Check existence of a value from dictionary with list

Hello all,

I have to implement a logic where I need to create a few secrets in kubernetes cluster using ansible. The login I am trying to implement is to get registered all the secrets in a namepsapce first, then create the secrets if that not present. I specifically want to know how I can validate the secret already present.

  • name: Get all insights secrets in namespace ‘{{ ansible_operator_meta.namespace }}’
    community.kubernetes.k8s_info:
    api_version: “v1”
    kind: “secrets”
    namespace: “{{ ansible_operator_meta.namespace }}”
    label_selectors:
  • project=myproject
    register: secrets_register
    when: debug is not defined

This will register all the secrets with specific label from the namespace. This will be dictionary with lists as given below.

secrets_register:
resources:

  • apiVersion: v1
    data:
    _DATA_ENCRYPTION_PASSWORD:VTJGc2RHVmtYMS82b2EyOW9CZXNBY3lWTmI4QzBEclZKaW40U2haQ3hTMGl6bUxXMmFmamVVMXNPRC9kQ05kcA==
    kind: Secret
    metadata:
    labels:
    name: data-encryption-password
    namespace: test
  • apiVersion: v1
    data:
    _DATA_ADMIN:VTJGc2RHVmtYMS82b2EyOW9CZXNBY3lWTmI4QzBEclZKaW40U2haQ3hTMGl6bUxXMmFmamVVMXNPRC9kQ05kcA==
    kind: Secret
    metadata:
    labels:
    name: mongodb-authsecret
    namespace: test
  • apiVersion: v1
    data:
    _DATA_TEST:VTJGc2RHVmtYMS82b2EyOW9CZXNBY3lWTmI4QzBEclZKaW40U2haQ3hTMGl6bUxXMmFmamVVMXNPRC9kQ05kcA==
    kind: Secret
    metadata:
    labels:
    name: ingressca
    namespace: test

And then I need to create secrets with a logic when secret_name not in secrets_register.resources[*].metadata.name is in secrets_register something like below.

  • name: Create secret
    k8s:
    state: present
    definition:
    apiVersion: v1
    kind: Secret
    type: Opaque
    metadata:
    name: “{{ secret_name }}”
    namespace: “{{ project_name | lower }}”
    data:
    config_data.json: “{{ lookup(‘template’, mongo_conn_templates_path + ‘/config_data.json’ ) | tojson | b64encode }}”
    when: >
    debug is not defined
    and secret_name not in secrets_register.resources[*].metadata.name is in secrets_register

But unfortunately I can’t get this statement “secret_name not in secrets_register.resources[*].metadata.name is in” working as I am not able to figure out how to check existence of a value in a dictionary of lists in ansible. Can someone help?

Thanks in advance,
Rijesh.