Ansible Substring From List Item

To keep this simple, I have one whitelist directory, one directory being passed in. I need to make sure the full directory of "/tmp/dir1/dir2" FAILS, where a directory of "/local/web/dir1" SUCCEEDS.

This code, always says it's good. No matter what I pass. What am I missing?

EDIT First of all {{ dir }} is passed in, it's all running under AaaS. Data passed in looks like:

should succeed:

/local/web/test1/dir1

should fail:

/home/test

ansible-playbook-yml

---
- name: Generate Directory Structure and by list.
  hosts: target_hosts
  vars:
    dir: {{ dir }}
    whitelist_dir:
      - "/local/web"

  tasks:
    - name: Validate Search {{ dir }}
      debug:
        msg: "directory is good!"
      when: item is search(dir)
      with_items:
        - "{{ whitelist_dir }}"

1 answer

  • answered 2020-07-29 22:17 Zeitounator

    Following your edit and my last comment, the only real problem I see is that you reversed your parameters in your where clause (although it does not explain IMO why it would always succeed...).

    If I check with parameters in the right order, I get the result you expect. I even added a second whitelist path in the following MCVE to make sure your loop was working correctly. The following test.yml playbook

    ---
    - name: Check if directory is in whitelist path
      hosts: localhost
      gather_facts: false
    
      vars_prompt:
        - name: dir
          prompt: Type in full path you want to check
          private: no
    
      vars:
        whitelist_dir:
          - "/local/web"
          - "/toto/pipo"
    
      tasks:
        - name: Validate Search {{ dir }}
          debug:
            msg: "directory is good!"
          when: dir is search(item)
          with_items:
            - "{{ whitelist_dir }}"
    

    Gives (3 differents tests)

    $ ansible-playbook test.yml 
    Type in full path you want to check: /local/web/test1/dir1
    
    PLAY [Check if directory is in whitelist path] *****************************************************************************************************************************************************************************************
    
    TASK [Validate Search /local/web/test1/dir1] *******************************************************************************************************************************************************************************************
    ok: [localhost] => (item=/local/web) => {
        "msg": "directory is good!"
    }
    skipping: [localhost] => (item=/toto/pipo) 
    
    PLAY RECAP *****************************************************************************************************************************************************************************************************************************
    localhost                  : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0 
    
    $ ansible-playbook test.yml 
    Type in full path you want to check: /home/test
    
    PLAY [Check if directory is in whitelist path] *****************************************************************************************************************************************************************************************
    
    TASK [Validate Search /home/test] ******************************************************************************************************************************************************************************************************
    skipping: [localhost] => (item=/local/web) 
    skipping: [localhost] => (item=/toto/pipo) 
    skipping: [localhost]
    
    PLAY RECAP *****************************************************************************************************************************************************************************************************************************
    localhost                  : ok=0    changed=0    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0
    
    $ ansible-playbook test.yml 
    Type in full path you want to check: /toto/pipo/test.txt
    
    PLAY [Check if directory is in whitelist path] *****************************************************************************************************************************************************************************************
    
    TASK [Validate Search /toto/pipo/test.txt] *********************************************************************************************************************************************************************************************
    skipping: [localhost] => (item=/local/web) 
    ok: [localhost] => (item=/toto/pipo) => {
        "msg": "directory is good!"
    }
    
    PLAY RECAP *****************************************************************************************************************************************************************************************************************************
    localhost                  : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0