how to restrict scope for set_fact variable

Archives Ansible Project
1

Hi All,

below is my playbook
mserver: [1.1.1.1,2.2.2.2]
doamin: [3.3.3.3,4.4.4.4]

tasks:

  • include_role:
    name: validateip
    when: object_type == “ip”
    with_together:
  • “{{ mserver_hostname }}”
  • “{{ domain }}”

under that role login,validation and logout tasks are performed
validation script-

  • name: Checking Network objects
    uri:
    url: “https://{{item.0}}/web_api/show-objects”
    validate_certs: False
    method: POST
    headers:
    x-chkp-sid: “{{ login.json.sid }}”
    body:
    type: host
    filter: “{{ip}}”
    ip-only: true
    body_format: json
    register: check_host_result
    when: item.0 != “”

  • debug:
    var: check_host_result

  • name: Checking if Network Object exists
    set_fact:
    item_ip_exists: true
    obj_name: “{{ item2[‘name’] }}”
    loop: “{{ check_host_result.json.objects }}”
    loop_control:
    loop_var: item2
    when:

  • item2[‘ipv4-address’] is defined and item2[‘ipv4-address’] == ip

  • debug:
    msg: “Network Object exists with name [{{obj_name}}]”
    when: item_ip_exists is defined

  • debug:
    msg: " Network Object ({{ip}}) will be created"
    when: item_ip_exists is not defined

I am facing issue for set_fact variable like obj_name and item_ip_exists
so when loop runs on first item and if object is present so it set both the variable (obj_name and item_ip_exists ) and print the correct debug messages.
but when 2nd item executed and there if object is not present so it is printing the wrong debug message due to the set_fact variables( obj_name and item_ip_exists) which has already the value from the first items execution
so how i can restrict the scope of set_fact variables ( obj_name and item_ip_exists ) so when second item execute the variables take the value from there not from previously set_fact values.
I am totally stuck here.
Please help me. Thanks in advance.

2

Could any one please help me on it . Appriciate your help in advance .

3

Hi,
can any one please suggest on it or any other way through I can accomplish it.

4

Hi ,

how to resolve this issue.I guess we can not restrict the scope of set_fact variable we can set the value null but in my case ,i wanted the set_facts variables value is undefined so when the 2nd item of loop executed so it will get the value from that execution.

can any one suggest any-other way to accomplish my task.

5

can any one suggest any-other way to accomplish my task.

Make it [mcve] and include an expected result
[mcve] https://stackoverflow.com/help/minimal-reproducible-example

Hints:
* Does your problem depend on the included role? If not, remove it.
* Does your problem depend on the uri module? If not, remove it.
* Create the lists as simple as possible to demonstrate the problem

It seems that your problem might be limited to a single task. Please help us
to help you.

6

Thanks Vladmir for replying on my post.
in my question inculd_role and the validation task script is necessary to understand my question.

so basically in my playbook i am calling a role and looping that role with two lists mserver and domain

. I am performing validation of object on firewall using the firewall api and getting the r present object in “check_host_result.json.object” and then i write the task to check object is present .where I am using set_fact variable item_ip_exists and item_name. my problem is when list’s first item executed then both set_fact variables have the values but when lists second item executed and if object is not present on there that task is referencing the previous set_fact varaibles value and printing the debug message incorrect.

below is the lists
mserver: [1.1.1.1,2.2.2.2]
doamin: [3.3.3.3,4.4.4.4]

  • name: Checking Network objects
    uri:
    url: “https://{{item.0}}/web_api/show-objects”
    validate_certs: False
    method: POST
    headers:
    x-chkp-sid: “{{ login.json.sid }}”
    body:
    type: host
    filter: “{{ip}}”
    ip-only: true
    body_format: json
    register: check_host_result
    when: item.0 != “”

  • name: Checking if Network Object already exists
    set_fact:
    item_ip_exists: true
    item_name: “{{ item2[‘name’] }}”
    loop: “{{ check_host_result.json.objects }}”
    loop_control:
    loop_var: item2
    when:

  • item2[‘ipv4-address’] is defined and item2[‘ipv4-address’] == ip

  • debug:
    msg: “Network Object exists with name [{{item_name}}]”
    when: item_ip_exists is defined

  • debug:
    msg: “Network Object does not exist”
    when: item_ip_exists is not defined