Can you add
when: groups['web'] | length
onto the "populate secret for use elsewhere" task?
On Friday, September 16, 2022 at 5:34:37 AM UTC-4 [email protected] wrote:
> Hi
>
> I have a playbook that contains several plays. One play is performing API
> related tasks in AWS, so it's using the local connection and localhost. The
> plays after that targets real hosts.
> Pseudo code:
>
> - name: do API related work
> hosts: localhost
> connection: local
> become: false
> gather_facts: false
> tags: api
> tasks:
> - name: populate secret for use elsewhere
> community.aws.aws_secret:
> name: foopass
> secret: "{{ hostvars[groups['web'][0]].foopass }}"
>
> - name: deploy web servers
> hosts: web
> tasks:
> - name: save secret
> copy:
> dest: foopass.txt
> content: "{{ foopass }}"
>
>
> This play works, but I don't know how to selectively run the API play if
> there are no web servers in the play (as they might not exist yet).
> If I try '-i localhost, --connection local', then the API task doesn't
> find any hostvars for a 'web' host:
>
> TASK [populate secret for use elsewhere]
> ***************************************************************************************************************
> fatal: [localhost]: FAILED! =>
> msg: '{{ hostvars[groups[''web''][0]].foopass }}: ''dict object'' has no
> attribute ''web'''
>
> This seems to make sense. But how would I go about accessing those vars?
> Is it possible at all to access variables for hosts that are NOT in the
> current play?
>
> FYI the variable is not gathered (again, because the web host is not yet
> there), it is defined in group_vars/web/main.yml - so it is there on disk.
>
> Thanks!
>
> Dick Visser
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/45df6582-0d36-4209-a59d-802ecc113827n%40googlegroups.com.
