Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add a "fail" filter #69255

Closed
tux21b opened this issue Apr 30, 2020 · 6 comments · Fixed by #75435
Closed

add a "fail" filter #69255

tux21b opened this issue Apr 30, 2020 · 6 comments · Fixed by #75435
Labels
affects_2.10 This issue/PR affects Ansible v2.10 feature This issue/PR relates to a feature request. support:core This issue/PR relates to code supported by the Ansible Engineering Team.

Comments

@tux21b
Copy link

tux21b commented Apr 30, 2020
edited
Loading

SUMMARY

Add a "fail" filter that always returns a FilterError with a specific message.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

core filters

ADDITIONAL INFORMATION

I would like to list and document all variables. Role specific variables could be listed and documented in "roles/*/defaults/*" and global variables in "group_vars/all/global.yml". Unfortunately there are some variables which do not have a good default value. For example, setting a variable like "mysql_password" to an empty string might be fatal. Sure, I could assert at the start of every role that the variable is not empty, but the chances are high that I might forget to add the assert on one place or another. Therefore, something like the following would be nice:

group_vars/all/global.yml:

# the password for the mysql root user.
# this password is used in several roles (like monitoring, application setup, etc.)
global_mysql_root_password: "{{ 'required, generate with pwgen -s 20' | fail }}"

If I then happen to forget to override the variable somewhere, an error like "failed to render global_mysql_root_password: required, generate with pwgen -s 20" is thrown.

The filter is easy to write (I can provide a PR if you want), is less specific than several other filters already present (e.g. "debug_type") and might be useful in a lot of places.
@ansibot
Copy link
Contributor

ansibot commented Apr 30, 2020

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

@ansibot ansibot added affects_2.10 This issue/PR affects Ansible v2.10 feature This issue/PR relates to a feature request. needs_triage Needs a first human triage before being processed. support:core This issue/PR relates to code supported by the Ansible Engineering Team. labels Apr 30, 2020
@sivel
Copy link
Member

sivel commented Apr 30, 2020

Is there a reason you couldn't just use the mandatory filter?

Don't define the var at all, but you can put a comment like:

# the password for the mysql root user.
# this password is used in several roles (like monitoring, application setup, etc.)
# required, generate with pwgen -s 20
# global_mysql_root_password:

And then in your task use:

password: "{{ global_mysql_root_password | mandatory('required, generate with pwgen -s 20') }}"

@tux21b
Copy link
Author

tux21b commented Apr 30, 2020
edited
Loading

Thanks for your reply. That's basically how we are doing it now, but I think this approach has some drawbacks:

  1. commenting out the variable makes the file harder to parse visually (no separation, no different syntax color)
  2. the variable is used at multiple places in multiple roles. I would have to repeat the mandatory filter multiple times.
  3. when reading the variable file it is not clear that this variable is required and how it can be generated.

@MarkusTeufelberger
Copy link
Contributor

This would be the filter equivalent of the fail module: https://docs.ansible.com/ansible/latest/modules/fail_module.html

@jimi-c jimi-c added waiting_on_contributor This would be accepted but there are no plans to actively work on it. and removed needs_triage Needs a first human triage before being processed. labels May 5, 2020
@Jmennius
Copy link

Jmennius commented Oct 8, 2020
edited
Loading

What about extending the mandatory filter to check not only for Undefined but also for the null/None value?
That would allow the following:

# the password for the mysql root user.
# this password is used in several roles (like monitoring, application setup, etc.)
# required, generate with pwgen -s 20
global_mysql_root_password:

or any of the null YAML specifiers like ~, null, Null, NULL like:

global_mysql_root_password: ~
global_mysql_root_password: null

This was referenced Aug 4, 2021
Closed
Merged
@bcoca
Copy link
Member

bcoca commented Aug 10, 2021

closing as per #75407

@bcoca bcoca closed this as completed Aug 10, 2021
@sivel sivel removed the waiting_on_contributor This would be accepted but there are no plans to actively work on it. label Aug 11, 2021
@ansible ansible locked and limited conversation to collaborators Sep 7, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
affects_2.10 This issue/PR affects Ansible v2.10 feature This issue/PR relates to a feature request. support:core This issue/PR relates to code supported by the Ansible Engineering Team.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add an undef global Jinja function lilatomic/ansible
Add a "fail" filter lilatomic/ansible
7 participants
@jimi-c @sivel @tux21b @bcoca @MarkusTeufelberger @ansibot @Jmennius