I can't seem to make this loop work. If anyone can tell what I'm doing wrong, appreciate any advice in advance.
What I'm trying to do is to descend into a directory, that holds directories named for my workstations. The dirs are created from the result of a "fetch" and hold host1.csr/req, host2.csr/req (for example). I only have two directories right now to speed up testing.
I'm trying to run a shell command on the CSR files: openssl req -text -noout -verify -in (host*.csr). Here's what I have in my play. Note: if idents or spelling is wrong, they're just typing errors. The play is running on a closed network. The play does pass --syntax-check.
name: Find CSR files
ansible.builtin.find:
paths: /etc/cert_dir/workstations
file_type: file
patterns: “*.csr”
recurse: yes
register: csr
name: csr file names into new variable
set_fact:
CSR: “{{csr.files | map(attribute=‘path’) | map(‘basename’) | list }}”
name: Print csr variable
debug:
msg: Print result of CSR search: {{ csr }}
name: Test variable usage against the found csr files
ansible.builtin.shell:
cmd: openssl req -text -noout -verify -in {{ csr }} {{ item.path }}
And of course it doesn't work. The error displayed says the host1.csr file can't be found. In fact, it lists the full path (/etc/cert_dir/wkstns/host1.csr file can't be found). It repeats for host2.csr, I don't get it. The first parts of this play are just a sanity check that will eventually be removed. I just wanted to see if I could get a play to descend into the main dir, go into each workstation dir, and find the csr files. That does work. It shows the two CSR files - host1.csr, host2.csr.
So if the files can be found can anyone tell what I'm doing wrong as far as the loop?
Here is a sample find / loop through the results example that might help you:
- name: test
hosts: localhost
tasks:
- ansible.builtin.find:
paths: /tmp
file_type: file
patterns: "*.txt"
recurse: yes
register: find_results
- ansible.builtin.debug:
var: find_results
- ansible.builtin.command:
cmd: /usr/bin/sha1sum {{ item.path }}
changed_when: false
with_items: "{{ find_results.files }}"
This will search /tmp for files that end with .txt and run /usr/bin/sha1sum against them. changed_when: false to not consider the target to have changed.