Hi,
when trying to install keys to a java keystore I am using the following task:
`
- name: java install ssl certs
shell:
source /etc/profile.d/java.sh;
cd $JAVA_HOME/jre/lib/security;
$JAVA_HOME/bin/keytool -import -noprompt -keystore cacerts -alias {{ item }} -file /tmp/{{ item }}.crt -storepass storepass
register: command_result
changed_when: “‘already exists’ not in command_result.stdout”
failed_when: “‘already exists’ not in command_result.stdout”
`
If the key has already been added, keytool returns ‘1’ and writes ‘…already exists’ to stdout.
I would like the task not to fail either:
- if the key has been added
or
the key already exists.
I tried the condition
failed_when: “‘already exists’ not in command_result.stdout and command_result.rc != 0”
But that one does not work (error while evaluating conditional).
Any ideas how to achieve this task?
Thanks a lot
Multiple checks looks like:
failed_when: color == ‘blue’ or number == 5
Note that if you are telling when not to fail, you will need to negate your condition.
Ansible denotes lists of conditions as “ORs” so:
failed_when:
- color == ‘blue’
- number == 5
Is equivalent syntax.
Okay thanks, maybe I got some problem with the semantics:
`
failed_when:
- “‘already installed’ not in command_result.stderr”
- “command_result.rc == 1”
`
Does not fail if either of the conditions is false ( so it does not fail if result.rc == 1 and ‘already installed’ is in stderr) which in this case is the desired behaviour.
If one reads this task one could think that any of the list is a fail condition (so if one condition is true, everything fails), so this is not a real ‘OR’?
Maybe there should be a module with ‘passed when:’ ?
Thanks
Just hit a similar thing. I feel that ‘passed_when’ or ‘succeeded_when’ would make for simpler playbooks in several cases.
Also - it’s not clear from the docs what syntax is allowed fo failed_when. Is it parsed as Python? i.e. any valid Python expression allowed?
when: and all *_when: are parsed by jinja, so any valid jinja2
expression should work. If the docs are not clear on this we do take
PRs to make them better.
I just hit this issue (two years after you did) and the reply to my issue was that Ansible list syntax does an implicit AND on the multiple conditions, not OR, contradicting what Michael DeHaan wrote above earlier. I’m asking the Ansible project to document this somewhere, not obvious at all.
My issue submission for reference:
https://github.com/ansible/ansible/issues/18311
Using your original example, re-formatting as follows should work:
failed_when: >
‘already installed’ not in command_result.stderr or
command_result.rc == 1