Looping CF Templates with items loops and its reporting an error

Archives Ansible Project
1

Hello,

Here is the tasks/main.yml content


roles/patching-cf-ssm/tasks/main.yml
---
# tasks file for patching-cf-ssm
- name: create a cloudformation stack
cloudformation:
stack_name: "ansible-cloudformation"
state: "present"
disable_rollback: true
template: roles/patching-cf-ssm/files/{{ item }}
with_file:
- PatchBaseline.yml
- MaintenanceWindow.yml
...

Unfortunately throws me back an error as below

fatal: [localhost]: FAILED! => {“msg”: “The task includes an option with an undefined variable. The error was: ‘item’ is undefined\n\nThe error appears to be in ‘roles/patching-cf-ssm/tasks/main.yml’: line 3, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# tasks file for patching-cf-ssm\n- name: create a cloudformation stack\n ^ here\n”}

I used double quotes for roles/patching-cf-ssm/files/{{ item }} but still no luck.

Any idea why?

Regards,
Ameya

2

with_file should be indented back

3

Thanks, Dick, I did try and it is moving forward. But I think still something is fundamentally rooted.

My main.yml looks like below


cat main.yml
---
# tasks file for patching-cf-ssm
- name: create a cloudformation stack
cloudformation:
#aws_access_key: "{{ assumed_role.sts_creds.access_key }}"
#aws_secret_key: "{{ assumed_role.sts_creds.secret_key }}"
#security_token: "{{ assumed_role.sts_creds.session_token }}"
stack_name: "ansible-cloudformation"
state: "present"
disable_rollback: true
template: "roles/patching-cf-ssm/files/{{ item }}"
with_file:
- PatchBaseline.yml
- MaintenanceWindow.yml
#environment:
#AWS_ACCESS_KEY_ID: "{{ assumed_role.sts_creds.access_key }}"
#AWS_SECRET_ACCESS_KEY: "{{ assumed_role.sts_creds.secret_key }}"
#AWS_SECURITY_TOKEN: "{{ assumed_role.sts_creds.session_token }}"
...

And, I’m getting long error message as like below:


IOError: [Errno 36] File name too long: 'roles/patching-cf-ssm/files/AWSTemplateFormatVersion: 2010-09-09\nDescription: >-\n Creating Maintenance Window for Non-Production Windows Server Patching.\nResources:\n MaintenanceWindow:\n Type: AWS::SSM::MaintenanceWindow\n Properties:\n AllowUnassociatedTargets: false\n Cutoff: 1\n Description: Maintenance Window to update SSM Agent\n Duration: 6\n Name: MaintenanceWindowCFN\n Schedule: "cron(0 45 09 ? * TUE *)"\n ScheduleTimezone: "Australia/Melbourne"\n MaintenanceWindowTarget:\n Type: AWS::SSM::MaintenanceWindowTarget\n Properties:\n WindowId: !Ref MaintenanceWindow\n ResourceType: INSTANCE\n Targets:\n - Key: tag:Patch Group\n Values:\n - Group A\n OwnerInformation: SSM Target\n Name: SSMMaintenanceWindow\n Description: A target for demonstrating maintenance windows \n DependsOn: MaintenanceWindow\n MaintenanceWindowTask:\n Type: AWS::SSM::MaintenanceWindowTask\n Properties:\n WindowId: !Ref MaintenanceWindow\n Targets: \n - Key: WindowTargetIds\n Values:\n - !Ref MaintenanceWindowTarget\n TaskArn: AWS-RunPatchBaseline\n TaskType: RUN_COMMAND\n TaskInvocationParameters:\n MaintenanceWindowRunCommandParameters:\n Parameters:\n Operation:\n - Install\n Priority: 1\n MaxConcurrency: 2\n MaxErrors: 1\n Name: RegistrationTaskwithTargets\n DependsOn: MaintenanceWindowTarget'
failed: [localhost] (item=AWSTemplateFormatVersion: 2010-09-09
Description: >-
Creating Maintenance Window for Non-Production Windows Server Patching.
Resources:
MaintenanceWindow:
Type: AWS::SSM::MaintenanceWindow
Properties:
AllowUnassociatedTargets: false
Cutoff: 1
Description: Maintenance Window to update SSM Agent
Duration: 6
Name: MaintenanceWindowCFN
Schedule: "cron(0 45 09 ? * TUE *)"
ScheduleTimezone: "Australia/Melbourne"
MaintenanceWindowTarget:
Type: AWS::SSM::MaintenanceWindowTarget
Properties:
WindowId: !Ref MaintenanceWindow
ResourceType: INSTANCE
Targets:
- Key: tag:Patch Group
Values:
- Group A
OwnerInformation: SSM Target
Name: SSMMaintenanceWindow
Description: A target for demonstrating maintenance windows
DependsOn: MaintenanceWindow
MaintenanceWindowTask:
Type: AWS::SSM::MaintenanceWindowTask
Properties:
WindowId: !Ref MaintenanceWindow
Targets:
- Key: WindowTargetIds
Values:
- !Ref MaintenanceWindowTarget
TaskArn: AWS-RunPatchBaseline
TaskType: RUN_COMMAND
TaskInvocationParameters:
MaintenanceWindowRunCommandParameters:
Parameters:
Operation:
- Install
Priority: 1
MaxConcurrency: 2
MaxErrors: 1
Name: RegistrationTaskwithTargets
DependsOn: MaintenanceWindowTarget) => {
"ansible_loop_var": "item",
"changed": false,
"item": "AWSTemplateFormatVersion: 2010-09-09\nDescription: >-\n Creating Maintenance Window for Non-Production Windows Server Patching.\nResources:\n MaintenanceWindow:\n Type: AWS::SSM::MaintenanceWindow\n Properties:\n AllowUnassociatedTargets: false\n Cutoff: 1\n Description: Maintenance Window to update SSM Agent\n Duration: 6\n Name: MaintenanceWindowCFN\n Schedule: \"cron(0 45 09 ? * TUE *)\"\n ScheduleTimezone: \"Australia/Melbourne\"\n MaintenanceWindowTarget:\n Type: AWS::SSM::MaintenanceWindowTarget\n Properties:\n WindowId: !Ref MaintenanceWindow\n ResourceType: INSTANCE\n Targets:\n - Key: tag:Patch Group\n Values:\n - Group A\n OwnerInformation: SSM Target\n Name: SSMMaintenanceWindow\n Description: A target for demonstrating maintenance windows \n DependsOn: MaintenanceWindow\n MaintenanceWindowTask:\n Type: AWS::SSM::MaintenanceWindowTask\n Properties:\n WindowId: !Ref MaintenanceWindow\n Targets: \n - Key: WindowTargetIds\n Values:\n - !Ref MaintenanceWindowTarget\n TaskArn: AWS-RunPatchBaseline\n TaskType: RUN_COMMAND\n TaskInvocationParameters:\n MaintenanceWindowRunCommandParameters:\n Parameters:\n Operation:\n - Install\n Priority: 1\n MaxConcurrency: 2\n MaxErrors: 1\n Name: RegistrationTaskwithTargets\n DependsOn: MaintenanceWindowTarget",
"module_stderr": "Traceback (most recent call last):\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1594131096.31-26760-86736344792660/AnsiballZ_cloudformation.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1594131096.31-26760-86736344792660/AnsiballZ_cloudformation.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1594131096.31-26760-86736344792660/AnsiballZ_cloudformation.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.cloud.amazon.cloudformation', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib64/python2.7/runpy.py\", line 188, in run_module\n fname, loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 82, in _run_module_code\n mod_name, mod_fname, mod_loader, pkg_name)\n File \"/usr/lib64/python2.7/runpy.py\", line 72, in _run_code\n exec code in run_globals\n File \"/tmp/ansible_cloudformation_payload_3Xbko8/ansible_cloudformation_payload.zip/ansible/modules/cloud/amazon/cloudformation.py\", line 819, in <module>\n File \"/tmp/ansible_cloudformation_payload_3Xbko8/ansible_cloudformation_payload.zip/ansible/modules/cloud/amazon/cloudformation.py\", line 678, in main\nIOError: [Errno 36] File name too long: 'roles/patching-cf-ssm/files/AWSTemplateFormatVersion: 2010-09-09\nDescription: >-\n Creating Maintenance Window for Non-Production Windows Server Patching.\nResources:\n MaintenanceWindow:\n Type: AWS::SSM::MaintenanceWindow\n Properties:\n AllowUnassociatedTargets: false\n Cutoff: 1\n Description: Maintenance Window to update SSM Agent\n Duration: 6\n Name: MaintenanceWindowCFN\n Schedule: \"cron(0 45 09 ? * TUE *)\"\n ScheduleTimezone: \"Australia/Melbourne\"\n MaintenanceWindowTarget:\n Type: AWS::SSM::MaintenanceWindowTarget\n Properties:\n WindowId: !Ref MaintenanceWindow\n ResourceType: INSTANCE\n Targets:\n - Key: tag:Patch Group\n Values:\n - Group A\n OwnerInformation: SSM Target\n Name: SSMMaintenanceWindow\n Description: A target for demonstrating maintenance windows \n DependsOn: MaintenanceWindow\n MaintenanceWindowTask:\n Type: AWS::SSM::MaintenanceWindowTask\n Properties:\n WindowId: !Ref MaintenanceWindow\n Targets: \n - Key: WindowTargetIds\n Values:\n - !Ref MaintenanceWindowTarget\n TaskArn: AWS-RunPatchBaseline\n TaskType: RUN_COMMAND\n TaskInvocationParameters:\n MaintenanceWindowRunCommandParameters:\n Parameters:\n Operation:\n - Install\n Priority: 1\n MaxConcurrency: 2\n MaxErrors: 1\n Name: RegistrationTaskwithTargets\n DependsOn: MaintenanceWindowTarget'\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}

Maybe loops don’t work with cloudformation module?

Ameya

4

Thanks, Dick, I did try and it is moving forward. But I think still something is fundamentally rooted.

My main.yml looks like below

with_file puts the *contents* of each file into {{ item }}

So try with_items instead :slight_smile:

Regards
       Racke

5

Thanks, Stefan, it is working fine. Error is gone but still one issue for which I shall raise a separate question.

Thanks and regards,
Ameya Agashe