How to validate variables contents in Ansible?

in flag

ansible-lint only checks the tasks/handlers and doesn't iterate over the variables (e.g. if you're using with_items, it won't iterate over all the items) and yamllint only checks cosmetic issues and is hard to customized with custom rules.

Is there a tool that can validate the actual data in the variables in YAML files before they are fed into Ansible?


  • A given variable cannot contain a specific string
  • Variable user_ssh_key fed to authorized_keys cannot have a comment
  • Variable ssh_enabled fed to service module cannot be True
  • and so on...
in flag

You can use assert and testing-strings to achieve that.

Like so:

- hosts: localhost
    variable: 'green'
    - assert:
        that: variable is match("green")
        success_msg: "Variable is green"
        fail_msg: "Variable is not green"

You can

match strings against a substring or a regular expression, use the match, search or regex tests

Henrik Pingel avatar
in flag
@Zeitounator Thanks, that is a valid concern. Fixed it and used a non boolean in the example

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.