Hello all,
New to Ansible, so I apologize if there is a simple solution to this problem - but I have done a lot of searching and have not been able to find one. I am running Ansible 2.2.1.0 on a 2015 Macbook Pro using macOS High Sierra.
When invoking ansible-playbook like so:
ansible-playbook -i environments/my-inventory my-playbook.yml --vault-password-file ../vault.pass --tags="mytag"
I can access the path to “environments/my-inventory” in the playbook by referencing the variable {{ inventory_file }}, which is a so-called magic variable. However, I cannot find similar variables to reference which will give me the values passed for the vault password file or the tags. In my searching I have found DEFAULT_VAULT_PASSWORD_FILE, ANSIBLE_VAULT_PASSWORD_FILE, vault_password_file as possible variables which could hold a path to a vault password file, but none of those variables when referenced in Jinja templating are defined or have the value I’ve passed on the command line.
The reason I want to access these values is because I have a playbook executing other playbooks in parallel in the method suggested by Ansible developer bcoca (slide 24), and in my case my-playbook.yml looks like:
`
-
hosts: localhost
gather_facts: False
tasks: -
shell: ansible-playbook -i {{ inventory_file }} playbook-{{item}}.yml --vault-password-file …/vault.pass
async: 3600
poll: 0
with_items: [item1,item2,item3]
register: myregister -
async_status: jid={{myregister.results[item.0].ansible_job_id}}
register: jobs
until: jobs.finished
with_indexed_items: [item1,item2,item3]
retries: 100
delay: 10
`
The values for --vault-password-file and --tags that are passed in the initial call are not inherited by localhost tasks, so playbook-item1.yml will not have any tag consideration when executing. It will only have a vault password file because that’s hardcoded into the playbook above, whereas I’d prefer to reference it programmatically.
So, to recap, I call my-playbook.yml in a terminal, and my-playbook.yml calls a handful of shells on localhost. I would like to call my-playbook.yml in the terminal with --vault-password-file and be able to access that variable inside the playbook, so that my localhost shell task would not need that path hard-coded again. As mentioned above, I’d also like to do the same thing with referencing tags. Is this possible?
Thanks in advance for reading and considering. Let me know if more information is required.