我有一个非常特殊的问题,在我的代码中,我必须将ansible值与客户期望值和客户期望的un_matched值进行比较,但是最终的剧本输出应该是failed =0而不是failed =1。
代码为:
- name: show file contents of customer-expects.txt
debug:
msg: "{{ lookup('file', '/customer-expects.txt') }}"
- shell: cat /etc/issue
register: issue
changed_when: false
ignore_errors: yes
- assert:
that:
- lookup('file', '/customer-expects.txt') == issue.stdout
success_msg: "matched! {{ lookup('file', '/customer-expects.txt') }} = {{ issue.stdout }}"
- name: show file contents customer-expects_unmatched.txt
debug:
msg: "{{ lookup('file', '/customer-expects_unmatched.txt') }}"
- shell: cat /etc/issue
register: issue
changed_when: false
ignore_errors: yes
- assert:
that:
- lookup('file', '/customer-expects_unmatched.txt') == issue.stdout
fail_msg: "unmatched! {{ lookup('file', '/customer-expects_unmatched.txt') }} = {{ issue.stdout }}"
success_msg: "matched! {{ lookup('file', '/customer-expects.txt') }} = {{ issue.stdout }}"
输出为:
[root@ansible-master /]# ansible-playbook tab8.role.yml -v
Using /etc/ansible/ansible.cfg as config file
PLAY [This output is for Tab-8 of Function Design document] *********
TASK [Gathering Facts] **********************************************
ok: [ansible-client1]
TASK [issue_tab8 : show file contents of customer-expects.txt] ******
ok: [ansible-client1] => {
"msg": ""
}
TASK [issue_tab8 : shell] *******************************************
ok: [ansible-client1] => {"changed": false, "cmd": "cat /etc/issue", "delta": "0:00:00.005200", "end": "2022-01-25 14:17:57.070688", "rc": 0, "start": "2022-01-25 14:17:57.065488", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
TASK [issue_tab8 : assert] ******************************************
ok: [ansible-client1] => {
"changed": false,
"msg": "matched! = "
}
TASK [issue_tab8 : show file contents customer-expects_unmatched.txt] *
ok: [ansible-client1] => {
"msg": "abc"
}
TASK [issue_tab8 : shell] *******************************************
ok: [ansible-client1] => {"changed": false, "cmd": "cat /etc/issue", "delta": "0:00:00.004603", "end": "2022-01-25 14:17:57.674059", "rc": 0, "start": "2022-01-25 14:17:57.669456", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
TASK [issue_tab8 : assert] ******************************************
fatal: [ansible-client1]: FAILED! => {
"assertion": "lookup('file', '/customer-expects_unmatched.txt') == issue.stdout",
"changed": false,
"evaluated_to": false,
"msg": "unmatched! abc = "
}
PLAY RECAP **********************************************************
ansible-client1 : ok=6 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
您采取了错误的方式,使其变得不必要的复杂IMO.
你必须明白,在ansible中制定一个剧本包括描述你想要找到目标机器的状态。在这种特殊情况下,您需要描述在目标上查找特定文件的状态。这基本上是通过使用copy模块的任务来完成的。一旦您完成了这项工作,了解文件是相似还是不同只是命令行切换或任务选项的问题。
有关以下解释的更多信息,请参阅验证任务
Ansible有一个check_mode,它可以让你运行整个剧本,只是为了验证它会做什么。你也可以无条件地将该模式应用于单个任务,使其始终作为检查运行(check_mode: true(,或者始终对远程目标进行更改(无论剧本的调用方式如何((check_mode: false(。我们对第一种形式感兴趣。
类似地,ansible有一个diff的可能性,它可以让你看到你描述的状态和它(应该(对目标应用的修改之间的区别。
上面的场景就是一个例子。我只针对我的本地机器进行了测试,但你可以在任何远程目标上获得完全相同的结果。
首先,让我们在ansible目录中创建要检查的引用文件。
mkdir -p files
echo "I'm the reference file" > files/ansible_reference.txt
对于这个例子,我现在将在我们的目标上创建一个相同和不同的文件,这样我们就可以比较这两种情况:
echo "I'm the reference file" > /tmp/ansible_similar.txt
echo "I'm a different file" > /tmp/ansible_different.txt
这是行动手册compare.yml
---
- name: compare remote file to a local reference
hosts: localhost
gather_facts: false
vars:
local_reference: ansible_reference.txt
remote_files_2_check:
- /tmp/ansible_similar.txt
- /tmp/ansible_different.txt
tasks:
- name: Dry run a copy with diff to check if remote file is aligned
copy:
src: "{{ local_reference }}"
dest: "{{ item }}"
check_mode: true
diff: true
loop: "{{ remote_files_2_check }}"
哪个给出:
$ ansible-playbook compare.yml
PLAY [compare remote file to a local reference] *****************************
TASK [Dry run a copy with diff to check if remote file is aligned] **********
ok: [localhost] => (item=/tmp/ansible_similar.txt)
--- before: /tmp/ansible_different.txt
+++ after: /home/user/ansible_project/files/ansible_reference.txt
@@ -1 +1 @@
-I'm a different file
+I'm the reference file
changed: [localhost] => (item=/tmp/ansible_different.txt)
PLAY RECAP ******************************************************************
localhost : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
注:
- 尽管Ansible为不同的文件报告
changed,但这只是会发生的情况。由于我们正在为给定的任务进行试运行,以上内容不会改变您的目标。您可以多次运行它,只要您不更改引用或目标状态,它就会报告相同的结果 - 如果你对任务的默认报告不满意,你可以注册结果,探索其内容,并在后续任务中使用它来满足你的确切要求
- 注意,上面可能会报告目标文件的权限上的差异。您可能需要在复制模块中对此进行调整,以避免误报