hashi_vault 将 variable/argument 传递到查找查询中
hashi_vault pass variable/argument into the lookup query
你知道我是否能够将变量传递到查找查询中吗?
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')['{{ myvar }}']}}"
其中 myvar 设置为 mypass
vault kv put secret/my_secret mypass=abcd123
我收到以下错误。
{"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute '{{myvar}}'\n\nThe error appears to be in '.../ansible/roles/joetests/tasks/main.yml': line 23, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - debug:\n ^ here\n"}
我尝试了不同的引语,但似乎都行不通
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')['"{{ myvar }}"']}}"
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')["'{{ myvar }}'"]}}"
如果我用下面的returns密码就成功了
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')['mypass']}}"
我目前正在测试一个非常简单的剧本
---
- debug:
msg:
- "{{ item }} => {{ password }}"
with_items:
- "{{ myvar }}"
哪里
myvar:
- user1
- user2
- user3
花括号 ({{ }}) 内的每个变量都将被插入,所以这里的技巧是实际上完全删除引号。试试这个:
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')[myvar] }}"
你知道我是否能够将变量传递到查找查询中吗?
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')['{{ myvar }}']}}"
其中 myvar 设置为 mypass
vault kv put secret/my_secret mypass=abcd123
我收到以下错误。
{"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute '{{myvar}}'\n\nThe error appears to be in '.../ansible/roles/joetests/tasks/main.yml': line 23, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - debug:\n ^ here\n"}
我尝试了不同的引语,但似乎都行不通
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')['"{{ myvar }}"']}}"
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')["'{{ myvar }}'"]}}"
如果我用下面的returns密码就成功了
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')['mypass']}}"
我目前正在测试一个非常简单的剧本
---
- debug:
msg:
- "{{ item }} => {{ password }}"
with_items:
- "{{ myvar }}"
哪里
myvar:
- user1
- user2
- user3
花括号 ({{ }}) 内的每个变量都将被插入,所以这里的技巧是实际上完全删除引号。试试这个:
password: "{{ lookup('hashi_vault', 'secret=secret/data/my_secret:data')[myvar] }}"