Using include_role multiple times

Archives Ansible Project
1

Need help with this one!
Why are {{ ldap_config_endpoint }} not set the second time i call the include_role
"fatal: [10.141.112.2]: FAILED! => {“msg”: “The task includes an option with an undefined variable. The error was: {{ ldap_config_endpoint }}: {{ item.endpoint }}: ‘dict object’ has no attribute 'endpoint”

----- ldap.yaml --------

  • name: Apply ldap configuration
    include_tasks: tasks/apply_ldap_config.yml
    vars:
    ldap_config: “{{ item.config }}”
    ldap_config_endpoint: “{{ item.endpoint }}”
    loop:
  • { endpoint: ‘cm/service/roles/mgmt-NAVIGATORMETASERVER/config’, config: “{{ cloudera_navigator_ldap_config }}” }
  • { endpoint: ‘cm/config’, config: “{{ cloudera_manager_ldap_config }}” }
    when: scm_enable_ldap

----- apply_ldap_config.yml ------

  • name: Get current LDAP config
    include_role:
    name: cloudera.cm_api
    vars:
    cm_api_action: “{{ ldap_config_endpoint }}”
    cm_api_method: “GET”

  • set_fact:
    _current_ldap_config: “{{ cm_api_response.json[‘items’] | items2dict(key_name=‘name’, value_name=‘value’) }}”

  • name: Check if any config should be changed and notify cloudera manager server to restart if that is the case
    debug:
    msg: “Stale LDAP configuration”
    loop: “{{ ldap_config | dict2items(key_name=‘name’, value_name=‘value’)}}”
    when: _current_ldap_config[item.name] != item.value
    changed_when: _current_ldap_config[item.name] != item.value
    notify: Restart cloudera manager server
    no_log: true

  • name: Apply LDAP configuration
    include_role:
    name: cloudera.cm_api
    vars:
    cm_api_action: “{{ ldap_config_endpoint }}”
    cm_api_method: “PUT”
    cm_api_body:
    items: “[ {{ item }} ]”
    loop: “{{ ldap_config | dict2items(key_name=‘name’, value_name=‘value’)}}”
    when: _current_ldap_config[item.name] != item.value
    no_log: true

2

you are using 2 loops and the 2nd one does not seem have items with
'endpoint' in them

use loop_control to rename at least one of the loop variables so they
don't overlap.

3

Thanks for your feedback!

ldap_config_endpoint is a var set in the loop for include_tasks(apply_ldap_config.yml) in ldap.yaml
So the var should be available for all of the tasks in apply_ldap_config.yml including both the include_role calls, right?
When calling the first include_role the value is set/valid and everything works fine. When getting to the second include_role call in the same file the value seems to be empty.

/Kim

torsdag 13. oktober 2022 kl. 16:23:02 UTC+2 skrev Brian Coca:

4

You are misreading the error, see this:

     {{ item.endpoint }}: 'dict object' has no endpoint

the problem is the "ITEM" variable as you have 2 loops, the 2nd one is
overwriting the value, yet you expect the value to look like the first

5

Of course! THANK YOU!
Sometimes you overlook the obvious…

Kinda embarrassing to use time on something like this… hehe

torsdag 13. oktober 2022 kl. 17:18:03 UTC+2 skrev Brian Coca: