Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Ansible to Conditionally Prompt for a Variable?

Tags:

variables

ansible

I would like to be able to prompt for my super secure password variable if it is not already in the environment variables. (I'm thinking that I might not want to put the definition into .bash_profile or one of the other spots.)

This is not working. It always prompts me. 

vars:   THISUSER: "{{ lookup('env','LOGNAME') }}"   SSHPWD:   "{{ lookup('env','MY_PWD') }}"  vars_prompt:   - name: "release_version"     prompt: "Product release version"     default: "1.0"     when: SSHPWD == null

NOTE: I'm on a Mac, but I'd like for any solutions to be platform-independent.

like image 651
AnneTheAgile Avatar asked Aug 23 '14 21:08

AnneTheAgile

2 Answers

According to the replies from the devs and a quick test I've done with the latest version, the vars_prompt is run before "GATHERING FACTS". This means that the env var SSHPWD is always null at the time of your check with when.

Unfortunately it seems there is no way of allowing the vars_prompt statement at task level.

Michael DeHaan's reasoning for this is that allowing prompts at the task-level would open up the doors to roles asking a lot of questions. This would make using Ansible Galaxy roles which do this difficult:

There's been a decided emphasis in automation in Ansible and asking questions at task level is not something we really want to do.

However, you can still ask vars_prompt questions at play level and use those variables throughout tasks. You just can't ask questions in roles.

And really, that's what I would like to enforce -- if a lot of Galaxy roles start asking questions, I can see that being annoying :)

like image 159
adm_ Avatar answered Sep 21 '22 12:09

adm_

I might be late to the party but a quick way to avoid vars_prompt is to disable the interactive mode by doing that simple trick:

echo -n | ansible-playbook -e MyVar=blih site.yaml

This add no control over which vars_prompt to avoid but coupled with default: "my_default" it can be used in a script.

Full example here:

--- - hosts: localhost   vars_prompt:     - prompt: Enter blah value     - default: "{{ my_blah }}"     - name: blah

echo -n | ansible-playbook -e my_blah=blih site.yaml

EDIT:

I've found that using the pause module and the prompt argument was doing what I wanted:

--- - pause:       prompt: "Sudo password for localhost "   when: ( env == 'local' ) and       ( inventory_hostname == "localhost" ) and       ( hostvars["localhost"]["ansible_become_password"] is not defined )   register: sudo_password   no_log: true   tags:        - always
like image 35
tehmoon Avatar answered Sep 21 '22 12:09

tehmoon
Sign in to Comment

Related questions

jQuery get text as number
Is using "is" to name Boolean variables bad practice?
Where can I legally declare a variable in C99?
Empty variable define in php
Register variables in with_items loop in Ansible playbook
Swift override instance variables
PHP class: Global variable as property in class
Python initialize multiple variables to the same initial value
How to share variables across scripts in python?
Android: how can fragment take a global variable of Activity
Declaring a Javascript variable twice in same scope - Is it an issue?
PHP static variables in double quotes
What is a JSON octet and why are two required?
Check if variable is false and not either true or undefined
Unused variable naming in python [duplicate]
Check if Windows batch variable starts with a specific string
Android: Listening for variable changes
Why PHP variables start with a $ sign symbol?
How to divide two long variables in java [duplicate]
Advantages of using condition variables over mutex

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!