search

kestra-io / kestra

Infinitely scalable, event-driven, language-agnostic orchestration and scheduling platform to manage millions of workflows declaratively in code.
https://kestra.io
Apache License 2.0
7.06k stars 413 forks source link

Issue with Escaping Curly Braces in YAML for Kestra #4093

Closed n0one42 closed 1 week ago

n0one42 commented 2 weeks ago

Describe the issue

Like I already wrote in this post: https://github.com/kestra-io/kestra/issues/4087 which was instantly closed without even waiting for an answer like everyone would be just dump, I will ask it here again.

Also the line: {% raw %}{{ item }}{% endraw %} does not work in this case like described in the documentation.

id: server-init-essentials
namespace: homelab.dev

labels:
  project: Ubuntu-Servers
  step: essentials

variables:
  username: "abc"
  hosts: ["192.168.122.159"] # ["192.168.122.159", "192.168.122.160"]

tasks:
  - id: server-init-essentials
    type: io.kestra.plugin.core.flow.WorkingDirectory
    inputFiles:
      inventory.ini: |
        {% for host in vars.hosts %}
        {{ host }} ansible_port=2222
        {% endfor %}
      myplaybook.yml: |
        ---
        - hosts: all
          become: true
          tasks:
            - name: Insert content into /tmp/rc.local
              ansible.builtin.lineinfile:
                path: /tmp/rc.local
                line: {% raw %}{{ item }}{% endraw %}
                create: true
              loop:
                - '#!/bin/sh -e'
                - 'sysctl -p /etc/sysctl.d/42-disable-ipv6.conf'
                - 'exit 0'

    tasks:
      - id: execute_playbook
        type: io.kestra.plugin.ansible.cli.AnsibleCLI
        namespaceFiles:
          enabled: true
        docker:
          image: cytopia/ansible:latest-tools
          pullPolicy: IF_NOT_PRESENT
          user: "1000"
        commands:
          - ansible-playbook -i inventory.ini myplaybook.yml --key-file kestra/secrets/id_ed25519_dev.key
        env:
          ANSIBLE_HOST_KEY_CHECKING: "False"
          ANSIBLE_REMOTE_USER: "{{ vars.username }}"

throws the error:

Failed preExecuteTasks on WorkingDirectory: Unable to find `item` used in the expression `---
- hosts: all
  become: true
  tasks:
    - name: Insert content into /tmp/rc.local
      ansible.builtin.lineinfile:
        path: /tmp/rc.local
        line: {{ item }}
        create: true
      loop:
        - '#!/bin/sh -e'
        - 'sysctl -p /etc/sysctl.d/42-disable-ipv6.conf'
        - 'exit 0'
` at line 8

Doing the same but inside a real playbook file and executing it like this, does work.

id: server-init-essentials
namespace: homelab.dev

labels:
  project: Ubuntu-Servers
  step: essentials

variables:
  username: "abc"
  hosts: ["192.168.122.159"] # ["192.168.122.159", "192.168.122.160"]

tasks:
  - id: server-init-essentials
    type: io.kestra.plugin.core.flow.WorkingDirectory
    inputFiles:
      inventory.ini: |
        {% for host in vars.hosts %}
        {{ host }} ansible_port=2222
        {% endfor %}
    tasks:
      - id: execute_playbook
        type: io.kestra.plugin.ansible.cli.AnsibleCLI
        namespaceFiles:
          enabled: true
        docker:
          image: cytopia/ansible:latest-tools
          pullPolicy: IF_NOT_PRESENT
          user: "1000"
        commands:
          - ansible-playbook -i inventory.ini pb_temp.yml --key-file kestra/secrets/id_ed25519_dev.key
        env:
          ANSIBLE_HOST_KEY_CHECKING: "False"
          ANSIBLE_REMOTE_USER: "{{ vars.username }}"

pb_temp.yml content.

 ---
- hosts: all
  become: true
  tasks:
    - name: Insert content into /tmp/rc.local
      ansible.builtin.lineinfile:
        path: /tmp/rc.local
        line: '{{ item }}'
        create: true
      loop:
        - '#!/bin/sh -e'
        - 'sysctl -p /etc/sysctl.d/42-disable-ipv6.conf'
        - 'exit 0'

So a simple how to this line should looks like would be enough. What is wrong in this: line: {% raw %}{{ item }}{% endraw %}

Environment

Gregoire-Fremaux commented 1 week ago

Got the same issue and {% raw %}{{ var_name }}{% endraw %}

is not working

Here is my workflow:

id: infrastructure_automation
namespace: tutorial

tasks:
  - id: setup
    type: io.kestra.plugin.core.flow.WorkingDirectory
    tasks:
      - id: load_ssh_key
        type: io.kestra.plugin.core.storage.LocalFiles
        inputs:
          inventory.ini: |
            docker2 ansible_host=192.168.1.72 new_hostname=docker2
          playbook.yml: |
            ---
            - name: Update package
              hosts: all
              become: True
              tasks:
                - name: Update apt package index
                  ansible.builtin.apt:
                    update_cache: yes

                - name: Upgrade all apt packages
                  ansible.builtin.apt:
                    upgrade: dist
                - name: Set the hostname
                  hostname:
                    name: "{% raw %}{{new_hostname}}{% endraw %}"

                - name: Ensure /etc/hosts is updated with the new hostname
                  lineinfile:
                    path: /etc/hosts
                    regexp: "^127\.0\.1\.1\s+"
                    line: "127.0.1.1 {% raw %}{{new_hostname}}{% endraw %}"
                    state: present

                - name: Reboot the server
                  shell: sleep 2 && shutdown -r now
                  async: 1
                  poll: 0
                  ignore_errors: true

                - name: Wait for the reboot to complete if there was a change.
                  wait_for_connection:
                    connect_timeout: 20
                    sleep: 5
                    delay: 5
                    timeout: 300
          id_rsa: "{{ secret('SSH_KEY') }}"

      - id: "bash"
        type: "io.kestra.core.tasks.scripts.Bash"
        commands:
          - 'chmod 600 id_rsa'

      - id: ansible_task
        type: io.kestra.plugin.ansible.cli.AnsibleCLI
        docker:
          image: cytopia/ansible:latest-tools
        commands:
          - ansible-playbook -i inventory.ini --key-file id_rsa playbook.yml
        env:
          ANSIBLE_HOST_KEY_CHECKING: "False"
          ANSIBLE_REMOTE_USER: "root"
          ANSIBLE_USER: "root"
          ANSIBLE_PRIVATE_KEY_FILE: id_rsa

Environment Kestra Version: latest Operating System (Docker):

Gregoire-Fremaux commented 1 week ago

@loicmathieu

Can you help us this is very blocking

loicmathieu commented 1 week ago

So the issue was that we render twice the file content, I fixed it, it will be backported for our next bugfix release on 0.17