I wish to use a when statement that takes a variable passed in at command line (user), check it against a variable created with getent: (database: passwd). I am doing something wrong. I think the issue is two fold. 1. I think that I am not using my variables right in the when statement. 2. In this context, would I need to be pointing to local_users.ansible_facts.getent_passwd? or something similar?:
`
You only need the user task to do this.
Ansible will remove the user if it exist, if the user doesn't exist it will just carry on.
So you only need this
- name: Purge user
user:
name: "{{ user }}"
state: absent
remove: yes
I thought about that, don’t know why I didn’t just go with it. Out of curiosity though, what is wrong with my when statement (in case I use it in the future in a different scenario, I want to be able to reference this forum)?
the when is mostly fine, you are just making a bad assumption on the
structure of local_users:
when: user in local_users['ansible_facts']['getent_passwd']
would be the 'corrected' version
when: user in local_users[‘ansible_facts’][‘getent_passwd’]
Thank you Brian. Why local_users[‘ansible_facts’][‘getent_passwd’] vs local_users.ansible_facts.getent_passwd. Is that a preference? or is there reasoning behind it?
the first always works, the second is a 'jinja2' specific trick to
allow dot notation, but it doesn't always work, mostly when you use a
- in a name.
I see. Thank you!