Hi there,
I have a password vault and a script to which I am passing a password.
The vault looks kind of like this:
`
Use "quote" filter
https://docs.ansible.com/ansible/devel/user_guide/playbooks_filters.html#id8
- name: my-script
script: My-Script.ps1 -secret {{ vault_password|quote }}
Cheers,
-vlado
Hi Vlado,
Apologies for the delayed reply. Unfortunately, that hasn’t worked. In the documentation that you linked to, that syntax is described in connection with the shell operator rather than the script.
I tried this:
`
- name: my-script
script: My-Script.ps1 -secret {{ vault_password | quote }}
`
and
`
- name: my-script
script: My-Script.ps1 -secret {{ vault_password | join(“”) }}
`
Both produced the same result as before.
Thank you.
Hi Stephen,
> > vault_password: abc(123
> > tasks:
> > - name: my-script
> > script: My-Script.ps1 -secret {{ vault_password }}
> >
> > (Missing closing ')' in expression.:String)
>
> Use "quote" filter
> https://docs.ansible.com/ansible/devel/user_guide/playbooks_filters.html#id8
>
> - name: my-script
> script: My-Script.ps1 -secret {{ vault_password|quote }}
Apologies for the delayed reply. Unfortunately, that hasn't worked. In
the documentation that you linked to, that syntax is described in
connection with the shell operator rather than the script.I tried this:
- name: my-script
script: My-Script.ps1 -secret {{ vault_password | quote }}
and
- name: my-script
script: My-Script.ps1 -secret {{ vault_password | join("") }}
Both produced the same result as before.
This is strange. It works for me.
$ cat my-script.sh
#!/bin/sh
echo $1
exit 0
$ cat play.yml
- hosts: localhost
vars:
vault_password: abc(123
tasks:
- script: 'my-script.sh {{ vault_password|quote }}'
register: result
- debug:
var: result.stdout
$ ansible-playbook play.yml
[...]
ok: [localhost] => {
"result.stdout": "abc(123\n"
}
Without quoted argument I see this error:
fatal: [localhost]: FAILED! => {"changed": true, "msg": "non-zero return
code", "rc": 2, "stderr": "/bin/sh: 1: Syntax error: \"(\" unexpected\n",
"stderr_lines": ["/bin/sh: 1: Syntax error: \"(\" unexpected"], "stdout":
"", "stdout_lines": }
Cheers,
-vlado
The error "Missing closing ')'..." is very probably reported by the script.
Find out how to pass the argument to the script from the command-line before
you proceed with Ansible.
Cheers,
-vlado
Hi Vlado,
You are right, it is the Powershell parameter interpretation. I have previously tried quoting in the Ansible playbook like:
`
- name: my-script
script: My-Script.ps1 -svc_password ‘{{ vault_password }}’
`
and
`
- name: my-script
script: My-Script.ps1 -svc_password “{{ vault_password }}”
`
Neither of these worked. Per your suggestion I tried:
`
- name: my-script
script: My-Script.ps1 -svc_password {{ ‘vault_password’ }}
`
This worked, I’ll admit, I’m a little surprised. I have to do some reading on Jinja2.
Thank you!
Hi Stephen,
- name: my-script
script: My-Script.ps1 -svc_password '{{ vault_password }}'and
- name: my-script
script: My-Script.ps1 -svc_password "{{ vault_password }}"
Quoting from *Gotchas*: "If your value starts with a quote the entire value
must be quoted, not just part of it..."
https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html#gotchas
Correct syntax is
- name: my-script
script: 'My-Script.ps1 -svc_password {{ vault_password }}'
and
- name: my-script
script: "My-Script.ps1 -svc_password {{ vault_password }}"
- name: my-script
script: My-Script.ps1 -svc_password {{ 'vault_password' }}This worked, I'll admit, I'm a little surprised...
I'm surprised too. In my case
- script: my-script.sh {{ 'vault_password' }}
register: result
the result was
ok: [localhost] => {
"result.stdout": "vault_password\n"
}
Cheers,
-vlado
Hi Vlado,
That does make more sense. Thank you.