Ansible: authorized_keys "exclusive" option fails w/ with_subelements
When I do the following in ansible 1.9.1, it treats each _individual_ per-user key as exclusive, not the _group_ of per-user keys as exclusive. As a result, only the last specified per-user key is usable.
- name: sync all users keys
authorized_key: user={{item.0.name}} key='{{item.1}}' state=present exclusive=yes
with_subelements:
- users
- keys
cowboy
All 3 comments
that is expected, you are running the module X number of times, each time with exclusive (X == number of items).
bcoca
on 3 Jun 2015
Possible Misunderstanding
Hi!
Thanks very much for your submission to Ansible. It sincerely means a lot to us.
We believe the ticket you have filed is being somewhat misunderstood, as one thing works a little differently than stated.
In the future, this might be a topic more well suited for the user list, which you can also post here if you'd like some more help with the above.
Thank you once again for this and your interest in Ansible!
bcoca
on 3 Jun 2015
I've solved this by an intermediate step. Like so
# Read each file and split by newline, allowing for multiple keys per file
- name: Assemble keys
set_fact:
key_item: "{{ lookup('file', role_path + '/files/' + item).split('\n') }}"
with_items:
- bob.pub
- fred.pub
- barney.pub
register: keys
# Select each key, joining it again and join all keys. Internally the ansible
# module will then split the string by newline and work at each one. This is
# the only way exclusive works with a list of keys.
- name: Distribute operations ssh-keys to root
authorized_key:
key : "{{ keys.results|selectattr('ansible_facts','defined')|map(attribute='ansible_facts.key_item')|map('join', '\n')|join('\n') }}"
manage_dir : yes
state : present
user : root
exclusive : yes
fredrik-rambris
on 7 Feb 2017
Related issues
eparis
·
3Comments
hyperfocus1338
·
3Comments
yatesr
·
3Comments
robbwagoner
·
3Comments
arkag
·
3Comments
Most helpful comment
I've solved this by an intermediate step. Like so