Last active
November 8, 2022 14:40
-
-
Save zeitounator/a90d16314e590bfc5cb228e7a693e990 to your computer and use it in GitHub Desktop.
Example for comment in https://stackoverflow.com/questions/66820243
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Note: real path is inventory_plugins/dummy.py (adjacent to playbook) | |
from ansible.plugins.inventory import BaseInventoryPlugin | |
DOCUMENTATION = """ | |
name: dummy | |
author: Olvier Clavel (@zeitounator) | |
short_description: Dummy inventory demo plugin for https://stackoverflow.com/questions/66820243 | |
description: | |
- This is an inventory plugin for pure demo and test. | |
- Do not use in production. | |
- Originally written to answer the following StackOverflow question: | |
- https://stackoverflow.com/questions/66820243." | |
options: | |
plugin: | |
description: token that ensures this is a source file for the 'dummy' plugin. | |
required: True | |
choices: ['dummy'] | |
dummy_login: | |
description: | |
- login used by our inventory plugin if provided as is. | |
- note: can be an ansible-vault encrypted string. | |
type: string | |
required: True | |
dummy_password: | |
description: | |
- password used by our inventory plugin if provided as is | |
- note: can be an ansible-vault encrypted string | |
type: string | |
required: True | |
""" | |
class InventoryModule(BaseInventoryPlugin): | |
NAME = 'dummy' # used internally by Ansible, it should match the file name but not required | |
def verify_file(self, path): | |
""" return true/false if this is possibly a valid file for this plugin to consume """ | |
valid = False | |
if super(InventoryModule, self).verify_file(path): | |
# base class verifies that file exists and is readable by current user | |
if path.endswith(('dummy.yaml', 'dummy.yml')): | |
valid = True | |
return valid | |
def parse(self, inventory, loader, path, cache=True): | |
# call base method to ensure properties are available for use with other helper methods | |
super(InventoryModule, self).parse(inventory, loader, path, cache) | |
# this method will parse 'common format' inventory sources and | |
# update any options declared in DOCUMENTATION as needed | |
config = self._read_config_data(path) | |
# Simply add a localhost and login/password vars from config file | |
# to see it "works". In real world, you would use that to connect to your db | |
self.inventory.add_host('localhost') | |
self.inventory.set_variable('localhost', 'login', self.get_option('dummy_login')) | |
self.inventory.set_variable('localhost', 'password', self.get_option('dummy_password')) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Note1: real path is inventories/dummy.yml (adjacent to playbook) | |
# Note2: vault id used for encryption: demo - with password: demo | |
# Note3: howt to create | |
# ansible-vault encrypt_string --vault-id demo@prompt --encrypt-vault-id demo "some value to encrypt" | |
# See the ansible-vault documentation for more details. | |
plugin: dummy | |
dummy_login: !vault | | |
$ANSIBLE_VAULT;1.2;AES256;demo | |
31663861623630346430326134333861626638386338343962336637663635643364383932623161 | |
3037613663663331633438613437343762636131636238340a666461326232363235626638376235 | |
64623236633962393136386332316233386235343535316566313733306431636239323164346637 | |
3739383266616166330a623836386637393266343866333739323537316562623132393162616438 | |
6338 | |
dummy_password: !vault | | |
$ANSIBLE_VAULT;1.2;AES256;demo | |
62366163333635633630383632653034656162303139356563653832363736623762393663653437 | |
6535666463356164353237653861313438323866386163350a373238383332666535356133346663 | |
63396239363061396661613230633838313531333466643361316566653462393233306330316537 | |
3764363330303165360a336639396363323432613338306365653936356362356266396462663533 | |
3763 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: localhost | |
gather_facts: false | |
tasks: | |
- debug: var=login | |
- debug: var=password |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Remember: vault-id is demo, password is demo | |
# You can call the playbook with either of below commands | |
$ ansible-playbook --ask-vault-pass -i inventories/dummy.yml dummy_test.yml | |
# OR | |
$ ansible-playbook --vault-id demo@prompt -i inventories/dummy.yml dummy_test.yml | |
# Which gives | |
Vault password (demo): [<- entered vault password here] | |
PLAY [localhost] ******************************************************************************************************************************************************************************* | |
TASK [debug] *********************************************************************************************************************************************************************************** | |
ok: [localhost] => { | |
"login": "someuser" | |
} | |
TASK [debug] *********************************************************************************************************************************************************************************** | |
ok: [localhost] => { | |
"password": "somepassword" | |
} | |
PLAY RECAP ************************************************************************************************************************************************************************************* | |
localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment