Ansible 理解可解释条件句
我有一个包含多个任务的playbook(CIS合规标准),我希望根据ansible返回代码生成“成功”或“失败”Ansible 理解可解释条件句,ansible,Ansible,我有一个包含多个任务的playbook(CIS合规标准),我希望根据ansible返回代码生成“成功”或“失败” --- - name: 2.2.# Ensure ### Server is not enabled block: - name: Check if ### exists stat: path=/usr/lib/systemd/system/###.service register: exists - name: Disable if e
---
- name: 2.2.# Ensure ### Server is not enabled
block:
- name: Check if ### exists
stat: path=/usr/lib/systemd/system/###.service
register: exists
- name: Disable if exists
service:
name: ###
state: stopped
enabled: no
when: exists.stat.exists
register: result
- name: To File
block:
- name: Success
lineinfile:
dest: ./results/{{ customer }}-{{ scan_type }}-{{ inventory_hostname }}.txt
line: "{{ inventory_hostname }} 2.2.9 success"
insertafter: EOF
delegate_to: localhost
check_mode: False
when: ((result is skipped) or (result.enabled == false))
- name: Failed
lineinfile:
dest: ./results/{{ customer }}-{{ scan_type }}-{{ inventory_hostname }}.txt
line: "{{ inventory_hostname }} 2.2.9 failed"
insertafter: EOF
delegate_to: localhost
check_mode: False
when: ((result is not skipped) or (result.enabled == true))
when: ((result is not skipped) or (result.enabled == true))
when: ((result is not skipped) or (result.enabled == true))
我做错了什么?你的意思是跳过
结果而不是结果不被跳过
?在任何情况下,都可以使用default
过滤器解决此问题,如果输入表达式未定义,该过滤器将提供默认值。例如:
when: result.enabled|default(false) == true
当然,由于这是一个布尔值,您可以进一步将其简化为:
when: result.enabled|default(false)
我的意思是没有跳过结果
,如果没有跳过Disable if exsits
部分或者结果返回enabled为true,则需要触发“failed”部分。我刚刚尝试了你的解决方案,结果喜忧参半。我知道您的解决方案是更干净、更正确的选择,但我已经设法让它暂时与block rescue
配合使用。谢谢你的帮助