ansible.builtin.pipe lookup – read output from a command
Note
This lookup plugin is part of ansible-core and included in all Ansible
installations. In most cases, you can use the short
plugin name
pipe.
However, we recommend you use the Fully Qualified Collection Name (FQCN) ansible.builtin.pipe for easy linking to the
plugin documentation and to avoid conflicting with other collections that may have
the same lookup plugin name.
Synopsis
Run a command and return the output.
Terms
Parameter |
Comments |
|---|---|
command(s) to run. |
Notes
Note
The given command is passed to a shell for execution, therefore all variables that are part of the command and come from a remote/untrusted source MUST be sanitized using the ansible.builtin.quote filter to avoid shell injection vulnerabilities. See the example section.
Like all lookups this runs on the Ansible controller and is unaffected by other keywords, such as become, so if you need to different permissions you must change the command or run Ansible as another user.
Alternatively you can use a shell/command task that runs against localhost and registers the result.
The directory of the play is used as the current working directory.
Examples
- name: raw result of running date command
ansible.builtin.debug:
msg: "{{ lookup('ansible.builtin.pipe', 'date') }}"
- name: Always use quote filter to make sure your variables are safe to use with shell
ansible.builtin.debug:
msg: "{{ lookup('ansible.builtin.pipe', 'getent passwd ' + myuser | quote ) }}"
Return Value
Key |
Description |
|---|---|
stdout from command Returned: success |