0

I am trying to install docker credential store with pass on a VM using Ansible

here is the part of the credential store's code in the playbook.yaml

However, the problem is I try to export the gpg key id as a variable on play.4, but I can't echo the variable on play.6

I tried using register but the register variable seem cannot be use at other play's shell command

 - name: 1. Install gpg and pass
    apt:
      update_cache: yes
      name:
      - gpg
      - pass
  - name: 2. Create GPG key
    shell: |
      cat > /root/gpgKey <<EOF
      %echo Generating a default key
       Key-Type: default
       Subkey-Type: default
       Name-Real: abc999
       Name-Comment: abc999
       Name-Email: [email protected]
       Expire-Date: 0
       Passphrase: abc999
       %commit
       %echo done
      EOF
  - name: 3. Generate keys with `/root/gpgKey` file
    shell: |
      sudo gpg --batch --generate-key /root/gpgKey
  - name: 4. Verify key generation
    shell: |
      var=$(sudo gpg --list-secret-keys --keyid-format=long | sed '4!d' | tr -d " ")
  - name: 5. Download docker-credential-pass
    shell: |
      export PASS_VERSION="v0.6.0"
      wget -q "https://github.com/docker/docker-credential-helpers/releases/download/${PASS_VERSION}/docker-credential-pass-${PASS_VERSION}-amd64.tar.gz" -O - | sudo tar -x -C /usr/bin
      sudo chmod 710 "/usr/bin/docker-credential-pass"
  - name: 6. Echo GPG id
    shell: |
      echo $var

and here is the output of the command ansible-playbook playbook.yaml -vvv of play.6 echo $var: the stdout is nothing.

changed: [localhost] => {
    "changed": true,
    "cmd": "echo $var\n",
    "delta": "0:00:00.002488",
    "end": "2023-04-27 09:36:46.483048",
    "invocation": {
        "module_args": {
            "_raw_params": "echo $var\n",
            "_uses_shell": true,
            "argv": null,
            "chdir": null,
            "creates": null,
            "executable": null,
            "removes": null,
            "stdin": null,
            "stdin_add_newline": true,
            "strip_empty_ends": true,
            "warn": true
        }
    },
    "rc": 0,
    "start": "2023-04-27 09:36:46.480560",
    "stderr": "",
    "stderr_lines": [],
    "stdout": "",
    "stdout_lines": []
}
Improve this question
2
  • 1
    Your approach does not work because the plays happen in separate shells. You need to register the output of the command in order for ansible to store it. docs.ansible.com/ansible/latest/playbook_guide/… Commented Apr 27, 2023 at 12:26
  • I tried register before, but I cannot find a way to use the register variable in the shell of other play Commented Apr 27, 2023 at 16:36

1 Answer 1

Reset to default
4

Regarding the comments "You need to register the output of the command in order for Ansible to store it." and "I tried register before, but I cannot find a way to use the register variable in the shell of other play." you may have look into the following minimal example playbook

---
- hosts: localhost
  become: true
  gather_facts: false

  tasks:

  - name: 4. Verify key generation
    shell:
      cmd: "gpg --list-secret-keys --keyid-format=long | sed '4!d' | tr -d ' '"
    register: VAR

  - name: 6. Echo GPG ID
    shell:
      cmd: "echo {{ VAR.stdout_lines }}"
    register: result

  - name: Show result
    debug:
      var: result

or a more generic

---
- hosts: localhost
  become: false
  gather_facts: false

  tasks:

  - name: Echo example 1
    shell:
      cmd: "echo 12:34:56:78:90:AB:CD:EF"
    register: VAR

  - name: Echo example 2
    shell:
      cmd: "echo {{ VAR.stdout_lines }}"
    register: result

  - name: Show registered variable
    debug:
      var: result

  - name: Show result content only
    debug:
      msg: "{{ result }}"

as it shows you how to get familiar with registering, return values and data structures.

Further Documenation

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.