jinja2 python render "for loop"

Question

I've been looking into a method to manually render jinja2 templates which I require for ansible.

This brought me unto the python jinja render functionality but alas my python is almost non-existant.

However, the sample scripts found using google-search look pretty straightforward (at first glance)

My template includes a for loop and that's where I've encountered some difficulty.

jinja2 template:

{% if extendedKeyUsage is defined and extendedKeyUsage %}
subjectAltName = {% for SAN_IP in TLS_IP_SANS %}IP:{{ SAN_IP }}, {% endfor %}{% for SAN_DNS in TLS_DNS_SANS %}DNS:{{ SAN_DNS }}, {% endfor %}IP:127.0.0.1
extendedKeyUsage = clientAuth,serverAuth
{% endif %}

As you can see I try to generate an openssl extended usages file from the template. (but that's beside the point)

script:

#!/usr/bin/python

#
# stolen from https://stackoverflow.com/questions/42090084/how-can-i-unit-test-jinja2-template-logic
# but real working info found here: http://matthiaseisen.com/pp/patterns/p0198/
#


import os
import jinja2


def render(tpl_path, context):
    path, filename = os.path.split(tpl_path)
    return jinja2.Environment(
        loader=jinja2.FileSystemLoader(path or './')
    ).get_template(filename).render(context)


context = {  # your variables to pass to template
    'extendedKeyUsage': 'true',
    'TLS_IP_SANS': '10.1.17.101',
#    'TLS_DNS_SANS': 'test.crapco.labs'
    'TLS_DNS_SANS': 'test.crapco.labs, www.crapco.labs, a.crapco.lab'
}

filename = '/root/20160921/roles/ansible-role-CA/templates/crtExtendedUse.j2'

rendered = render(filename, context)

print "this is the rendered template %s." % rendered

Alas, instead of using the comma-seperated values in the context for the for-loop, it appears to take each character.

result:

[user@kvm-centos7-ansible ansible-role-CA]# ./render_jinja2.py 
this is the rendered template 
subjectAltName = IP:1, IP:0, IP:., IP:1, IP:., IP:1, IP:7, IP:., IP:1, IP:0, IP:1, DNS:t, DNS:e, DNS:s, DNS:t, DNS:., DNS:c, DNS:r, DNS:a, DNS:p, DNS:c, DNS:o, DNS:., DNS:l, DNS:a, DNS:b, DNS:s, DNS:,, DNS: , DNS:w, DNS:w, DNS:w, DNS:., DNS:c, DNS:r, DNS:a, DNS:p, DNS:c, DNS:o, DNS:., DNS:l, DNS:a, DNS:b, DNS:s, DNS:,, DNS: , DNS:a, DNS:., DNS:c, DNS:r, DNS:a, DNS:p, DNS:c, DNS:o, DNS:., DNS:l, DNS:a, DNS:b, IP:127.0.0.1
extendedKeyUsage = clientAuth,serverAuth
.

How can I get the complete strings?

It appears my understanding of a list is flawed. and using the [] correctly solves the issue ... like: `'TLS_DNS_SANS': ['test.crapco.labs', 'www.crapco.labs', 'a.crapco.lab']` — lievendp, Jul 24 '17 at 14:15

score 0 · Answer 1 · answered Jul 24 '17 at 14:19

the answer is my flawed understanding of what's a list / array to loop around. using the following for context worked out fine:

context = {  # your variables to pass to template
    'extendedKeyUsage': 'true',
    'TLS_IP_SANS': ['10.1.17.101'],
    'TLS_DNS_SANS': ['test.crapco.labs', 'www.crapco.labs', 'a.crapco.lab']
}

now output is as expected:

this is the rendered template 
subjectAltName = IP:10.1.17.101, DNS:test.crapco.labs, DNS:www.crapco.labs, DNS:a.crapco.lab, IP:127.0.0.1
extendedKeyUsage = clientAuth,serverAuth
.

jinja2 python render "for loop"

1 Answers1