试图找出如何过滤掉以下剧本输出中的用户名列表。
- name: Get all users
ome_user_info:
hostname: "{{ dellome_hostname }}"
username: "{{ dellome_username }}"
password: "{{ dellome_password }}"
register: users
现在输出提供以下内容:
ok: [192.168.1.100] => {
"users": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"deprecations": [
{
"msg": "Distribution Ubuntu 18.04 on host 192.168.1.100 should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.8/reference_appendices/interpreter_discovery.html for more information",
"version": "2.12"
}
],
"failed": false,
"user_info": {
"192.168.1.100": {
"@odata.context": "/api/$metadata#Collection(AccountService.Account)",
"@odata.count": 3,
"value": [
{
"@odata.id": "/api/AccountService/Accounts('10066')",
"@odata.type": "#AccountService.Account",
"Description": "admin",
"DirectoryServiceId": 0,
"Enabled": true,
"Id": "10066",
"IsBuiltin": true,
"Locked": false,
"Name": "admin",
"Password": null,
"Permissions@odata.navigationLink": "/api/AccountService/Accounts('10066')/Permissions",
"RoleId": "10",
"UserName": "admin",
"UserTypeId": 1
},
{
"@odata.id": "/api/AccountService/Accounts('10102')",
"@odata.type": "#AccountService.Account",
"Description": null,
"DirectoryServiceId": 0,
"Enabled": true,
"Id": "10102",
"IsBuiltin": false,
"Locked": false,
"Name": "dell",
"Password": null,
"Permissions@odata.navigationLink": "/api/AccountService/Accounts('10102')/Permissions",
"RoleId": "10",
"UserName": "dell",
"UserTypeId": 1
},
{
"@odata.id": "/api/AccountService/Accounts('10233')",
"@odata.type": "#AccountService.Account",
"Description": null,
"DirectoryServiceId": 10232,
"Enabled": true,
"Id": "10233",
"IsBuiltin": false,
"Locked": false,
"Name": "Domain Users",
"Password": null,
"Permissions@odata.navigationLink": "/api/AccountService/Accounts('10233')/Permissions",
"RoleId": "10",
"UserName": "Domain Users",
"UserTypeId": 2
}
]
}
}
}
}
我能够从注册变量用户的输出中确定以下内容。
- debug:
var: "{{ users | length }}"
这为我提供了5的长度。这在一定程度上是有道理的。如果我开始探究输出,我可以确定以下内容:
- debug:
var: "{{ users.user_info | length }}"
这给我看了1的长度,这是有道理的。如果我使用users.user_info添加var,那么我可以看到下面的输出。
TASK [manage_users : debug] *************************************************************************************************************************************************************
ok: [192.168.1.100] => {
"users.user_info": {
"192.168.1.100": {
"@odata.context": "/api/$metadata#Collection(AccountService.Account)",
"@odata.count": 3,
"value": [
{
"@odata.id": "/api/AccountService/Accounts('10066')",
"@odata.type": "#AccountService.Account",
"Description": "admin",
"DirectoryServiceId": 0,
"Enabled": true,
"Id": "10066",
"IsBuiltin": true,
"Locked": false,
"Name": "admin",
"Password": null,
"Permissions@odata.navigationLink": "/api/AccountService/Accounts('10066')/Permissions",
"RoleId": "10",
"UserName": "admin",
"UserTypeId": 1
},
{
"@odata.id": "/api/AccountService/Accounts('10102')",
"@odata.type": "#AccountService.Account",
"Description": null,
"DirectoryServiceId": 0,
"Enabled": true,
"Id": "10102",
"IsBuiltin": false,
"Locked": false,
"Name": "dell",
"Password": null,
"Permissions@odata.navigationLink": "/api/AccountService/Accounts('10102')/Permissions",
"RoleId": "10",
"UserName": "dell",
"UserTypeId": 1
},
{
"@odata.id": "/api/AccountService/Accounts('10233')",
"@odata.type": "#AccountService.Account",
"Description": null,
"DirectoryServiceId": 10232,
"Enabled": true,
"Id": "10233",
"IsBuiltin": false,
"Locked": false,
"Name": "Domain Users",
"Password": null,
"Permissions@odata.navigationLink": "/api/AccountService/Accounts('10233')/Permissions",
"RoleId": "10",
"UserName": "Domain Users”,
"UserTypeId": 2
}
]
}
}
}
试图弄清楚如何循环并获得以下数组:value-->用户名。从本质上讲,我将取以下值,循环遍历并删除不等于以下值的用户。管理员、戴尔、域用户。
现在有人可能会说,你可以很容易地对项目说while not=——然后这个列表就会起作用——我首先需要弄清楚如何搜索并获取值。我尝试过以下几种:
- debug:
var: users.user_info().value()
- debug:
var: users.user_info.find('UserName')
- debug:
msg: UserName
loop: users.user_info."192.168.1.100".value
#- debug:
# var: users.user_info."{{ dellome_hostname }}".UserName
#- debug:
# var: "(claims1 | from_json).value"
# msg: "{{ users.user_info.UserName | list }}"
# (output_text.stdout | from_json).ismaster
#- debug:
# msg: "{{ item }}"
#loop: "{{ users.user_info | from_json | list }}"
最后,一旦我了解了如何获取数据,我就可以创建一个循环来执行以下操作:
---
- name: Delete a User in Dell OME
ome_user:
hostname: "{{ dellome_hostname }}"
username: "{{ dellome_username }}"
password: "{{ dellome_password }}"
state: "{{ requestedState }}"
name: "{{ requstedUserName }}"
在这里,我可以添加循环,以消除不符合我提供的名称列表的用户。如有任何帮助,我们将不胜感激。
以下是我遇到的一些错误。
TASK [manage_users : debug] *************************************************************************************************************************************************************
fatal: [192.168.1.100]: FAILED! => {"msg": "Unexpected templating type error occurred on ({{users.user_info().value()}}): 'dict' object is not callable"}
TASK [manage_users : debug] *************************************************************************************************************************************************************
fatal: [192.168.1.100]: FAILED! => {"msg": "template error while templating string: expected name or number. String: {{users.user_info."192.168.1.100".value()}}"}
或者,正如我所看到的,如果我能找到一种方法来创建一个查找角色ID的循环,当它不等于10时,删除用户。
使用json_query。下面的任务
- set_fact:
users_rm: "{{ users.user_info|
json_query('*.value[].UserName') }}"
- debug:
var: users_rm
给出
users_rm:
- admin
- dell
- Domain Users
您正在主机192.168.1.100上运行查询,字典users仅包含来自该单个主机的用户。如果字典中有更多主机,则上面查询中的星号"*"将全部选中。最好为运行查询的特定主机选择用户。例如,下面的任务给出了相同的结果
- set_fact:
users_rm: "{{ users.user_info[inventory_hostname].value|
map(attribute='UserName')|
list }}"