I am having issues with using multiple conditions in when to validate whether or not to run a task.
Basically I am using extrended variables within the ansible command to state what sort of updates I want to run like this:
ansible-playbook site.yml -i inventory --ask-vault -u (username)-e “security=true restart=true” -k -K
name: Update all packages
yum:
name: “"
state: latest
exclude: "kernel”
when: security is not defined or kernel is not defined or specified_packages is not defined and ansible_os_family == “RedHat”
However I can not figure out a combination to get this conditional to run properly. Everytime I run it the playbook continues to run the task when I dont want it to. I already experimented with adding another variable to specify if I want to skip this task only but I would prefer it to automatically get skipped when I specify to run another type of update.
I’ve tried the following:
(security is not defined or kernel is not defined or specified_packages is not defined) and (ansible_os_family == “RedHat”)
(security is not defined or kernel is not defined or specified_packages is not defined) and ansible_os_family == “RedHat”
or even:
when: ansible_os_family == “RedHat”
when: security is not defined or kernel is not defined or specified_packages is not defined
I am having issues with using multiple conditions in when to validate
whether or not to run a task.
Basically I am using extrended variables within the ansible command to
state what sort of updates I want to run like this:
ansible-playbook site.yml -i inventory --ask-vault -u (username)-e
"security=true restart=true" -k -K
- name: Update all packages
yum:
name: "*"
state: latest
exclude: "kernel*"
when: security is not defined or kernel is not defined or
specified_packages is not defined and ansible_os_family == "RedHat"
However I can not figure out a combination to get this conditional to run
properly. Everytime I run it the playbook continues to run the task when I
dont want it to.
i want to run the task when ansible_os_family == “RedHat” (this works) AND if none of the following variables are set (security,kernel,specified_packages) through extended variables (-e)
My bad I was working with many different solutions and combinations so I got confused. I tried tons of complicated ways … can’t believe such a simple one worked lol. I probably over complicated it but what you suggested works great!
when: not (security is defined or kernel is defined or
specified_packages is defined) and ansible_os_family == “RedHat”
This doesn’t work as if I put the second value (in this case kernel) it tries to check it throws an error saying security is undefined. I found that jinja2 templates dont seem to work in the when clause. I tried many jinja2 templates that should work in regular situations but they failed (e.g when: security|d(‘’) = ’ ’ …etc or even when: security | default(‘false’) = false). Kai’s response works the best although I found a workaround to use false/true flags.
The jinja2 template, does work in the when clause.
In fact, you dont even need the curly brakets.
My example gave you an error because i missed the quotes around the items. The items arent variables, these are strings. So you cant get an “is not defined” with that code!
The following code skips the task:
hosts: all
vars:
var1: True
security: Hello
tasks:
name: This is a test task
debug:
msg: Yo
when: var1 and not vars.keys() | intersect([“security”,“kernel”,“specified_packages”])
This code runs it:
hosts: all
vars:
var1: True
tasks:
name: This is a test task
debug:
msg: Yo
when: var1 and not vars.keys() | intersect([“security”,“kernel”,“specified_packages”])