I’m using Ansible 2.3.0 and writing a playbook that creates MySQL users based on a list of user.
My playbook tree:
`
–inventories
–staging
–hosts
–roles
–create_mysql_users
–tasks–main.yml
–vars
–mysql_users.yml
–site.yml
`
site.yml
`
`
roles/create_mysql_users/tasks/main.yml
`
When you are using include-vars to import into the mysql-users
variable, you are creating an 'unsafe object' that Ansible uses
internally to track 'data from modules' and avoid templating them as
they can lead to security issues.
if you create a vars file with:
mysql_user:
- name: user1
...
and use vars_files, it should work normally.
I'm going to check with the rest of the team to see if this is a
behaviour we want for include vars (it is not a 'normal module'). For
now you can use the workaround above.
I just noticed, mysql_users is NOT a list, its a dictionary:
user1: { username: user1, password: secret, host: "%", priv:
"*.*:ALL,GRANT", state: present }
would require:
name: "{{ mysql_users[item]['username'] }}"
to use as you expect you would have to define as:
- { username: user1, password: secret, host: "%", priv:
"*.*:ALL,GRANT", state: present }
or
- username: user1
password: secret
....