Sudden templating issue

harry_devine · October 29, 2024, 2:50pm

I have a playbook that gathers some information, then sets a fact based on that information. This has worked for over 2 years now. Over the weekend, the playbook started failing with an “unexpected templating type error”. Here’s the portion of the play:

  - name: Set List of users to get Disabled Warning message
    set_fact:
      warning_users: "{{ user_show.results | json_query('[*].json.result.result.{uid: uid[0], mail: mail[0], nsaccountlock: nsaccountlock, pwdexp: krbpasswordexpiration[0].__datetime__}') | selectattr('pwdexp','<',warning_date) | selectattr('nsaccountlock', 'equalto', False) | list }}"

Here’s the error:

fatal: [server1]: FAILED! => {“msg”: “Unexpected templating type error occurred on ({{ user_show.results | json_query(‘[*].json.result.result.{uid: uid[0], mail: mail[0], nsaccountlock: nsaccountlock, pwdexp: krbpasswordexpiration[0].datetime}’) | selectattr(‘pwdexp’,‘<’,warning_date) | selectattr(‘nsaccountlock’, ‘equalto’, False) | list }}): ‘<’ not supported between instances of ‘NoneType’ and ‘AnsibleUnsafeText’. ‘<’ not supported between instances of ‘NoneType’ and ‘AnsibleUnsafeText’”}

Any ideas on why this is suddenly no longer working? What I’m thinking that it could be was that on this server, Red Hat had me enable the ansible-automation-platform-2.4-for-rhel-8-x86_64-rpms repository as we’re trying to install AAP on this server. Could this have caused something to change? Ansible core is version 2.15.12.

Thanks,
Harry

jiholland · October 29, 2024, 5:22pm

Comparing a NoneType variable with AnsibleUnsafeText does not work, and it could be that you have an empty pwdexp variable in user_show.results.

---
- name: Test playbook that will fail.
  hosts: localhost
  vars:
    users_show:
      results:
        - pwdexp: a
        - pwdexp: b
        # This is empty, and will cause the task to fail.
        - pwdexp:
    warning_date: c

  tasks:

    - name: Set List of users to get Disabled Warning message
      ansible.builtin.set_fact:
        warning_users: "{{ users_show['results'] | selectattr('pwdexp', '<', warning_date) | list }}"

harry_devine · October 29, 2024, 6:03pm

How would I go about checking for an empty pwdexp value?

jiholland · October 29, 2024, 7:25pm

I would start by printing the variable, and then break down the expression step by step from there.

- name: Print variable.
  ansible.builtin.debug:
    msg: "{{ user_show.results }}"

- name: Print variable with first filter.
  ansible.builtin.debug:
    msg: "{{ user_show.results | json_query('[*].json.result.result.{uid: uid[0], mail: mail[0], nsaccountlock: nsaccountlock, pwdexp: krbpasswordexpiration[0].__datetime__}') }}"

Topic		Replies	Views
Getting error while running ansible playbook Get Help	5	166	June 2, 2024
Latest ansible-core releases forbid templating templates Project Discussions news-for-maintainers	0	359	December 5, 2023
How to get `AnsibleUnsafeText` to template? Get Help awx , documentation , playbook , fedora , ansible-core , rhel	6	111	October 28, 2024
Timeouts and broken templates in new galaxy.ansible.com Get Help galaxy-ng	4	237	October 3, 2023
Diff result between AAP / ansible cmdline dnf Get Help aap , dnf	10	57	September 24, 2024

Sudden templating issue

Related topics