Parse IP address from XML - Ansible

2019-08-29 10:05发布

问题:

I'm trying to use the regex_findall feature in a playbook to parse IP addresses that get returned from an API call that returns values in XML.

Example data:

me><certificate-expiry>2027/07/31 18:29:03</certificate-expiry><connected-at>2018/05/03 13:10:20</connected-at><custom-certificate-usage>no</custom-certificate-usage><multi-vsys>no</multi-vsys><vsys><entry name=\"vsys1\"><display-name>vsys1</display-name><shared-policy-status></shared-policy-status><shared-policy-md5sum>9bef65fea5df7d86617dbecfb1ef6053</shared-policy-md5sum></entry></vsys></entry><entry name=\"001606026760\"><serial>001606026760</serial><connected>yes</connected><unsupported-version>no</unsupported-version><hostname>us-583-int-fw-01</hostname><ip-address>10.200.226.8</ip-address><mac-addr></mac-addr><uptime>72 days, 6:19:31</uptime><family>200</family><model>PA-200</model><sw-version>8.0.0</sw-version><app-version>8013-4681</app-version><av-version>2599-3095</av-version><wildfire-version>240995-243478</wildfire-version><threat-version>8013-4681</threat-version><url-db>paloaltonetworks</url-db><url-filtering-version>20180508.40211</url-filtering-version><logdb-version>8.0.15</logdb-version><vpnclient-package-version></vpnclient-package-version><global-protect-client-package-version>0.0.0</global-protect-client-package-version><domain></domain><vpn-disable-mode>no</vpn-disable-mode><operational-mode>normal</operational-mode><certificate-status></certificate-status><certificate-subject-name>001606026760</certificate-subject-name><certificate-expiry>2027/02/08 17:39:01</certificate-expiry><connected-at>2018/05/03 13:10:20</connected-at><custom-certificate-usage>no</custom-certificate-usage><multi-vsys>no</multi-vsys><vsys><entry name=\"vsys1\"><display-name>vsys1</display-name><shared-policy-status></shared-policy-status><shared-policy-md5sum>47c67d0aeec16c2dbd738ffab7948886</shared-policy-md5sum></entry></vsys></entry><entry name=\"001606055848\"><serial>001606055848</serial><connected>yes</connected><unsupported-version>no</unsupported-version><hostname>us-575-int-fw-01</hostname><ip-address>10.200.230.8</ip-address><mac-addr></mac-addr><uptime>111 days, 12:30:25</uptime><family>200</family><model>PA-200</model><sw-version>8.0.7</sw-version><app-version>8017-4708</app-version><av-version>2609-3105</av-version><wildfire-version>243887-246373</wildfire-version><threat-version>8017-4708</threat-version><url-db>paloaltonetworks</url-db><url-filtering-version>20180514.20206</url-filtering-version><logdb-version>8.0.16</logdb-version><vpnclient-package-version></vpnclient-package-version><global-protect-client-package-version>0.0.0</global-protect-client-package-version><domain></domain><vpn-disable-mode>no</vpn-disable-mode><operational-mode>normal</operational-mode><certificate-status></certificate-status><certificate-subject-name>

I store the bulk XML result in register: request_devices and then try to parse with:

- name: Parse XML result for IP Address
  set_fact:
    returned_ipaddress: "{{ request_devices | regex_findall('\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b') }}"

However, I get the following when I run the play:

ERROR! Syntax Error while loading YAML.
  found unknown escape character

The error appears to have been in '/Users/tfranklin/gitrepos/retail/test-clean-palo-alto/testpw.yaml': line 21, column 81, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

      set_fact:
        returned_ipaddress: "{{ request_devices | regex_findall('\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b') }}"
                                                                                ^ here
We could be wrong, but this one looks like it might be an issue with
missing quotes.  Always quote template expression brackets when they
start a value. For instance:

    with_items:
      - {{ foo }}

Should be written as:

    with_items:
      - "{{ foo }}"

I've tried escaping the \ with \\ but it still fails.

回答1:

(Obligatory "can't parse n with regular expressions link")

Of course sometimes you can, but in this case, if you're using a recent (> 2.4) version of Ansible, you can use the xml module instead.

I've truncated your xml a bit, but the method shown here will also work with a longer/more deeply-nested file too:

data.xml

<entry name="001606026760">
  <serial>001606026760</serial>
  <connected>yes</connected>
  <unsupported-version>no</unsupported-version>
  <hostname>us-583-int-fw-01</hostname>
  <ip-address>10.200.226.8</ip-address>
  <mac-addr></mac-addr>
  <uptime>72 days, 6:19:31</uptime>
  <family>200</family>
  <model>PA-200</model>
  <sw-version>8.0.0</sw-version>
  <app-version>8013-4681</app-version>
  <av-version>2599-3095</av-version>
  <wildfire-version>240995-243478</wildfire-version>
</entry>

playbook.yml

---
- hosts: localhost
  gather_facts: false

  tasks:
    - name: Get IP address from xmldata.
      xml:
        path: "data.xml"
        content: "text"
        xpath: "/entry/ip-address"

Output

PLAY [localhost] *********************************************************************************

TASK [Get IP address from xmldata.] **************************************************************
ok: [localhost] => changed=false
  actions:
    namespaces: {}
    state: present
    xpath: /entry/ip-address
  count: 1
  matches:
  - ip-address: 10.200.226.8
  msg: 1

PLAY RECAP ***************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0


标签: regex ansible