Hi,
Just started trying the awx_collection.
Using tower_credential, is it possible target a specific credential other than by name?
I have 2 credentials with the same name (in different organizations) and is getting
“An unexpected number of items was returned from the API (2)”
You should be able to use an ID in the name field to specify a specific credential.
i.e. to remove credential with ID of number 1:
This works for all the tower_* modules.
Knowing this might not be the most convenient solution, work is being done to add a tower lookup plugin to help you with scenarios like this.
For example, you might be able to do something like this in the future:
The details of the implementation are not 100% right now as this is still a work in progress but keep checking back for this feature in the future.
-John
There is an open pull request which implements this lookup plugin here:
https://github.com/ansible/awx/pull/7286
We are fairly close to getting it merged, and this is one of the top current priorities for the collection. If anyone has feedback on the implementation, now would be a great time to weigh in.
I also want to point out that most modules return an id value, so it’s a common pattern to call the first module, tower_credential, with register: result and then pass {{ [result.id](http://result.id) }} into the next module. The logic to recognize ids is also there for the many-related fields, so if you use the tower_job_template module, you should be able to pass credentials: [23, 42, 349], for example.
Hi,
I am able to get the id from the tower_credential but then using that id value in tower_role it does not work.
TASK [debug] *****************************************************************************************
ok: [localhost] =>
tower_output.id: ‘61’
TASK [Give team access to credential] ****************************************************************
fatal: [localhost]: FAILED! => changed=false
invocation:
module_args:
credential: ‘61’
msg: Failed to update role, credential not found in credentials
tisdag 30 juni 2020 kl. 19:05:59 UTC+2 skrev arom...@redhat.com:
Also when using this id when targeting a credential like John suggested doesn’t work. A new credential with name “id number” is created.
Can it be that I’m using ansible.tower collection v3.7.1 from Automation Hub and Ansible Tower 3.7.1.
Maybe Red Hat is just behind the commits in awx and it does not work because of that.
/Jocke
onsdag 1 juli 2020 kl. 10:30:55 UTC+2 skrev Joacim Mårtensson:
Did you pass the organization parameter to the tower_credential module? That should disambiguate them if it’s only a matter of 1 name in 2 organizations.
I was thinking about related objects as ids, but sounds like this doesn’t actually fit your situation.
Hi,
Yes for tower_credential I specified organization.
In tower_role I cant as then it thinks Ill altering the role for the organization instead of the team.
/Jocke
onsdag 1 juli 2020 kl. 12:50:58 UTC+2 skrev arom...@redhat.com:
Okay, I got turned around with tower_role and tower_credential. Your problem is specifying a related object for the tower_role module.
So then does the task that doesn’t work look like:
tower_role:
credential: 5
user: Joacim
state: present
role: use
I think we probably do have a bug, where the tower_role module, specifically, doesn’t try the given value as a primary key. If this is correct, then one of us should file an issue for it.
Hi,
Yeah sorry about the mix up.
I have issues when trying to target things with tower_role and tower_credential.
Using an id would have helped but that does not work.
First I create two credentials with the same name but in different organizations
credential_type: Machine
state: present
inputs:
ssh_key_data: “{{ mykey }}”
register: tower_output1
credential_type: Machine
state: present
inputs:
ssh_key_data: “{{ mykey }}”
register: tower_output2
The I tried using tower_role to give a team access to the first credential
tower_role:
credential: testcred
role: use
team: testteam
This ends up in:
fatal: [localhost]: FAILED! => changed=false
msg: An unexpected number of items was returned from the API (2)
Then I tried using the id instead
tower_role:
credential: “{{ tower_output1.id }}”
This gives:
fatal: [localhost]: FAILED! => changed=false
invocation:
module_args:
credential: ‘61’
…
msg: Failed to update role, credential not found in credentials
I’m also trying to use the id to target a specific credential to change the organization, like this:
credential_type: Machine
state: present
inputs:
ssh_key_data: “{{ mykey }}”
This ends up with a new credential named integer value of ’ tower_output1.id’ in the new organization.
Thank you
Jocke
onsdag 1 juli 2020 kl. 14:02:50 UTC+2 skrev arom...@redhat.com: