64

I want to evaluate multiple condition in ansible using when, here is my playbook:

- name: Check that the SSH Key exists
   local_action:
     module: stat
     path: "/home/{{ login_user.stdout }}/{{ ssh_key_location }}"
   register: sshkey_result

 - name: Generating a new SSH key for the current user it's not exists already
   local_action:
      module: user
      name: "{{ login_user.stdout }}"
      generate_ssh_key: yes 
      ssh_key_bits: 2048
   when: sshkey_result.rc == 1 and  ( github_username is undefined or github_username |lower == 'none' )

here is my var file for reference:

---
vpc_region: eu-west-1
key_name: my_github_key
ssh_key_location: .ssh/id_rsa.pub

When I try to execute this playbook, I am getting this error:

TASK: [test | Check that the SSH Key exists] **********************************
ok: [localhost -> 127.0.0.1]

 TASK: [test | Generating a new SSH key for the current user it's not exists already] ***
 fatal: [localhost] => error while evaluating conditional: sshkey_result.rc == 1 and  ( github_username is undefined or github_username |lower == 'none' )

        FATAL: all hosts have already failed -- aborting

Can somebody point me out that how we can use multiple conditions with ansible on single task.

Thanks

Arbab Nazar
  • 22,378
  • 10
  • 76
  • 82

5 Answers5

89

You can use like this.

when: condition1 == "condition1" or condition2 == "condition2"

Link to official docs: The When Statement.

Also Please refer to this gist: https://gist.github.com/marcusphi/6791404

Bram
  • 819
  • 1
  • 9
  • 24
Dhanasekaran Anbalagan
  • 2,524
  • 1
  • 16
  • 12
34

Adding to https://stackoverflow.com/users/1638814/nvartolomei answer, which will probably fix your error.

Strictly answering your question, I just want to point out that the when: statement is probably correct, but would look easier to read in multiline and still fulfill your logic:

when: 
  - sshkey_result.rc == 1
  - github_username is undefined or 
    github_username |lower == 'none'

https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#the-when-statement

user2066480
  • 1,229
  • 2
  • 12
  • 24
5

The problem with your conditional is in this part sshkey_result.rc == 1, because sshkey_result does not contain rc attribute and entire conditional fails.

If you want to check if file exists check exists attribute.

Here you can read more about stat module and how to use it.

David Oliver
  • 2,424
  • 1
  • 24
  • 37
nvartolomei
  • 1,505
  • 12
  • 15
  • 5
    As a followup to what @nvartolomei said, when you have a variable like `sshkey_result` I find it extremely useful to display its value immediately after its set while writing/debugging a playbook. Adding in a `-debug: var=sshkey_result` task will show you that as he said, `rc` doesn't exist in this context, and it will also show you what properties of that variable *do* exist. – Bruce P Nov 22 '15 at 21:30
5

You can use logical operators to combine conditions. When you have multiple conditions that all need to be true (that is, a logical and), you can specify them as a list:

tasks:
  - name: Shut down CentOS 6 systems
    ansible.builtin.command: /sbin/shutdown -t now
    when:
      - ansible_facts['distribution'] == "CentOS"
      - ansible_facts['distribution_major_version'] == "6"

Link to the doc : https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#the-when-statement

quicksilver
  • 289
  • 5
  • 11
1

Also you can use default() filter. Or just a shortcut d()

- name: Generating a new SSH key for the current user it's not exists already
  local_action:
    module: user
    name: "{{ login_user.stdout }}"
    generate_ssh_key: yes 
    ssh_key_bits: 2048
  when: 
    - sshkey_result.rc == 1
    - github_username | d('none') | lower == 'none'
ALex_hha
  • 1,345
  • 15
  • 16