Skip to content

Instantly share code, notes, and snippets.

@darkone23
Created January 31, 2013 19:50
Show Gist options
  • Save darkone23/4685816 to your computer and use it in GitHub Desktop.
Save darkone23/4685816 to your computer and use it in GitHub Desktop.
Use python expect to forward ssh and sudo password to ansible-playbook. This allows the password to be a parameter of the script invocation Because of the plaintext password it is probably wisest to use this as a subprocess instead of directly from the shell
#!/usr/bin/env python
import pexpect
import sys
PASS_PARAM = "-p"
def usage():
print "./promptless_playbook %s <PASSWORD> <PLAYBOOK_ARGS...>" % PASS_PARAM
print "example: ./promptless_playbook playbooks/myplaybook.yml -p Hax0r32 -u coolguy -u sudo_role -e 'foo=bar'"
def parse_args(args):
password = None
other_args = []
for index, value in enumerate(args):
if value == PASS_PARAM:
password = args[index+1]
before = args[:index]
after = args[index+2:]
other_args = before + after
return (password, other_args)
def arr_to_str(arr):
str = ""
for s in arr:
str += "%s "%s
return str
def run_playbook(password, args):
print "Invoking 'ansible-playbook %s'" % args_to_str(args)
if not '-K' in args:
args.append('-K')
if not '-k' in args:
args.append('-k')
playbook = pexpect.spawn('ansible-playbook', args)
playbook.expect('SSH password:')
playbook.sendline(password)
playbook.expect('sudo password:')
playbook.sendline(password)
playbook.logfile = sys.stdout
playbook.expect(pexpect.EOF, timeout=120)
if __name__ == "__main__":
if sys.argv[0] == "python":
args = sys.argv[2:] # `python passwordless_playbook.py <ARGS>`
else:
args = sys.argv[1:] # `./passwordless_playbook.py <ARGS>`
(password, ansible_args) = parse_args(args)
if password and ansible_args:
run_playbook(password, ansible_args)
else:
usage()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment