ansible.builtin.pipe – read output from a command¶
Note
This module is part of ansible-base
and included in all Ansible
installations. In most cases, you can use the short module name
pipe even without specifying the collections:
keyword.
Despite that, we recommend you use the FQCN for easy linking to the module
documentation and to avoid conflicting with other collections that may have
the same module name.
New in version 0.9: of ansible.builtin
Parameters¶
Parameter | Choices/Defaults | Configuration | Comments |
---|---|---|---|
_terms
string
/ required
|
command(s) to run.
|
Notes¶
Note
Like all lookups this runs on the Ansible controller and is unaffected by other keywords, such as become, so if you need to different permissions you must change the command or run Ansible as another user.
Alternatively you can use a shell/command task that runs against localhost and registers the result.
Pipe lookup internally invokes Popen with shell=True (this is required and intentional). This type of invocation is considered as security issue if appropriate care is not taken to sanitize any user provided or variable input. It is strongly recommended to pass user input or variable input via quote filter before using with pipe lookup. See example section for this. Read more about this Bandit B602 docs
Examples¶
- name: raw result of running date command"
debug:
msg: "{{ lookup('pipe', 'date') }}"
- name: Always use quote filter to make sure your variables are safe to use with shell
debug:
msg: "{{ lookup('pipe', 'getent passwd ' + myuser | quote ) }}"
Return Values¶
Common return values are documented here, the following are the fields unique to this lookup:
Key | Returned | Description |
---|---|---|
_string
list
/ elements=string
|
success |
stdout from command
|
Authors¶
Daniel Hokka Zakrisson (!UNKNOWN) <daniel@hozac.com>