在with_items中运行with_items

Question

我目前运行的命令如下：

name: Generate a timed-based code for user
  command: "{{ item.command }} creates={{ item.file}}"
  with_items:
    - { command: '/usr/bin/google-authenticator -t -f -d --label=user1 --qr-mode=ANSI -r 3 -R 30 -w 1 --secret=/home/user1/.google_authenticator', file: '/home/user1/.google_authenticator' }
    - { command: '/usr/bin/google-authenticator -t -f -d --label=user2 --qr-mode=ANSI -r 3 -R 30 -w 1 --secret=/home/user2/.google_authenticator', file: '/home/user2/.google_authenticator' }

这很好，但根本不是DRY。

我正在尝试做第二个像这个角色的with_items：

- include_vars: main.yml

- name: Generate a timed-based code for user
  command: "{{ item.command }} creates={{ item.file }}"
  with_items:
    - { command: '/usr/bin/google-authenticator -t -f -d --label="{{ item.username }}" --qr-mode=ANSI -r 3 -R 30 -w 1 --secret=/home/"{{ item.username }}"/.google_authenticator', file: '/home/"{{{ item.username }}"/.google_authenticator' }
  with_items: "{{ users }}"
  become: true

在vars/main.yml内部，我有：

---

users:
  username: user1 
  username: user2 
  username: user3

在运行该手册时，我将收到以下提示：

[WARNING]: While constructing a mapping from /Users/bshutter/Dev/server/roles/googlemfa/tasks/main.yml, line 55, column 3, found a duplicate dict key (with_items). Using last
defined value only.

[WARNING]: While constructing a mapping from /Users/bshutter/Dev/server/roles/googlemfa/vars/main.yml, line 4, column 3, found a duplicate dict key (username). Using last defined
value only.

当它在角色中运行并到达任务Generate a timed-based code for user时

TASK [googlemfa : Generate a timed-based code for user] **************************************
fatal: [10.1.10.36]: FAILED! => {"failed": true, "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'ansible.vars.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'file'\n\nThe error appears to have been in '/Users/bshutter/Dev/server/roles/googlemfa/tasks/main.yml': line 55, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Generate a timed-based code for user\n  ^ here\n"}

Answer 1

我不确定我完全理解您的问题，因为看起来您只需要运行一种类型的命令。因此，如果您真的只有运行google身份验证器命令，我会这样做：

- name: Generate a timed-based code for user
  command: '/usr/bin/google-authenticator -t -f -d --label="{{item}}" --qr-mode=ANSI -r 3 -R 30 -w 1 --secret=/home/{{item}}' creates='/home/{{{ item }}/.google_authenticator'
  with_items: "{{ users }}"
  become: true

Answer 2

你可能在找巢式。

但是，使用创建选项将很难实现，因为只有其中一个命令将创建该文件。还请注意，循环必须是不同的--不能引用一个列表和另一个列表。