# test code for lookup plugins
# Copyright: (c) 2014, James Tanner <tanner.jc@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# FILE LOOKUP
- set_fact :
output_dir : "{{ lookup('env', 'OUTPUT_DIR') }}"
- name : make a new file to read
copy : dest={{output_dir}}/foo.txt mode=0644 content="bar"
- name : load the file as a fact
set_fact :
foo : "{{ lookup('file', output_dir + '/foo.txt' ) }}"
- debug : var=foo
- name : verify file lookup
assert :
that :
- "foo == 'bar'"
# PASSWORD LOOKUP
- name : remove previous password files and directory
file : dest={{item}} state=absent
with_items :
- "{{output_dir}}/lookup/password"
- "{{output_dir}}/lookup/password_with_salt"
- "{{output_dir}}/lookup"
- name : create a password file
set_fact :
newpass : "{{ lookup('password', output_dir + '/lookup/password length=8') }}"
- name : stat the password file directory
stat : path="{{output_dir}}/lookup"
register : result
- name : assert the directory's permissions
assert :
that :
- result.stat.mode == '0700'
- name : stat the password file
stat : path="{{output_dir}}/lookup/password"
register : result
- name : assert the directory's permissions
assert :
that :
- result.stat.mode == '0600'
- name : get password length
shell : wc -c {{output_dir}}/lookup/password | awk '{print $1}'
register : wc_result
- debug : var=wc_result.stdout
- name : read password
shell : cat {{output_dir}}/lookup/password
register : cat_result
- debug : var=cat_result.stdout
- name : verify password
assert :
that :
- "wc_result.stdout == '9'"
- "cat_result.stdout == newpass"
- "' salt=' not in cat_result.stdout"
- name : fetch password from an existing file
set_fact :
pass2 : "{{ lookup('password', output_dir + '/lookup/password length=8') }}"
- name : read password (again)
shell : cat {{output_dir}}/lookup/password
register : cat_result2
- debug : var=cat_result2.stdout
- name : verify password (again)
assert :
that :
- "cat_result2.stdout == newpass"
- "' salt=' not in cat_result2.stdout"
- name : create a password (with salt) file
debug : msg={{ lookup('password', output_dir + '/lookup/password_with_salt encrypt=sha256_crypt') }}
- name : read password and salt
shell : cat {{output_dir}}/lookup/password_with_salt
register : cat_pass_salt
- debug : var=cat_pass_salt.stdout
- name : fetch unencrypted password
set_fact :
newpass : "{{ lookup('password', output_dir + '/lookup/password_with_salt') }}"
- debug : var=newpass
- name : verify password and salt
assert :
that :
- "cat_pass_salt.stdout != newpass"
- "cat_pass_salt.stdout.startswith(newpass)"
- "' salt=' in cat_pass_salt.stdout"
- "' salt=' not in newpass"
- name : fetch unencrypted password (using empty encrypt parameter)
set_fact :
newpass2 : "{{ lookup('password', output_dir + '/lookup/password_with_salt encrypt=') }}"
- name : verify lookup password behavior
assert :
that :
- "newpass == newpass2"
- name : verify that we can generate a 1st password without writing it
set_fact :
newpass : "{{ lookup('password', '/dev/null') }}"
- name : verify that we can generate a 2nd password without writing it
set_fact :
newpass2 : "{{ lookup('password', '/dev/null') }}"
- name : verify lookup password behavior with /dev/null
assert :
that :
- "newpass != newpass2"
# ENV LOOKUP
- name : get HOME environment var value
shell : "echo $HOME"
register : home_var_value
- name : use env lookup to get HOME var
set_fact :
test_val : "{{ lookup('env', 'HOME') }}"
- debug : var=home_var_value.stdout
- debug : var=test_val
- name : compare values
assert :
that :
- "test_val == home_var_value.stdout"
# UNICODE LOOKUP
# https://github.com/ansible/ansible/issues/65297
- name : get UNICODE_VAR environment var value
shell : "echo $UNICODE_VAR"
register : unicode_var_value
- name : use env lookup to get UNICODE_VAR value
set_fact :
test_unicode_val : "{{ lookup('env', 'UNICODE_VAR') }}"
- debug : var=unicode_var_value
- debug : var=test_unicode_val
- name : compare unicode values
assert :
that :
- "test_unicode_val == unicode_var_value.stdout"
# PIPE LOOKUP
# https://github.com/ansible/ansible/issues/6550
- name : confirm pipe lookup works with a single positional arg
debug : msg="{{ lookup('pipe', 'ls') }}"
# LOOKUP TEMPLATING
- name : use bare interpolation
debug : msg="got {{item}}"
with_items : "{{things1}}"
register : bare_var
- name : verify that list was interpolated
assert :
that :
- "bare_var.results[0].item == 1"
- "bare_var.results[1].item == 2"
- name : use list with bare strings in it
debug : msg={{item}}
with_items :
- things2
- things1
- name : use list with undefined var in it
debug : msg={{item}}
with_items : "{{things2}}"
ignore_errors : True
# BUG #10073 nested template handling
- name : set variable that clashes
set_fact :
PATH : foobar
- name : get PATH environment var value
set_fact :
known_var_value : "{{ lookup('pipe', 'echo $PATH') }}"
- name : do the lookup for env PATH
set_fact :
test_val : "{{ lookup('env', 'PATH') }}"
- debug : var=test_val
- name : compare values
assert :
that :
- "test_val != ''"
- "test_val == known_var_value"
- name : set with_dict
shell : echo "{{ item.key + '=' + item.value }}"
with_dict : "{{ mydict }}"
# URL Lookups
- name : Test that retrieving a url works
set_fact :
web_data : "{{ lookup('url', 'https://gist.githubusercontent.com/abadger/9858c22712f62a8effff/raw/43dd47ea691c90a5fa7827892c70241913351963/test') }}"
- name : Assert that the url was retrieved
assert :
that :
- "'one' in web_data"
- name : Test that retrieving a url with invalid cert fails
set_fact :
web_data : "{{ lookup('url', 'https://{{ badssl_host }}/') }}"
ignore_errors : True
register : url_invalid_cert
- assert :
that :
- "url_invalid_cert.failed"
- "'Error validating the server' in url_invalid_cert.msg or 'Hostname mismatch' in url_invalid_cert.msg or ( url_invalid_cert.msg is search('hostname .* doesn.t match .*'))"
- name : Test that retrieving a url with invalid cert with validate_certs=False works
set_fact :
web_data : "{{ lookup('url', 'https://{{ badssl_host }}/', validate_certs=False) }}"
register : url_no_validate_cert
- assert :
that :
- "'{{ badssl_host_substring }}' in web_data"
- name : Test cartesian lookup
debug : var=item
with_cartesian :
- [ "A" , "B" , "C" ]
- [ "1" , "2" , "3" ]
register : product
- name : Verify cartesian lookup
assert :
that :
- product.results[0]['item'] == ["A", "1"]
- product.results[1]['item'] == ["A", "2"]
- product.results[2]['item'] == ["A", "3"]
- product.results[3]['item'] == ["B", "1"]
- product.results[4]['item'] == ["B", "2"]
- product.results[5]['item'] == ["B", "3"]
- product.results[6]['item'] == ["C", "1"]
- product.results[7]['item'] == ["C", "2"]
- product.results[8]['item'] == ["C", "3"]
# Template lookups
# ref #18526
- name : Test that we have a proper jinja search path in template lookup
set_fact :
hello_world : "{{ lookup('template', 'hello.txt') }}"
- assert :
that :
- "hello_world|trim == 'Hello world!'"
- name : Test that we have a proper jinja search path in template lookup with different variable start and end string
vars :
my_var : world
set_fact :
hello_world_string : "{{ lookup('template', 'hello_string.txt', variable_start_string='[%', variable_end_string='%]') }}"
- assert :
that :
- "hello_world_string|trim == 'Hello world!'"
# Vars lookups
- name : Test that we can give it a single value and receive a single value
set_fact :
var_host : '{{ lookup("vars", "ansible_host") }}'
- assert :
that :
- 'var_host == ansible_host'
- name : Test that we can give a list of values to var and receive a list of values back
set_fact :
var_host_info : '{{ query("vars", "ansible_host", "ansible_connection") }}'
- assert :
that :
- 'var_host_info[0] == ansible_host'
- 'var_host_info[1] == ansible_connection'
