ansible giving error whereas in k8s command runs fine on server

2/9/2021

Does anyone face this issue. there is no other way if a secret is create it to ignore already exist error, below is the command which runs fine with out of secret/license configured as compared to secret/license created (which happens first time)

kubectl create secret generic license --save-config --dry-run=true --from-file=/tmp/ansibleworkspace/license -n {{ appNameSpace }} -o yaml | kubectl apply -f -

It runs fine if I run it on a k8s cluster

Below is the error while executing it through ansible.

Error: unknown shorthand flag: 'f' in -f


Examples:
  # Create a new secret named my-secret with keys for each file in folder bar
  kubectl create secret generic my-secret --from-file=path/to/bar
  
  # Create a new secret named my-secret with specified keys instead of names on disk
  kubectl create secret generic my-secret --from-file=ssh-privatekey=~/.ssh/id_rsa --from-file=ssh-publickey=~/.ssh/id_rsa.pub
  
  # Create a new secret named my-secret with key1=supersecret and key2=topsecret
  kubectl create secret generic my-secret --from-literal=key1=supersecret --from-literal=key2=topsecret
  
  # Create a new secret named my-secret using a combination of a file and a literal
  kubectl create secret generic my-secret --from-file=ssh-privatekey=~/.ssh/id_rsa --from-literal=passphrase=topsecret
  
  # Create a new secret named my-secret from an env file
  kubectl create secret generic my-secret --from-env-file=path/to/bar.env

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats.
      --append-hash=false: Append a hash of the secret to its name.
      --dry-run=false: If true, only print the object that would be sent, without sending it.
      --from-env-file='': Specify the path to a file to read lines of key=val pairs to create a secret (i.e. a Docker .env file).
      --from-file=[]: Key files can be specified using their file path, in which case a default name will be given to them, or optionally with a name and file path, in which case the given name will be used.  Specifying a directory will iterate each named file in the directory that is a valid secret key.
      --from-literal=[]: Specify a key and literal value to insert in secret (i.e. mykey=somevalue)
      --generator='secret/v1': The name of the API generator to use.
  -o, --output='': Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
      --save-config=false: If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future.
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
      --type='': The type of secret to create
      --validate=true: If true, use a schema to validate the input before sending it

Usage:
  kubectl create secret generic NAME [--type=string] [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run] [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).

unknown shorthand flag: 'f' in -f
-- Sid
ansible
kubernetes

1 Answer

2/24/2021

Since you haven't given any details about the context you are running the command, I can only provide an answer based on my guess.

Explanation:

I suppose that you use the command module in your Ansible playbook and this is the cause of your issue. As you can read in module description:

  • The given command will be executed on all selected nodes. It will not be processed through the shell, so variables like $HOME and operations like "<", ">", "|", ";" and "&" will not work (use the shell module if you need these features).

and in your command you use "|" character, which cannot be interpreted properly as it is not processed through the shell. Note that the error you get:

Error: unknown shorthand flag: 'f' in -f

is related with incorrect use of kubectl create secret generic which simply doesn't have such option. Since "|" character is not interpreted by the command module, the proceeding command:

kubectl apply -f -

is treated as a part of:

kubectl create secret generic

(which is confirmed by the error you get, followed by the correct usage examples).

Solution:

As recommended in the above quoted docs, use the shell module instead:

If you want to run a command through the shell (say you are using <, >, |, etc), you actually want the shell module instead.

-- mario
Source: StackOverflow