Hiera lookup on array of hashes, is it possible?

asked 2016-06-02 00:58:06 -0500

dsnssc gravatar image

Hello, I am not sure if this is possible at all, but let me introduce with challenge I am experiencing. I have this configuration:

cloud::provision:
  'strname':
    key1: str1
    key2: str2
    sg_key:
      -
        protocol: 'tcp'
        port: '1111'
        cidr: '172.31.0.0/16'
      -
        protocol: 'tcp'
        port: '2222'
        cidr: '172.31.0.0/16'
      -
        protocol: 'tcp'
        port: '3333'
        cidr: '172.31.0.0/16'

So, I have a lot of these rules (array of hashes) for every security group for every EC2 instance on AWS. I want to simplify whole process and make a lookup like this:

common.yaml

lookupkey:
      -
        protocol: 'tcp'
        port: '1111'
        cidr: '172.31.0.0/16'
      -
        protocol: 'tcp'
        port: '2222'
        cidr: '172.31.0.0/16'
      -
        protocol: 'tcp'
        port: '3333'
        cidr: '172.31.0.0/16'

and have this:

cloud::provision:
  'strname':
    key1: str1
    key2: str2
    sg_key: "%{hiera('lookupkey')}"

Doing a lookup from CLI (first example), I am getting this response:

{"strname"=>
  {"key1"=>"str1",
   "key2"=>"str2",
   "sg_key"=>
    [{"protocol"=>"tcp", "port"=>"1111", "cidr"=>"172.31.0.0/16"},
     {"protocol"=>"tcp", "port"=>"2222", "cidr"=>"172.31.0.0/16"},
     {"protocol"=>"tcp", "port"=>"3333", "cidr"=>"172.31.0.0/16"}]}}

If I try to do a lookup in second example (with hiera lookup), I am getting this:

{"strname"=>
  {"key1"=>"str1",
   "key2"=>"str2",
   "sg_key"=>
"[{\"protocol\"=>\"tcp\", \"port\"=>\"1111\", \"cidr\"=>\"172.31.0.0/16\"}, {\"protocol\"=>\"tcp\", \"port\"=>\"2222\", \"cidr\"=>\"172.31.0.0/16\"}, {\"protocol\"=>\"tcp\", \"port\"=>\"3333\", \"cidr\"=>\"'172.31.0.0/16\"}]"}}

Is it possible to get non-escaped output? Is this possible at all? It's very uncomfortable to have over 300 instances and have to change SG rules one by one instead on the one place. Thanks.

edit retag flag offensive close merge delete