zeitounator/0-inventory_plugins.dummy.py

## 0-inventory_plugins.dummy.py
# Note: real path is inventory_plugins/dummy.py (adjacent to playbook)
from ansible.plugins.inventory import BaseInventoryPlugin

DOCUMENTATION = """
    name: dummy
    author: Olvier Clavel (@zeitounator)
    short_description: Dummy inventory demo plugin for https://stackoverflow.com/questions/66820243
    description:
        - This is an inventory plugin for pure demo and test.
        - Do not use in production.
        - Originally written to answer the following StackOverflow question:
        - https://stackoverflow.com/questions/66820243."
    options:
        plugin:
            description: token that ensures this is a source file for the 'dummy' plugin.
            required: True
            choices: ['dummy']
        dummy_login:
            description:
                - login used by our inventory plugin if provided as is.
                - note: can be an ansible-vault encrypted string.
            type: string
            required: True
        dummy_password:
            description:
                - password used by our inventory plugin if provided as is
                - note: can be an ansible-vault encrypted string
            type: string
            required: True
"""


class InventoryModule(BaseInventoryPlugin):

    NAME = 'dummy'  # used internally by Ansible, it should match the file name but not required

    def verify_file(self, path):
        """ return true/false if this is possibly a valid file for this plugin to consume """
        valid = False
        if super(InventoryModule, self).verify_file(path):
            # base class verifies that file exists and is readable by current user
            if path.endswith(('dummy.yaml', 'dummy.yml')):
                valid = True
        return valid

    def parse(self, inventory, loader, path, cache=True):
        # call base method to ensure properties are available for use with other helper methods
        super(InventoryModule, self).parse(inventory, loader, path, cache)

        # this method will parse 'common format' inventory sources and
        # update any options declared in DOCUMENTATION as needed
        config = self._read_config_data(path)

        # Simply add a localhost and login/password vars from config file
        # to see it "works". In real world, you would use that to connect to your db
        self.inventory.add_host('localhost')
        self.inventory.set_variable('localhost', 'login', self.get_option('dummy_login'))
        self.inventory.set_variable('localhost', 'password', self.get_option('dummy_password'))


## 1-inventories.dummy.yml
---
# Note1: real path is inventories/dummy.yml (adjacent to playbook)
# Note2: vault id used for encryption: demo - with password: demo
# Note3: howt to create
# ansible-vault encrypt_string --vault-id demo@prompt --encrypt-vault-id demo "some value to encrypt"
# See the ansible-vault documentation for more details.
plugin: dummy
dummy_login: !vault |
  $ANSIBLE_VAULT;1.2;AES256;demo
  31663861623630346430326134333861626638386338343962336637663635643364383932623161
  3037613663663331633438613437343762636131636238340a666461326232363235626638376235
  64623236633962393136386332316233386235343535316566313733306431636239323164346637
  3739383266616166330a623836386637393266343866333739323537316562623132393162616438
  6338
dummy_password: !vault |
  $ANSIBLE_VAULT;1.2;AES256;demo
  62366163333635633630383632653034656162303139356563653832363736623762393663653437
  6535666463356164353237653861313438323866386163350a373238383332666535356133346663
  63396239363061396661613230633838313531333466643361316566653462393233306330316537
  3764363330303165360a336639396363323432613338306365653936356362356266396462663533
  3763

## 3-dummy_test.yml
---
- hosts: localhost
  gather_facts: false

  tasks:
    - debug: var=login
    - debug: var=password

## 4-session.txt
# Remember: vault-id is demo, password is demo

# You can call the playbook with either of below commands
$ ansible-playbook --ask-vault-pass -i inventories/dummy.yml dummy_test.yml
# OR
$ ansible-playbook --vault-id demo@prompt -i inventories/dummy.yml dummy_test.yml

# Which gives
Vault password (demo): [<- entered vault password here]

PLAY [localhost] *******************************************************************************************************************************************************************************

TASK [debug] ***********************************************************************************************************************************************************************************
ok: [localhost] => {
    "login": "someuser"
}

TASK [debug] ***********************************************************************************************************************************************************************************
ok: [localhost] => {
    "password": "somepassword"
}

PLAY RECAP *************************************************************************************************************************************************************************************
localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	# Note: real path is inventory_plugins/dummy.py (adjacent to playbook)
	from ansible.plugins.inventory import BaseInventoryPlugin

	DOCUMENTATION = """
	name: dummy
	author: Olvier Clavel (@zeitounator)
	short_description: Dummy inventory demo plugin for https://stackoverflow.com/questions/66820243
	description:
	- This is an inventory plugin for pure demo and test.
	- Do not use in production.
	- Originally written to answer the following StackOverflow question:
	- https://stackoverflow.com/questions/66820243."
	options:
	plugin:
	description: token that ensures this is a source file for the 'dummy' plugin.
	required: True
	choices: ['dummy']
	dummy_login:
	description:
	- login used by our inventory plugin if provided as is.
	- note: can be an ansible-vault encrypted string.
	type: string
	required: True
	dummy_password:
	description:
	- password used by our inventory plugin if provided as is
	- note: can be an ansible-vault encrypted string
	type: string
	required: True
	"""


	class InventoryModule(BaseInventoryPlugin):

	NAME = 'dummy' # used internally by Ansible, it should match the file name but not required

	def verify_file(self, path):
	""" return true/false if this is possibly a valid file for this plugin to consume """
	valid = False
	if super(InventoryModule, self).verify_file(path):
	# base class verifies that file exists and is readable by current user
	if path.endswith(('dummy.yaml', 'dummy.yml')):
	valid = True
	return valid

	def parse(self, inventory, loader, path, cache=True):
	# call base method to ensure properties are available for use with other helper methods
	super(InventoryModule, self).parse(inventory, loader, path, cache)

	# this method will parse 'common format' inventory sources and
	# update any options declared in DOCUMENTATION as needed
	config = self._read_config_data(path)

	# Simply add a localhost and login/password vars from config file
	# to see it "works". In real world, you would use that to connect to your db
	self.inventory.add_host('localhost')
	self.inventory.set_variable('localhost', 'login', self.get_option('dummy_login'))
	self.inventory.set_variable('localhost', 'password', self.get_option('dummy_password'))
	---
	# Note1: real path is inventories/dummy.yml (adjacent to playbook)
	# Note2: vault id used for encryption: demo - with password: demo
	# Note3: howt to create
	# ansible-vault encrypt_string --vault-id demo@prompt --encrypt-vault-id demo "some value to encrypt"
	# See the ansible-vault documentation for more details.
	plugin: dummy
	dummy_login: !vault \|
	$ANSIBLE_VAULT;1.2;AES256;demo
	31663861623630346430326134333861626638386338343962336637663635643364383932623161
	3037613663663331633438613437343762636131636238340a666461326232363235626638376235
	64623236633962393136386332316233386235343535316566313733306431636239323164346637
	3739383266616166330a623836386637393266343866333739323537316562623132393162616438
	6338
	dummy_password: !vault \|
	$ANSIBLE_VAULT;1.2;AES256;demo
	62366163333635633630383632653034656162303139356563653832363736623762393663653437
	6535666463356164353237653861313438323866386163350a373238383332666535356133346663
	63396239363061396661613230633838313531333466643361316566653462393233306330316537
	3764363330303165360a336639396363323432613338306365653936356362356266396462663533
	3763
	---
	- hosts: localhost
	gather_facts: false

	tasks:
	- debug: var=login
	- debug: var=password
	# Remember: vault-id is demo, password is demo

	# You can call the playbook with either of below commands
	$ ansible-playbook --ask-vault-pass -i inventories/dummy.yml dummy_test.yml
	# OR
	$ ansible-playbook --vault-id demo@prompt -i inventories/dummy.yml dummy_test.yml

	# Which gives
	Vault password (demo): [<- entered vault password here]

	PLAY [localhost] *******************************************************************************************************************************************************************************

	TASK [debug] ***********************************************************************************************************************************************************************************
	ok: [localhost] => {
	"login": "someuser"
	}

	TASK [debug] ***********************************************************************************************************************************************************************************
	ok: [localhost] => {
	"password": "somepassword"
	}

	PLAY RECAP *************************************************************************************************************************************************************************************
	localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0