strange error message from file lookup plugin

Archives Ansible Project
1

until now i believed that the file lookup only bites when the file is available (ssh key in this example), but instead it fails if it not exists. any hints on the reason of this strange behaviour?

error message:

`
TASK [manage_ldap_users : authorized_key] *********************************************************************************************************************************************************************
[WARNING]: Unable to find ‘files/keys/kwo.key.pub’ in expected paths (use -vvvvv to see paths)

fatal: [TESTHOST]: FAILED! => {}

MSG:

An unhandled exception occurred while running the lookup plugin ‘file’. Error was a <class ‘ansible.errors.AnsibleError’>, original message: could not locate file in lookup: files/keys/user2.key.pub
Enter code here…
`

play:

`

  • block:

  • name: enable aml users
    blockinfile:
    dest: /etc/security/user
    backup: no
    marker: “*** {mark} ***”
    marker_begin: “BEGIN - ADDED WITH ANSIBLE - {{ item.name }}”
    marker_end: “END - ADDED WITH ANSIBLE - {{ item.name }}”
    state: “{{ item.state }}”
    block: |
    {{ item.name }}:
    SYSTEM = “LDAP”
    registry = LDAP
    with_items: “{{ aml_users }}”

  • name: prepare homes
    include_tasks: “{{ role_path }}/tasks/create_homes.yml”
    with_items: “{{ aml_users }}”
    when: create_aml_users.stat.exists
    Enter code here…
    `

included task:

`

  • shell: “lsuser -R LDAP -a pgrp {{ item.name }} | awk ‘{print $2}’ | cut -d= -f2”
    register: primary_group
    failed_when: false
    changed_when: false

  • shell: “lsuser -R LDAP -a home {{ item.name }} | awk -F= ‘{print $2}’”
    register: home_dir
    failed_when: false
    changed_when: false

  • file:
    path: ‘{{ home_dir.stdout | default(“/home/”+item.name) }}’
    state: directory
    owner: “{{ item.name }}”
    group: ‘{{ primary_group.stdout | default(item.name) }}’
    when: “item.state == ‘present’”

  • file:
    path: ‘{{ home_dir.stdout | default(“/home/”+item.name) }}’
    state: absent
    owner: “{{ item.name }}”
    group: ‘{{ primary_group.stdout | default(item.name) }}’
    when: “item.state == ‘absent’”

  • authorized_key:
    user: “{{ item.name }}”
    state: “{{ item.state }}”
    key: “{{ lookup(‘file’, ‘files/keys/’+ item.name + ‘.key.pub’) }}”
    when: “item.state == ‘present’”
    Enter code here…
    `

vars file structure:

`
aml_users:

  • name: “user1”
    comment: “some name”
    state: present
  • name: “user2”
    comment: “some name”
    state: present
  • name: “user3”
    comment: “some name”
    state: present

`

2

I'm not sure i understand exactly what you are expecting, but in newer
version of ansible you can control lookup errors

https://docs.ansible.com/ansible/latest/plugins/lookup.html#using-lookup-plugins

3

well, dumbass me was absolutly shure that the file lookup only occurs if the named file exists…so the error came from the authorized_key module not from the lookup plugin.

the following fixed it…

`

  • stat:
    path: “{{ role_path+‘/files/keys/’+item.name+‘.key.pub’ }}”
    register: has_key
    delegate_to: 127.0.0.1

  • authorized_key:
    user: “{{ item.name }}”
    state: present
    key: “{{ lookup(‘file’, ‘files/keys/’+item.name+‘.key.pub’) }}”
    when: (item.state == ‘present’) and
    (has_key.stat.exists == True)

`