username我正在尝试根据子字典中的存在来过滤以下数据。
最佳解决方案是,当我不必提及每一个键时,例如agtsvcaccount, sqlsvcaccount, sapwd,因为这在其他模式中应该是通用的。
这是带有变量的示例输入input_parameters,此输出来自 Ansible 调试任务。
ok: [localhost] => {
"msg": {
"ansible": {
"limit": [
"vm1234.vmdomain.com",
"vm5678.vmdomain.com"
]
},
"mssql": {
"edition": "standard",
"language": "en",
"setupconfig": {
"action": "Install",
"agtsvcaccount": {
"type": "System User",
"username": "SQL_Agt",
"vault": "credvault",
"visibility": false
},
"agtsvcstartuptype": "Automatic",
"features": [
"SQLENGINE"
],
"forcereboot": false,
"instancename": "MSSQLINSTANCE",
"npenabled": true,
"sapwd": {
"type": "Database",
"username": "sa",
"vault": "credvault",
"visibility": false
},
"securitymode": "SQL",
"sqlcollation": "SQL_Latin1_General_CP1_CI_AS",
"sqlsvcaccount": {
"type": "System User",
"username": "SQL_Svc",
"vault": "credvault",
"visibility": false
},
"sqlsvcstartuptype": "Automatic",
"sqlsysadminaccounts": [
"Administrator"
],
"tcpenabled": true
},
"version": "2022"
}
}
}
现在,我正在使用类似的东西,它不够通用/动态,而且我不想将其用于account_identifiers非常相似的其他原理图。
- name: 'Process credentials'
ansible.builtin.include_role:
name: 'mycollection.generic'
tasks_from: 'user/{{ item.value.vault }}.yml'
loop: '{{ input_parameters.mssql.setupconfig | dict2items }}'
when: 'item.key in account_identifiers'
vars:
account_identifiers: ['sapwd','sqlsvcaccount','agtsvcaccount','ftsvcaccount','rssvcaccount','assvcaccount','issvcaccount']
有什么想法可以实现这一点吗?
我尝试从 Ansible 文档中获取想法,但我认为我遗漏了一些东西。