Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/file/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
File 如何使用ansible中的标记更新文件中的密码?_File_Replace_Ansible_Passwords_Updates - Fatal编程技术网
Fatal编程技术网
  • file/
  • File 如何使用ansible中的标记更新文件中的密码?

File 如何使用ansible中的标记更新文件中的密码?

file replace ansible passwords

File 如何使用ansible中的标记更新文件中的密码?,file,replace,ansible,passwords,updates,File,Replace,Ansible,Passwords,Updates,我有一组跨多个主机的属性文件。下面是一个示例文件 cat app1.properties url=whateever protocol=t3 envpass=whateverpass port=7665 我希望使用ansible更新密码 $ ansible-playbook playbook.yml -e new_password=brandnewpass PLAY [Change all possible password properties] *********************

我有一组跨多个主机的属性文件。下面是一个示例文件

cat app1.properties
url=whateever
protocol=t3
envpass=whateverpass
port=7665
我希望使用ansible更新密码

$ ansible-playbook playbook.yml -e new_password=brandnewpass

PLAY [Change all possible password properties] *****************************************************************************************************************************************************************************************

TASK [Show our file before (possible) modification] ************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=oldpass",
        "port=7665",
        "dbpass=oldpass",
        "systempass=oldpass",
        "password=oldpass",
        "pwd=oldpass",
        "pass=oldpass"
    ]
}

TASK [Modify the file if needed] *******************************************************************************************************************************************************************************************************
changed: [localhost]

RUNNING HANDLER [Show the file after modification] *************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=brandnewpass",
        "port=7665",
        "dbpass=brandnewpass",
        "systempass=brandnewpass",
        "password=brandnewpass",
        "pwd=brandnewpass",
        "pass=brandnewpass"
    ]
}

PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
问题在于属性文件
envpass
中的密码变量可能在其他文件中存在其他内容。因此,我无法使用
replace
模块

因此,它可以是任何文件中的任何内容,并且可能出现任意次数,如下所示:

dbpass=xxxxxx
systempass=xxxxxx
password=xxxxx
pwd=xxxxxx
pass=xxxxx
我在想,是否可以在属性文件中的密码条目上方放置一行变量名为
envpass
的标记,如下图所示,并使用它以某种方式更新密码,如
envpass=whateverNEWpass

cat app1.properties
url=whateever
protocol=t3
<!-- {mark} ANSIBLE MANAGED PASSWORD variable envpass -->
envpass=whateverpass
port=7665

$ ansible-playbook playbook.yml -e new_password=brandnewpass

PLAY [Change all possible password properties] *****************************************************************************************************************************************************************************************

TASK [Show our file before (possible) modification] ************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=oldpass",
        "port=7665",
        "dbpass=oldpass",
        "systempass=oldpass",
        "password=oldpass",
        "pwd=oldpass",
        "pass=oldpass"
    ]
}

TASK [Modify the file if needed] *******************************************************************************************************************************************************************************************************
changed: [localhost]

RUNNING HANDLER [Show the file after modification] *************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=brandnewpass",
        "port=7665",
        "dbpass=brandnewpass",
        "systempass=brandnewpass",
        "password=brandnewpass",
        "pwd=brandnewpass",
        "pass=brandnewpass"
    ]
}

PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

cat app1.properties
url=什么
协议=t3
envpass=什么都可以
端口=7665
期望输出:

cat app1.properties
url=whateever
protocol=t3
<!-- {mark} ANSIBLE MANAGED PASSWORD variable envpass-->
envpass=whateverNEWpass
port=7665

cat app1.properties
url=什么
协议=t3
envpass=什么样的新过程
端口=7665
您可以建议吗?

基于regexp,因此您可以在现有值为:

-替换:
路径:/path/to/file
regexp:“^envpass=.*”
替换:“envpass={{password}}”
如果要确保在文件中设置了密码,无论行
envpass
是否存在,都可以使用:

$ ansible-playbook playbook.yml -e new_password=brandnewpass

PLAY [Change all possible password properties] *****************************************************************************************************************************************************************************************

TASK [Show our file before (possible) modification] ************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=oldpass",
        "port=7665",
        "dbpass=oldpass",
        "systempass=oldpass",
        "password=oldpass",
        "pwd=oldpass",
        "pass=oldpass"
    ]
}

TASK [Modify the file if needed] *******************************************************************************************************************************************************************************************************
changed: [localhost]

RUNNING HANDLER [Show the file after modification] *************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=brandnewpass",
        "port=7665",
        "dbpass=brandnewpass",
        "systempass=brandnewpass",
        "password=brandnewpass",
        "pwd=brandnewpass",
        "pass=brandnewpass"
    ]
}

PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

-lineinfle:
路径:/path/to/file
regexp:“^envpass=.*”
行:“envpass={{password}}”
如果该行已经存在,这将更改该值,否则将添加它。

在@Zigarn answer上建立

我想当然地认为,从长远来看,为了进行适当的管理,您可以控制持有您需要更改的密码的财产列表

如前所述,
ansible.builtin.replace
在给定文件中查找
regexp
replace
字符串可以包含对
regexp
中匹配组的反向引用。然后完全可以构建一个与任何已知属性匹配的regexp,并在任何需要的地方替换密码

$ ansible-playbook playbook.yml -e new_password=brandnewpass

PLAY [Change all possible password properties] *****************************************************************************************************************************************************************************************

TASK [Show our file before (possible) modification] ************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=oldpass",
        "port=7665",
        "dbpass=oldpass",
        "systempass=oldpass",
        "password=oldpass",
        "pwd=oldpass",
        "pass=oldpass"
    ]
}

TASK [Modify the file if needed] *******************************************************************************************************************************************************************************************************
changed: [localhost]

RUNNING HANDLER [Show the file after modification] *************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=brandnewpass",
        "port=7665",
        "dbpass=brandnewpass",
        "systempass=brandnewpass",
        "password=brandnewpass",
        "pwd=brandnewpass",
        "pass=brandnewpass"
    ]
}

PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
这是一本演示剧本。我使用了一个额外的var和一个默认值作为密码,您可以根据需要更改它

---
-名称:更改所有可能的密码属性
主机:本地主机
收集事实:错误
变量:
密码\u属性:
-恩帕斯
-dbpass
-系统通行证
-密码
-pwd
-通过
test\u文件:test.properties
任务:
-名称:在(可能)修改之前显示我们的文件
调试:
msg:“{{lookup('file',test_file).split('\n')}”
-名称:根据需要修改文件
替换:
路径:“{test_file}}”
regexp:>-
^({{password_properties}连接('|')})\s*=\s*\s*$
替换:>-
\g={{new_password}默认('oldpass')}
通知:文件\u已修改
处理程序:
-名称:显示修改后的文件
听:文件被修改了
调试:
msg:“{{lookup('file',test_file).split('\n')}”
其中:

  • 第一次在默认内容上运行而不进行更改 
    $ ansible-playbook playbook.yml

PLAY [Change all possible password properties] *****************************************************************************************************************************************************************************************

TASK [Show our file before (possible) modification] ************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=oldpass",
        "port=7665",
        "dbpass=oldpass",
        "systempass=oldpass",
        "password=oldpass",
        "pwd=oldpass",
        "pass=oldpass"
    ]
}

TASK [Modify the file if needed] *******************************************************************************************************************************************************************************************************
ok: [localhost]

PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
  • 更改密码 
    $ ansible-playbook playbook.yml -e new_password=brandnewpass

PLAY [Change all possible password properties] *****************************************************************************************************************************************************************************************

TASK [Show our file before (possible) modification] ************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=oldpass",
        "port=7665",
        "dbpass=oldpass",
        "systempass=oldpass",
        "password=oldpass",
        "pwd=oldpass",
        "pass=oldpass"
    ]
}

TASK [Modify the file if needed] *******************************************************************************************************************************************************************************************************
changed: [localhost]

RUNNING HANDLER [Show the file after modification] *************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": [
        "url=whateever",
        "protocol=t3",
        "envpass=brandnewpass",
        "port=7665",
        "dbpass=brandnewpass",
        "systempass=brandnewpass",
        "password=brandnewpass",
        "pwd=brandnewpass",
        "pass=brandnewpass"
    ]
}

PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
OPs问题在于,除了
envpass
之外,可能还有许多其他属性需要更新密码。如果事先知道这些情况,更换可能仍然是一条路(无论如何,这应该是适当管理的情况)