_url": null,
"security_token": null,
"src": null,
"validate_certs": true,
"version": null
}
},
"msg": "attempted to take checksum of directory: /some-fake-dest/"
}
additional useful information:
The destination directory exists
The user that runs the playbook has permission on the destination directory
The file exists in S3 bucket

Looking at the docs:
dest The destination file path when downloading an object/key with a GET operation.
Try to call module with file path, not directory. E.g.:
dest: "{{ dest }}/{{ s3_object }}"
or something.

I have a problem with checking existing files using dictonary in Ansible.
tasks:
- name: Checking existing file id
stat: path=/tmp/{{ item.id }}.conf
with_items: "{{ file_vars }}"
register: check_file_id
- name: Checking existing file name
stat: path=/tmp/{{ item.name }}.conf
with_items: "{{ file_vars }}"
register: check_file_name
- name: Checking file exists
debug: msg='File_id exists'
when: check_file_id.stat.exists == True
- name: Checking file name exists
debug: msg='File name exists'
when: check_file_name.stat.exists == True
vars:
file_vars:
- { id: 1, name: one }
- { id: 2, name: two }
Then, if I trying to run playbook, I got the error:
FAILED! => {"failed": true, "msg": "The conditional check 'check_file_id.stat.exists == True' failed. The error was: error while evaluating conditional (check_file_id.stat.exists == True): 'dict' object has no attribute 'stat'\n\n
I've tried to debug it:
- debug: var=check_file_id
and got:
"results": [
{
"_ansible_item_result": true,
"_ansible_no_log": false,
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_checksum": true,
"get_md5": true,
"mime": false,
"path": "/tmp/1.conf"
},
"module_name": "stat"
},
"item": {
"id": 1,
"name": "one"
},
"stat": {
"exists": false
}
},
{
"_ansible_item_result": true,
"_ansible_no_log": false,
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_checksum": true,
"get_md5": true,
"mime": false,
"path": "/tmp/2.conf"
},
"module_name": "stat"
},
"item": {
"id": 2,
"name": "two"
},
"stat": {
"exists": false
}
}
]
Where I am wrong?
Is is possible to use stat.exists with list of variables?
Thanks for answer!

The problem is that you are registering check_file_id in a loop. You need to read the documentation on using register in a loop, which discusses the implications of doing this. Your variable has a results key that contains the result of each iteration of the loop. You can see that in your debug output.
In subsequent tasks, you should iterate over check_file_id.results instead of file_vars, like this:
- hosts: localhost
gather_facts: false
vars:
file_vars:
- {id: 1, name: foo}
- {id: 2, name: bar}
tasks:
- name: Checking existing file id
stat:
path: ./files/{{ item.id }}.conf
with_items: "{{ file_vars }}"
register: check_file_id
- name: Checking existing file name
stat:
path: ./files/{{ item.name }}.conf
with_items: "{{ file_vars }}"
register: check_file_name
- debug:
msg: 'file id {{item.item.id}} (name {{item.item.name}}) exists'
with_items: "{{ check_file_id.results }}"
when: item.stat.exists
- debug:
msg: 'file name {{item.item.name}} (id {{item.item.id}}) exists'
with_items: "{{ check_file_name.results }}"
when: item.stat.exists