5

I want to copy a file to remote nodes, but only if the file exists. I copied it into /tmp/webapps/partner.war

My Task is: 

- local_action: stat path="/tmp/webapps/{{ application }}.war"
  register: war

- name: Copy warfile
  copy: src=/tmp/webapps/{{ application }}.war dest=/tmp/deploy/{{ stage }}/{{ application }}.war
  when: war.stat.exists == true

But stat always tells me, the file does not exist. If I run stat manually, it shows me the file is there.

The result:

    TASK: [deploy | stat path="/tmp/webapps/{{ application }}.war"] *************** 
<127.0.0.1> REMOTE_MODULE stat path="/tmp/webapps/partner.war"
<127.0.0.1> EXEC ['/bin/sh', '-c', 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1433920640.68-144173277081367 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1433920640.68-144173277081367 && echo $HOME/.ansible/tmp/ansible-tmp-1433920640.68-144173277081367']
<127.0.0.1> PUT /tmp/tmpzrV_Ne TO /var/lib/awx/.ansible/tmp/ansible-tmp-1433920640.68-144173277081367/stat
<127.0.0.1> EXEC ['/bin/sh', '-c', u'LANG=C LC_CTYPE=C /usr/bin/python /var/lib/awx/.ansible/tmp/ansible-tmp-1433920640.68-144173277081367/stat; rm -rf /var/lib/awx/.ansible/tmp/ansible-tmp-1433920640.68-144173277081367/ >/dev/null 2>&1']
ok: [example.com -> 127.0.0.1] => {"changed": false, "stat": {"exists": false}}

What did I do wrong? :/

xddsg
  • 3,202
  • 2
  • 26
  • 33
Alexander Huck
  • 61
  • 1
  • 1
  • 4

2 Answers2

5

FWIW, I had similar issues when trying to find files inside the role's 'files' directory (no Tower involved). I'd normally reference these as "../files/something", but that doesn't work for a local_action stat. Instead, this works:

- name: check for optional config file
  local_action: stat path={{ role_path }}/files/{{ inventory_hostname }}/some_file
  register: optional_file

(so I guess the moral of the story is: use a full path to the local file)

Ralph Bolton
  • 255
  • 3
  • 8
  • Thanks, this was driving me nuts! I could test the role I created and it worked perfectly, but when it was part of the larger playbook it would fail because the stat path was different than the include_vars path. – dan_linder May 17 '17 at 13:49
4

Ansible Tower uses PRoot which provides a cool interface for creating chroot and similar jails. In the Tower docs they state:

3.5. Playbooks missing access to necessary data due to PRoot issues

When running a playbook that reads and writes information in certain prohibited directories, users may encounter issues with PRoot. PRoot runs the ansible-playbook command within a chroot jail. In cases like these, the running playbook cannot see other playbooks or sensitive data on disk and should the playbook expect to have access to that information, problems will occur. To fine tune your usage of PRoot, there are certain variables that can be set:

# Enable proot support for running jobs (playbook runs only).
AWX_PROOT_ENABLED = False

# Command/path to proot.
AWX_PROOT_CMD = 'proot'

# Additional paths to hide from jobs using proot.
AWX_PROOT_HIDE_PATHS = []

# Additional paths to show for jobs using proot.
AWX_PROOT_SHOW_PATHS = []
chicks
  • 3,639
  • 10
  • 26
  • 36
  • Alternatively, you can define /tmp in the Tower setting "paths to expose to isolated jobs". Make sure you really know whether you want this; it's probably not a good idea if your Tower is being used by several teams in the company that are allowed only limited access. – DaVince Jul 23 '20 at 13:42