In ansible i am running a role to create retention rules for some projects. using PUT method i stored results in register module, from that i am trying to read retention_id: "59" and project_id: "80" i need this as integer like 59 and 80 , but it is taking as string to the field but i need it as integer. i tried to change that by using "{{ item.project_id | int }}"
and {{ item.metadata.retention_id | int}}
it was not changed to integer, i tried to converted the yaml body to JSON for luck. still i am getting the error.
i got struck with this task since one week . please provide any solution to get out of this.
your response will be appreciated. Thank you
actual playbook:
---
# List of projects to check retention and project ID's
- name: get projects
uri:
url: "https://{{ ansible_host }}/api/v2.0/projects"
method: GET
headers:
Authorization: "{{ admin_passwd }}"
Accept: application/json
validate_certs: no
register: projects_result
- debug:
var: projects_result.json | flatten(levels=1)
# Create retention rules for the projects
- name: creating retention rules
uri:
url: "https://{{ ansible_host }}/api/v2.0/retentions/{{ item.metadata.retention_id | int}}"
method: PUT
body_format: json
headers:
Content-Type: application/json
Authorization: "{{ admin_passwd }}"
Accept: 'application/json, text/plain, */*'
body:
algorithm: "or"
id: "{{ item.metadata.retention_id | int }}"
rules:
- action: "retain"
params:
latestPushedK: 3
scope_selectors:
repository:
- decoration: "repoMatches"
kind: "doublestar"
pattern: "**"
tag_selectors:
- decoration: "matches"
extras: "{\"untagged\":true}"
kind: "doublestar"
pattern: "**"
template: latestPushedK
scope:
level: "project"
ref: "{{ item.project_id | int }}"
trigger:
kind: "Schedule"
settings:
cron: "0 0 * * * *"
validate_certs: no
status_code: 200
when: "item.registry_id is defined"
loop: "{{ projects_result.json | flatten(levels=1) }}"
ignore_errors: yes
with this i was getting this error:
$ ansible-playbook -i ansible/inventories/shiplab ansible/playbooks/harbor-configurations.yaml --ask-vault-pass
Vault password:
PLAY [harbor] ***********************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************
ok: [harbor_shiplab_test1e]
TASK [../roles/harbor-retention-rules : get projects] *******************************************************************************************************
ok: [harbor_shiplab_test1e]
TASK [../roles/harbor-retention-rules : debug] **************************************************************************************************************
ok: [harbor_shiplab_test1e] => {
"projects_result.json | flatten(levels=1)": [
{
"chart_count": 0,
"creation_time": "2021-10-21T07:35:28.228Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 56,
"items": [],
"project_id": 75,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "54"
},
"name": "harbor-esl-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 75,
"registry_id": 101,
"repo_count": 0,
"update_time": "2021-10-21T07:35:28.228Z"
},
{
"chart_count": 0,
"creation_time": "2021-10-21T07:35:43.098Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 58,
"items": [],
"project_id": 77,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "56"
},
"name": "harbor-library-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 77,
"registry_id": 103,
"repo_count": 0,
"update_time": "2021-10-21T07:35:43.098Z"
},
{
"chart_count": 0,
"creation_time": "2021-10-21T07:35:13.930Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 54,
"items": [],
"project_id": 73,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "52"
},
"name": "harbor-megatron-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 73,
"registry_id": 104,
"repo_count": 0,
"update_time": "2021-10-21T07:35:13.930Z"
},
{
"chart_count": 0,
"creation_time": "2021-10-21T07:35:50.271Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 59,
"items": [],
"project_id": 78,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "57"
},
"name": "harbor-migration-poc-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 78,
"registry_id": 105,
"repo_count": 0,
"update_time": "2021-10-21T07:35:50.271Z"
},
{
"chart_count": 0,
"creation_time": "2021-10-21T07:35:57.671Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 60,
"items": [],
"project_id": 79,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "58"
},
"name": "harbor-payment-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 79,
"registry_id": 106,
"repo_count": 0,
"update_time": "2021-10-21T07:35:57.671Z"
},
{
"chart_count": 0,
"creation_time": "2021-10-21T07:36:05.861Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 61,
"items": [],
"project_id": 80,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "59"
},
"name": "harbor-platform-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 80,
"registry_id": 107,
"repo_count": 0,
"update_time": "2021-10-21T07:36:05.861Z"
},
{
"chart_count": 1,
"creation_time": "2021-08-19T15:50:23.772Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 1,
"items": [],
"project_id": 1,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true"
},
"name": "library",
"owner_id": 1,
"owner_name": "admin",
"project_id": 1,
"repo_count": 3,
"update_time": "2021-08-19T15:50:23.772Z"
},
{
"chart_count": 2,
"creation_time": "2021-08-24T16:45:19.230Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 2,
"items": [],
"project_id": 2,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true"
},
"name": "platform",
"owner_id": 1,
"owner_name": "admin",
"project_id": 2,
"repo_count": 11,
"update_time": "2021-08-24T16:45:19.230Z"
}
]
}
TASK [../roles/harbor-retention-rules : creating retention rules] *******************************************************************************************
failed: [harbor_shiplab_test1e] (item={'chart_count': 0, 'creation_time': '2021-10-21T07:35:28.228Z',
'current_user_role_id': 1, 'current_user_role_ids': [1], 'cve_allowlist': {'creation_time': '0001-01-01T00:00:00.000Z',
'id': 56, 'items': [], 'project_id': 75, 'update_time': '0001-01-01T00:00:00.000Z'},
'metadata': {'public': 'true', 'retention_id': '54'}, 'name': 'harbor-esl-proxy', 'owner_id': 1, 'owner_name': 'admin', 'project_id': 75,
'registry_id': 101, 'repo_count': 0, 'update_time': '2021-10-21T07:35:28.228Z'}) => {"ansible_loop_var": "item", "changed": false,
"connection": "close", "content": "{\"errors\":[{\"code\":\"UNPROCESSABLE_ENTITY\",\"message\":\"validation failure
list:\\nparsing policy body from \\\"\\\" failed, because json: cannot unmarshal string into Go struct field RetentionPolicy.id of type int64\"}]}\n",
"content_length": "213", "content_type": "application/json; charset=utf-8", "date": "Fri, 22 Oct 2021 12:26:56 GMT", "elapsed": 1,
"item": {"chart_count": 0, "creation_time": "2021-10-21T07:35:28.228Z", "current_user_role_id": 1, "current_user_role_ids": [1],
"cve_allowlist": {"creation_time": "0001-01-01T00:00:00.000Z", "id": 56, "items": [], "project_id": 75, "update_time": "0001-01-01T00:00:00.000Z"},
"metadata": {"public": "true", "retention_id": "54"}, "name": "harbor-esl-proxy", "owner_id": 1, "owner_name": "admin", "project_id": 75,
"registry_id": 101, "repo_count": 0, "update_time": "2021-10-21T07:35:28.228Z"}, "json": {"errors": [{"code": "UNPROCESSABLE_ENTITY",
"message": "validation failure list:\nparsing policy body from \"\" failed, because json: cannot unmarshal string into Go struct field RetentionPolicy.id of type int64"}]},
"msg": "Status code was 422 and not [200]: HTTP Error 422: Unprocessable Entity", "redirected": false, "set_cookie": "sid=2e5f911867c675528b5e23c74f803240; Path=/; HttpOnly",
"status": 422, "url": "https://harbor.tst1e.k8s.shiplab.ss.rccl.com/api/v2.0/retentions/54", "vary": "Accept-Encoding", "x_request_id": "334cb06f-c161-4085-8df2-a448b7776819"}
after this i changed body to json :
json converted:
- name: creating retention rules
uri:
url: "https://{{ ansible_host }}/api/v2.0/retentions/{{ item.metadata.retention_id | int }}"
method: PUT
body_format: json
headers:
Content-Type: application/json
Authorization: "{{ admin_passwd }}"
Accept: 'application/json, text/plain, */*'
body:
'{ "algorithm": "or",
"id": {{ item.metadata.retention_id | int }},
"rules": [{
"action": "retain",
"params": {
"latestPushedK": 3 },
"scope_selectors":{
"repository": [{
"decoration": "repoMatches",
"kind": "doublestar",
"pattern": "**" } ] },
"tag_selectors": [{
"decoration": "matches",
"extras": "{\"untagged\":true}",
"kind": "doublestar",
"pattern": "**" }],
"template": latestPushedK } ],
"scope": {
"level": "project",
"ref": {{ item.project_id | int }} },
"trigger": {
"kind": "Schedule",
"settings":{
"cron": "0 0 * * * *" }}}'
validate_certs: no
status_code: 200
when: "item.registry_id is defined"
loop: "{{ projects_result.json | flatten(levels=1) }}"
ignore_errors: yes
with this also i am getting the same error. please help me out on this.
verbosity information:
ansible-playbook -i ansible/inventories/shiplab ansible/playbooks/harbor-configurations.yaml --ask-vault-pass -vvv
ansible-playbook -i ansible/inventories/shiplab ansible/playbooks/harbor-configurations.yaml --ask-vault-pass -vvv
ansible-playbook 2.8.4
config file = /home/ZL744US/repos/harbor/konvoy/ansible.cfg
configured module search path = ['/home/ZL744US/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 3.7.10 (default, May 5 2021, 11:43:58) [GCC 10.2.0]
Using /home/ZL744US/repos/harbor/konvoy/ansible.cfg as config file
Vault password:
host_list declined parsing /home/ZL744US/repos/harbor/konvoy/ansible/inventories/shiplab/test1e as it did not pass it's verify_file() method
auto declined parsing /home/ZL744US/repos/harbor/konvoy/ansible/inventories/shiplab/test1e as it did not pass it's verify_file() method
Parsed /home/ZL744US/repos/harbor/konvoy/ansible/inventories/shiplab/test1e inventory source with ini plugin
PLAYBOOK: harbor-configurations.yaml ************************************************************************************************************************
1 plays in ansible/playbooks/harbor-configurations.yaml
PLAY [harbor] ***********************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************
task path: /home/ZL744US/repos/harbor/konvoy/ansible/playbooks/harbor-configurations.yaml:2
<harbor.tst1e.k8s.shiplab.ss.acl.com> ESTABLISH LOCAL CONNECTION FOR USER: MEA ZL744US
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'echo '"'"'~MEA ZL744US'"'"' && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo ~MEA ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129 `" && echo ansible-tmp-1634916091.044559-272844769197129="` echo ~MEA ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129 `" ) && sleep 0'
<harbor_shiplab_test1e> Attempting python interpreter discovery
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0'
<harbor_shiplab_test1e> Python interpreter discovery fallback (unsupported platform for extended discovery: cygwin_nt-10.0)
Using module file /usr/lib/python3.7/site-packages/ansible/modules/system/setup.py
<harbor.tst1e.k8s.shiplab.ss.acl.com> PUT /home/ZL744US/.ansible/tmp/ansible-local-1736l28mza02/tmp5ucaxth_ TO /home/ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129/AnsiballZ_setup.py
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'chmod u x /home/ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129/ /home/ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129/AnsiballZ_setup.py && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c '/usr/bin/python /home/ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129/AnsiballZ_setup.py && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'rm -f -r /home/ZL744US/.ansible/tmp/ansible-tmp-1634916091.044559-272844769197129/ > /dev/null 2>&1 && sleep 0'
ok: [harbor_shiplab_test1e]
META: ran handlers
TASK [../roles/harbor-retention-rules : get projects] *******************************************************************************************************
task path: /home/ZL744US/repos/harbor/konvoy/ansible/roles/harbor-retention-rules/tasks/main.yml:3
<harbor.tst1e.k8s.shiplab.ss.acl.com> ESTABLISH LOCAL CONNECTION FOR USER: MEA ZL744US
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'echo '"'"'~MEA ZL744US'"'"' && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo ~MEA ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630 `" && echo ansible-tmp-1634916112.1313658-277975019551630="` echo ~MEA ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630 `" ) && sleep 0'
Using module file /usr/lib/python3.7/site-packages/ansible/modules/net_tools/basics/uri.py
<harbor.tst1e.k8s.shiplab.ss.acl.com> PUT /home/ZL744US/.ansible/tmp/ansible-local-1736l28mza02/tmpsm6sxu8_ TO /home/ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630/AnsiballZ_uri.py
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'chmod u x /home/ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630/ /home/ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630/AnsiballZ_uri.py && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c '/usr/bin/python /home/ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630/AnsiballZ_uri.py && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'rm -f -r /home/ZL744US/.ansible/tmp/ansible-tmp-1634916112.1313658-277975019551630/ > /dev/null 2>&1 && sleep 0'
ok: [harbor_shiplab_test1e] => {
"changed": false,
"connection": "close",
"content_type": "application/json",
"cookies": {
"sid": "033af4ae913d69a8314a4edb84512aa6"
},
"cookies_string": "sid=033af4ae913d69a8314a4edb84512aa6",
"date": "Fri, 22 Oct 2021 15:22:01 GMT",
"elapsed": 1,
"invocation": {
"module_args": {
"attributes": null,
"backup": null,
"body": null,
"body_format": "raw",
"client_cert": null,
"client_key": null,
"content": null,
"creates": null,
"delimiter": null,
"dest": null,
"directory_mode": null,
"follow": false,
"follow_redirects": "safe",
"force": false,
"force_basic_auth": false,
"group": null,
"headers": {
"Accept": "application/json",
"Authorization": "Basic YWRtaW46SGFyYm9yMTIzNDU="
},
"http_agent": "ansible-httpget",
"method": "GET",
"mode": null,
"owner": null,
"regexp": null,
"remote_src": null,
"removes": null,
"return_content": false,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"status_code": [
200
],
"timeout": 30,
"unix_socket": null,
"unsafe_writes": null,
"url": "https://harbor.tst1e.k8s.shiplab.ss.acl.com/api/v2.0/projects",
"url_password": null,
"url_username": null,
"use_proxy": true,
"validate_certs": false
}
},
"json": [
{
"chart_count": 0,
"creation_time": "2021-10-21T07:35:28.228Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 56,
"items": [],
"project_id": 75,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "54"
},
"name": "harbor-esl-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 75,
"registry_id": 101,
"repo_count": 0,
"update_time": "2021-10-21T07:35:28.228Z"
}
],
"msg": "OK (unknown bytes)",
"redirected": false,
"set_cookie": "sid=033af4ae913d69a8314a4edb84512aa6; Path=/; HttpOnly",
"status": 200,
"transfer_encoding": "chunked",
"url": "https://harbor.tst1e.k8s.shiplab.ss.acl.com/api/v2.0/projects",
"vary": "Accept-Encoding",
"x_request_id": "c1d907c3-e324-49a5-a582-82f9672d1f8d",
"x_total_count": "8"
}
TASK [../roles/harbor-retention-rules : creating retention rules] *******************************************************************************************
task path: /home/ZL744US/repos/harbor/konvoy/ansible/roles/harbor-retention-rules/tasks/main.yml:36
<harbor.tst1e.k8s.shiplab.ss.acl.com> ESTABLISH LOCAL CONNECTION FOR USER: MEA ZL744US
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'echo '"'"'~MEA ZL744US'"'"' && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo ~MEA ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702 `" && echo ansible-tmp-1634916125.1009495-142461137289702="` echo ~MEA ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702 `" ) && sleep 0'
Using module file /usr/lib/python3.7/site-packages/ansible/modules/net_tools/basics/uri.py
<harbor.tst1e.k8s.shiplab.ss.acl.com> PUT /home/ZL744US/.ansible/tmp/ansible-local-1736l28mza02/tmpy38u0lww TO /home/ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702/AnsiballZ_uri.py
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'chmod u x /home/ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702/ /home/ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702/AnsiballZ_uri.py && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c '/usr/bin/python /home/ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702/AnsiballZ_uri.py && sleep 0'
<harbor.tst1e.k8s.shiplab.ss.acl.com> EXEC /bin/sh -c 'rm -f -r /home/ZL744US/.ansible/tmp/ansible-tmp-1634916125.1009495-142461137289702/ > /dev/null 2>&1 && sleep 0'
failed: [harbor_shiplab_test1e] (item={'chart_count': 0, 'creation_time': '2021-10-21T07:35:28.228Z', 'current_user_role_id': 1, 'current_user_role_ids': [1], 'cve_allowlist': {'creation_time': '0001-01-01T00:00:00.000Z', 'id': 56, 'items': [], 'project_id': 75, 'update_time': '0001-01-01T00:00:00.000Z'}, 'metadata': {'public': 'true', 'retention_id': '54'}, 'name': 'harbor-esl-proxy', 'owner_id': 1, 'owner_name': 'admin', 'project_id': 75, 'registry_id': 101, 'repo_count': 0, 'update_time': '2021-10-21T07:35:28.228Z'}) => {
"ansible_loop_var": "item",
"changed": false,
"connection": "close",
"content": "{\"errors\":[{\"code\":\"UNPROCESSABLE_ENTITY\",\"message\":\"validation failure list:\\nparsing policy body from \\\"\\\" failed, because json: cannot unmarshal string into Go struct field RetentionPolicy.id of type int64\"}]}\n",
"content_length": "213",
"content_type": "application/json; charset=utf-8",
"date": "Fri, 22 Oct 2021 15:22:17 GMT",
"elapsed": 3,
"invocation": {
"module_args": {
"attributes": null,
"backup": null,
"body": {
"algorithm": "or",
"id": "54",
"rules": [
{
"action": "retain",
"params": {
"latestPushedK": 3
},
"scope_selectors": {
"repository": [
{
"decoration": "repoMatches",
"kind": "doublestar",
"pattern": "**"
}
]
},
"tag_selectors": [
{
"decoration": "matches",
"extras": "{\"untagged\":true}",
"kind": "doublestar",
"pattern": "**"
}
],
"template": "latestPushedK"
}
],
"scope": {
"level": "project",
"ref": "75"
},
"trigger": {
"kind": "Schedule",
"settings": {
"cron": "0 0 * * * *"
}
}
},
"body_format": "json",
"client_cert": null,
"client_key": null,
"content": null,
"creates": null,
"delimiter": null,
"dest": null,
"directory_mode": null,
"follow": false,
"follow_redirects": "safe",
"force": false,
"force_basic_auth": false,
"group": null,
"headers": {
"Accept": "application/json, text/plain, */*",
"Authorization": "Basic YWRtaW46SGFyYm9yMTIzNDU=",
"Content-Type": "application/json"
},
"http_agent": "ansible-httpget",
"method": "PUT",
"mode": null,
"owner": null,
"regexp": null,
"remote_src": null,
"removes": null,
"return_content": false,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"status_code": [
"200"
],
"timeout": 30,
"unix_socket": null,
"unsafe_writes": null,
"url": "https://harbor.tst1e.k8s.shiplab.ss.acl.com/api/v2.0/retentions/54",
"url_password": null,
"url_username": null,
"use_proxy": true,
"validate_certs": false
}
},
"item": {
"chart_count": 0,
"creation_time": "2021-10-21T07:35:28.228Z",
"current_user_role_id": 1,
"current_user_role_ids": [
1
],
"cve_allowlist": {
"creation_time": "0001-01-01T00:00:00.000Z",
"id": 56,
"items": [],
"project_id": 75,
"update_time": "0001-01-01T00:00:00.000Z"
},
"metadata": {
"public": "true",
"retention_id": "54"
},
"name": "harbor-esl-proxy",
"owner_id": 1,
"owner_name": "admin",
"project_id": 75,
"registry_id": 101,
"repo_count": 0,
"update_time": "2021-10-21T07:35:28.228Z"
},
"json": {
"errors": [
{
"code": "UNPROCESSABLE_ENTITY",
"message": "validation failure list:\nparsing policy body from \"\" failed, because json: cannot unmarshal string into Go struct field RetentionPolicy.id of type int64"
}
]
},
"msg": "Status code was 422 and not [200]: HTTP Error 422: Unprocessable Entity",
"redirected": false,
"set_cookie": "sid=5ffe84980b5cb188e7821ae838e4fc33; Path=/; HttpOnly",
"status": 422,
"url": "https://harbor.tst1e.k8s.shiplab.ss.acl.com/api/v2.0/retentions/54",
"vary": "Accept-Encoding",
"x_request_id": "d7a855cf-3de6-47ab-8b47-d275cda5274b"
}
"skip_reason": "Conditional result was False"
}
...ignoring
META: ran handlers
META: ran handlers
PLAY RECAP **************************************************************************************************************************************************
harbor_shiplab_test1e : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=1
CodePudding user response:
Wow, what a fascinating rabbit hole :-(
So, there is an existing issue reporting that behavior, but it was closed "works-as-designed," along with some nonsense about configuring jinja2 in some incompatible way
As best I can tell from running a bunch of experiments, manually crafting that JSON payload is the only safe way:
body_format: json
body: >-
{{
(
{
"algorithm": "or",
"id": item.metadata.retention_id | int,
"rules": [
{
"action": "retain",
"params": {
"latestPushedK": 3
},
"scope_selectors": {
"repository": [
{
"decoration": "repoMatches",
"kind": "doublestar",
"pattern": "**"
}
]
},
"tag_selectors": [
{
"decoration": "matches",
"kind": "doublestar",
"pattern": "**"
}
],
"template": "latestPushedK"
}
],
"scope": {
"level": "project",
"ref": item.project_id | int
},
"trigger": {
"kind": "Schedule",
"settings": {
"cron": "0 0 * * * *"
}
}
}
) | to_json }}
when: "item.registry_id is defined"
I wish I had a better explanation as to what is going on, but given the response to that issue, I'm not super sure they even consider your experience to be a bug
But for clarity, what is happening here is that those leading brace characters inside the () are python dict literals, which is why the "id": item.metadata.retention_id | int, doesn't need any special consideration -- both sides of that are python (err, jinja2, but same-same)
The () are likely not strictly necessary, but do make it super obvious what is being fed into the | to_json filter
Then, the outer {{ are the jinja2 delimiters that you're used to, in order to have all that inner jinja2 code run, and the body: >- is to get us out of yaml quoting hell