Ansible : double loop into json file

Question

Welcome To Ask or Share your Answers For Others

Ansible : double loop into json file

asked Jan 27, 2021 in Technique[技术] by 深蓝 (71.8m points)

Ansible : double loop into json file

I have as a source a json file that contains a list of blocks and data. from which i would like to extract information to create security rules, using a double loop in ansible.

Below an example from my json file :

[
   {
      "Name":"Some_name",
      "NetworkFlow":[
         {
            "GroupName":"Test1",
            "Type":"Ingress",
            "Env":"dev",
            "Server":[
               "192.168.1.1",
               "192.168.1.2",
               ...
            ],
            "Service":[
               {
                  "Protocol":"TCP",
                  "Port":"443"
               },
               {
                  "Protocol":"UDP",
                  "Port":"21"
               },
               ....
            ]
         },
         ....
      ]
   }
]

This is for a generic deployment, and for each "NetworkFlow" section, i have to loop in the list of servers and also in the list of protocols and ports to get a simular parsing like the below:

#rule= Server,Protocol,Port,Type,Env,GroupName
192.168.1.1,TCP,443,Ingress,Dev,Test1
192.168.1.2,TCP,443,Ingress,Dev,Test1
192.168.1.1,UDP,21,Ingress,Dev,Test1
192.168.1.2,UDP,21,Ingress,Dev,Test1

I tried with_nested but it doesn't work, Any idea to deal with that please?

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-01-27T03:53:03+0000

Create a file with the nested loop, for example

shell> cat rules.yml
- debug:
    msg: "{{ item.0 }},{{ item.1.Protocol }},{{ item.1.Port }},{{ outer_item.Type }},{{ outer_item.Env }},{{ outer_item.GroupName }}"
  with_nested:
    - "{{ outer_item.Server }}"
    - "{{ outer_item.Service }}"

and include it

    - include_tasks: rules.yml
      loop: "{{ NetworkFlow }}"
      loop_control:
        loop_var: outer_item

gives

  msg: 192.168.1.1,TCP,443,Ingress,dev,Test1
  msg: 192.168.1.1,UDP,21,Ingress,dev,Test1
  msg: 192.168.1.2,TCP,443,Ingress,dev,Test1
  msg: 192.168.1.2,UDP,21,Ingress,dev,Test1

Q: "... have a list of ports separated by a comma and not just one port."

A: Convert the data. For example

shell> cat rules.yml
- set_fact:
    Services: "{{ Services|from_yaml }}"
  vars:
    Services: |
      {% for service in oi.Service %}
      {% for port in service.Port.split(',') %}
        - Protocol: {{ service.Protocol }}
          Port: {{ port }}
      {% endfor %}
      {% endfor %}

- debug:
    msg: "{{ i.0 }},{{ i.1.Protocol }},{{ i.1.Port }},{{ oi.Type }},{{ oi.Env }},{{ oi.GroupName }}"
  with_nested:
    - "{{ oi.Server }}"
    - "{{ Services }}"
  loop_control:
    loop_var: I

gives

  msg: 192.168.1.1,TCP,443,Ingress,dev,Test1
  msg: 192.168.1.1,TCP,22,Ingress,dev,Test1
  msg: 192.168.1.1,TCP,53,Ingress,dev,Test1
  msg: 192.168.1.1,UDP,21,Ingress,dev,Test1
  msg: 192.168.1.2,TCP,443,Ingress,dev,Test1
  msg: 192.168.1.2,TCP,22,Ingress,dev,Test1
  msg: 192.168.1.2,TCP,53,Ingress,dev,Test1
  msg: 192.168.1.2,UDP,21,Ingress,dev,Test1

Categories

Ansible : double loop into json file

Ansible : double loop into json file

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags