first_available_file not providing its results to item variable?

Javier_Candeira · September 18, 2013, 3:16am

I'm having trouble with first-available file, which I'm using to
authorise a ssh key for a given user like so:

  # TODO: add a forced-command so only gitpulling is allowed
  - name: put coreapi public key in cms user XXXX for synching
    authorized_key: user=XXXX state=present
                    key=$FILE({{item}})
    first_available_file:
      - keys/whitelabel_sites/{{deploy}}.coreapi.{{customer}}.enso_id_rsa.pub
      - keys/javier

This is my debug playbook:

- name: find out why the key isn't getting proper authorised 0 --
the variable interpolation
debug: msg="keys/whitelabel_sites/{{deploy}}.coreapi.{{customer}}.enso_id_rsa.pub"

  - name: find out why the key isn't getting proper authorised 1 -- the filename
    debug: msg=$item
    first_available_file:
      - keys/whitelabel_sites/{{deploy}}.coreapi.{{customer}}.enso_id_rsa.pub
      - keys/javier

  - name: find out why the key isn't getting proper authorised 2 --
the file contents
    debug: msg=$FILE({{item}})
    first_available_file:
      - keys/whitelabel_sites/{{deploy}}.coreapi.{{customer}}.enso_id_rsa.pub
      - keys/javier

And this is the output: only the customer name has been changed to
"customername":

TASK: [find out why the key isn't getting proper authorised 0 -- the
variable interpolation] ****
ok: [a.cms.customername.artpro.co] => {"msg":
"keys/whitelabel_sites/a.coreapi.customername.enso_id_rsa.pub"}

TASK: [find out why the key isn't getting proper authorised 1 -- the
filename] ***
ok: [a.cms.customername.artpro.co] => {"msg": "$item"}

TASK: [find out why the key isn't getting proper authorised 2 -- the
file contents] ***
fatal: [a.cms.customername.artpro.co] => One or more undefined
variables: 'item' is undefined

FATAL: all hosts have already failed -- aborting

Both files keys/whitelabel_sites/a.coreapi.customername.enso_id_rsa.pub
and keys/javier exist, and can be accessed. In fact one of them is
created in the previous play, with the same variable templating.

I'm about to declare it a bug in ansible, and not in my playbook. If
anybody can either confirm or disabuse me, I'll appreciate it.

Thanks,

Javier

Javier_Candeira · September 18, 2013, 3:17am

Sorry for replying to myself. I just upgraded to tag v1.3.1. This is
where the erroneous output comes from.

J

Michael_DeHaan2 · September 18, 2013, 12:12pm

So one possible thing I’d like you to change and then let us know if you still see a problem:

$FILE({{ item }}) should be written as

$FILE is legacy syntax, and also mixing old style templating and new is generally a bad idea as one runs before each other.

Let me know if you still have a problem after changing things over.

Javier_Candeira · September 20, 2013, 2:53am

Hi, Michael.

Thanks for your answer. The mucking about with $item and {{item}} was
part of my attempts at debugging. I had actually started interpolating
all variables in the jinja style. Thanks also for the advice on the
deprecation of $FILE syntax.

The issue was solved by benno on IRC. I repeat his solution here for
reference. It turns out that first_available_file is an option for the
copy and template modules, but not for the authorize_key module. His
solution was to use with_first_found, which is universally available
as a lookup plugin since https://github.com/ansible/ansible/pull/2260.

I see this as a documentation bug, and will be providing a patch to
the advanced playbooks docs page over the weekend.

However, the documentation might need a bit more significant overhaul.
May I suggest two more pages?

- leave a cursory explanation of lookup plugins in the advanced
playbooks page, and make a page with an exhaustive reference for types
of operators/lookups/etc, perhaps working from of
https://groups.google.com/forum/#!topic/ansible-project/IVUwp9195Ek
- make a specific page for the evolution of syntax/modules, so people
who have old playbooks don't have to look all around the documentation
for their needed changes. This is especially important for those of us
wearing several hats, and coming back to Ansible maybe once weekly, or
less frequently.

Regards,

Javier

Michael_DeHaan2 · September 21, 2013, 1:02pm

with_first_found is the new alternative to “first_available_file”.

You should only see FAF in legacy documentation and old examples.

The idea was to generalize it to a lookup plugin.

Right now you can keep up with the changelog, but the documentation will always show the favored way to do everything.

I don’t want to full up the docs with cruft about old systems, but we take lots of strides to ensure backwards compat on things.

If you try something that doesn’t have a docs example, expect it to not be a thing

Topic		Views
variable interpolation does not work when name is not used but does otherwise Ansible Project	2	December 20, 2012
Ansible 0.8 :: $FILE macro :: failed Ansible Project	5	November 14, 2012
Convention over configuration or generating list fact from list variable Ansible Project	3	July 4, 2014
authorized_key key path broken? Ansible Project	1	December 29, 2013
authorized_keys not looking in role 'files' directory for files Ansible Project	3	July 23, 2015

first_available_file not providing its results to item variable?

Related topics