"Ansible lineinfile相加重复行“的变体

Question

我正试图让ansible在ubuntu中配置无人值守的升级。不幸的是，当我多次运行该角色时，我会得到重复的行。

这是我的代码：

- name: apt | Configure unattended-upgrades
  lineinfile:
    dest: /etc/apt/apt.conf.d/50unattended-upgrades
    regexp: "{{ item }}"
    line: "{{ harden_linux_unattended_upgrades_settings[item] }}"
    state: present
  with_items:
      - "{{ harden_linux_unattended_upgrades_settings | list }}"

和

harden_linux_unattended_upgrades_settings:
    "^Unattended-Upgrade::Mail": 'Unattended-Upgrade::Mail "{{ ubuntu_common_email }}";'
    "^Unattended-Upgrade::MailReport": 'Unattended-Upgrade::MailReport "on-change";' # later if working set to "only-on-error"
    "^Unattended-Upgrade::Remove-Unused-Kernel-Packages": 'Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";'
    "^Unattended-Upgrade::Remove-Unused-Dependencies": 'Unattended-Upgrade::Remove-Unused-Dependencies "true";'
    "^Unattended-Upgrade::Automatic-Reboot": 'Unattended-Upgrade::Automatic-Reboot "true";'
    "^Unattended-Upgrade::Automatic-Reboot-Time": 'Unattended-Upgrade::Automatic-Reboot-Time "2:50";'

运行时的结果是，它第一次运行良好。每次之后，我都会得到这样的结果(奇怪的是，只有一些重复的行)：

changed: [cloud-host] => (item=^Unattended-Upgrade::Mail)
changed: [cloud-host] => (item=^Unattended-Upgrade::MailReport)
ok: [cloud-host] => (item=^Unattended-Upgrade::Remove-Unused-Kernel-Packages)
ok: [cloud-host] => (item=^Unattended-Upgrade::Remove-Unused-Dependencies)
changed: [cloud-host] => (item=^Unattended-Upgrade::Automatic-Reboot)
changed: [cloud-host] => (item=^Unattended-Upgrade::Automatic-Reboot-Time)

在文件结尾处有以下内容：

Unattended-Upgrade::Mail "john@doe.com";
Unattended-Upgrade::Mail "john@doe.com";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Mail "john@doe.com";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Mail "john@doe.com";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Mail "john@doe.com";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::MailReport "on-change";
Unattended-Upgrade::Automatic-Reboot-Time "2:50";

我见过许多有重复行问题的线程，但我无法在那里识别我的问题。尤其是我不明白为什么这件事

Unattended-Upgrade::Remove-Unused-Kernel-Packages

和

Unattended-Upgrade::Remove-Unused-Dependencies

我看不出其他台词有什么区别..。

编辑：，谢谢你这个非常有用的答案！这就是我最后得到的结果(我也改变了其他部分)：

- name: apt | Configure unattended-upgrades
  lineinfile:
    dest: /etc/apt/apt.conf.d/50unattended-upgrades
    regexp: "^{{ item }}\\s"
    line: '{{ item }} "{{ harden_linux_unattended_upgrades_settings[item] }}";'
    state: present
  with_items:
      - "{{ harden_linux_unattended_upgrades_settings | list }}"

和

harden_linux_unattended_upgrades_settings:
    "Unattended-Upgrade::Mail": "{{ ubuntu_common_email }}"
    "Unattended-Upgrade::MailReport": "on-change" # later if working set to "only-on-error"
    "Unattended-Upgrade::Remove-Unused-Kernel-Packages": "true"
    "Unattended-Upgrade::Remove-Unused-Dependencies": "true"
    "Unattended-Upgrade::Automatic-Reboot": "true"
    "Unattended-Upgrade::Automatic-Reboot-Time": "2:50"

Answer 1

你有：

    "^Unattended-Upgrade::Automatic-Reboot": 'Unattended-Upgrade::Automatic-Reboot "true";'
    "^Unattended-Upgrade::Automatic-Reboot-Time": 'Unattended-Upgrade::Automatic-Reboot-Time "2:50";'

第一个regex ^Unattended-Upgrade::Automatic-Reboot与Unattended-Upgrade::Automatic-Reboot和Unattended-Upgrade::Automatic-Reboot-Time匹配。

因此，在第二次，它做了以下工作：

• match Unattended-Upgrade::Automatic-Reboot
• nothing
• match Unattended-Upgrade::Automatic-Reboot-Time并替换为
• matchUnattended-Upgrade::Automatic-Reboot-Time，不再有Unattended-Upgrade::Automatic-Reboot-Time了，它将其添加回

现在，您有2 Automatic-Reboot和1 Automatic-Reboot-Time

Unattended-Upgrade::Mail和Unattended-Upgrade::Mail-Report的相同逻辑

您可以通过匹配以下"来改进正则表达式