Executing op via Ansible ends in different stderr messages
bernd-mueller-1 opened this issue · comments
Your environment
op-js version: ??
CLI version: 2.28.0
OS: MacOS
What happened?
I want to use op via Ansible for creating and editing items with a service user (OP_SERVICE_ACCOUNT_TOKEN) but actual I get the message "cannot create an item from template and stdin at the same time".
What did you expect to happen?
The Ansible task creates item in 1Password.
Steps to reproduce
- Install 1Password-CLI "op" local
- Execute command via Ansible, see below
Notes & Logs
I hope this is the correct place to ask for this, otherwise please provide me some information for correct place. We use account type "1Password Teams".
I use molecule to test this role, if you want to have some more information, please tell me. Thanks
the Ansible tasks
- name: Get 1Pass entry
delegate_to: localhost
register: getentry
ignore_errors: true
ansible.builtin.shell:
cmd: "op read 'op://<VAULTNAME>/<ITEMNAME>/password'"
environment:
OP_SERVICE_ACCOUNT_TOKEN: "{{ token }}"
- name: Create 1Pass entry
when: getentry.failed
delegate_to: localhost
block:
- name: Create template file
ansible.builtin.template:
src: "opitemcreatetemplate.json.j2"
dest: "{{ tmp_path }}/opitemcreatetemplate-{{ inventory_hostname }}.json"
owner: "{{ username }}"
group: "{{ group }}"
mode: "0600"
- name: Create 1Pass entry
ansible.builtin.shell:
cmd: "op item create --template={{ tmp_path }}/opitemcreatetemplate-{{ inventory_hostname }}.json"
environment:
OP_SERVICE_ACCOUNT_TOKEN: "{{ token }}"
Output of molecule run
fatal: [rhubi8 -> localhost]: FAILED! =>
{
"changed": true,
"cmd": "op item create --template=/tmp/opitemcreatetemplate-rhubi8.json",
"delta": "0:00:00.018750",
"end": "2024-05-17 09:51:53.209864",
"msg": "non-zero return code",
"rc": 1,
"start": "2024-05-17 09:51:53.191114",
"stderr": "[ERROR] 2024/05/17 09:51:53 cannot create an item from template and stdin at the same time",
"stderr_lines": [
"[ERROR] 2024/05/17 09:51:53 cannot create an item from template and stdin at the same time"
],
"stdout": "",
"stdout_lines": []
}
I also tried to write a meta script, like this
#!/usr/bin/env bash
OP_SERVICE_ACCOUNT_TOKEN="{{ token}}" op item create --template={{ tmp_path }}/opitemcreatetemplate-{{ inventory_hostname }}.json
but the same stderr
fatal: [rhubi8 -> localhost]: FAILED! =>
{
"changed": true,
"cmd": "/tmp/op-create-meta.sh",
"delta": "0:00:00.191058",
"end": "2024-05-17 09:33:52.428192",
"msg": "non-zero return code",
"rc": 1,
"start": "2024-05-17 09:33:52.237134",
"stderr": "[ERROR] 2024/05/17 09:33:52 cannot create an item from template and stdin at the same time",
"stderr_lines": [
"[ERROR] 2024/05/17 09:33:52 cannot create an item from template and stdin at the same time"
],
"stdout": "",
"stdout_lines": []
}
but executing this script manually works.
❯ /tmp/op-create-meta.sh
ID: z2fftrgbguftvrlvzobbe2xm5i
Title: Title
Vault: <VAULTNAME>
Created: now
Updated: now
Favorite: false
Version: 1
Category: LOGIN
Fields:
username: root
password: <SECRET>
notesPlain: Generated with Ansible
I also tried "op item create --category ... --title ... --vault ... with another result
fatal: [rhubi8 -> localhost]: FAILED! =>
{
"changed": true,
"cmd": "op item create --category=login --title='<TITLE>' --vault='<VAULTNAME>' --generate-password=20,letters,digits 'username=root'",
"delta": "0:00:00.104188",
"end": "2024-05-17 10:02:12.692563",
"msg": "non-zero return code",
"rc": 1,
"start": "2024-05-17 10:02:12.588375",
"stderr": "[ERROR] 2024/05/17 10:02:12 invalid JSON in piped input",
"stderr_lines": ["[ERROR] 2024/05/17 10:02:12 invalid JSON in piped input"],
"stdout": "",
"stdout_lines": []
}
I get the hint of one of my colleagues to test this on Linux instead of my MacBook and now the first test with "op item create --category ..." works. So this have to be a $thing with my local setup.
I will close this and hope, some other guys will find this if having those errors.