I’ve been having trouble with the copy module, using with_items and a vault. I pulled the devel version of ansible so the version should be 1.7.2 + changes added since then.
I put the whole thing in a public bitbucket repository. You can retrieve it with this:
git clone git@bitbucket.org:tekberg/ansible-foo.git
I distilled the problem down to this small set of files. The larger case has more things (keys, certs, CSR) in the vault. I use with_items to iterate through them and copy the data to where the keys, certs, CSR belong in Unbuntu.
The instructions on how to run it are included in foo.yml - your host may vary.
The main part is using the copy module:
tasks:
- name: install private key, if one exists
copy:
dest: "{{ item[1] }}"
content: "{{ item[0] }}"
when: item[1]
with_items:
- ("{{PRIVATE_KEY}}", "{{PRIVATE_KEY_FILE}}")
My larger case has more in with_items. The things in caps are in the vault. I had to do the "{{PRIVATE_KEY}}" because without the punctuation item[0] was 'PRIVATE_KEY'. Here is a snippet of the ansible output:
failed: [apps2] => (item=(PRIVATE_KEY, PRIVATE_KEY_FILE)) => {"failed": true, "item": "(PRIVATE_KEY, PRIVATE_KEY_FILE)", "md5sum": "84c40473414caf2ed4a7b1283e48bbf4"}
With the extra "{{...}}" syntax it still fails, but item looks better:
failed: [apps2] => (item=("dfihahf
adkfhalkdfjhalkdghalghjalkjd
49147174*&^(^&((&
", "/etc/ssl/private/foo.key")) => {"failed": true, "item": "(\"dfihahf\nadkfhalkdfjhalkdghalghjalkjd\n49147174*&^(^&((&\n\", \"/etc/ssl/private/foo.key\")", "md5sum": "84c40473414caf2ed4a7b1283e48bbf4"}
You can see item[0] is a 3 line value and item[1] is the a file name.
The error I get is:
msg: Destination directory does not exist
I hacked the ansible source to display more for this error and this is the result:
msg: TWE Destination directory does not exist
dest=", len(dest)=1
So it is trying to deal with a file name consisting of a single double quote.
I have tried everything I could think of but nothing works. Do you have an idea on what I am doing wrong?