diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
| commit | 975f66f2eebe9dadba04f275774d4ab83f74cf25 (patch) | |
| tree | 89bd26a93aaae6a25749145b7e4bca4a1e75b2be /ansible_collections/community/general/plugins/lookup/keyring.py | |
| parent | Initial commit. (diff) | |
| download | ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.tar.xz ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.zip | |
Adding upstream version 7.7.0+dfsg.upstream/7.7.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/community/general/plugins/lookup/keyring.py')
| -rw-r--r-- | ansible_collections/community/general/plugins/lookup/keyring.py | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/ansible_collections/community/general/plugins/lookup/keyring.py b/ansible_collections/community/general/plugins/lookup/keyring.py new file mode 100644 index 000000000..a4c914ed1 --- /dev/null +++ b/ansible_collections/community/general/plugins/lookup/keyring.py @@ -0,0 +1,73 @@ +# -*- coding: utf-8 -*- +# Copyright (c) 2016, Samuel Boucher <boucher.samuel.c@gmail.com> +# Copyright (c) 2017 Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + +DOCUMENTATION = ''' + name: keyring + author: + - Samuel Boucher (!UNKNOWN) <boucher.samuel.c@gmail.com> + requirements: + - keyring (python library) + short_description: grab secrets from the OS keyring + description: + - Allows you to access data stored in the OS provided keyring/keychain. +''' + +EXAMPLES = """ +- name: output secrets to screen (BAD IDEA) + ansible.builtin.debug: + msg: "Password: {{item}}" + with_community.general.keyring: + - 'servicename username' + +- name: access mysql with password from keyring + community.mysql.mysql_db: + login_password: "{{ lookup('community.general.keyring', 'mysql joe') }}" + login_user: joe +""" + +RETURN = """ + _raw: + description: Secrets stored. + type: list + elements: str +""" + +HAS_KEYRING = True + +from ansible.errors import AnsibleError +from ansible.utils.display import Display + +try: + import keyring +except ImportError: + HAS_KEYRING = False + +from ansible.plugins.lookup import LookupBase + +display = Display() + + +class LookupModule(LookupBase): + + def run(self, terms, variables=None, **kwargs): + if not HAS_KEYRING: + raise AnsibleError(u"Can't LOOKUP(keyring): missing required python library 'keyring'") + + self.set_options(var_options=variables, direct=kwargs) + + display.vvvv(u"keyring: %s" % keyring.get_keyring()) + ret = [] + for term in terms: + (servicename, username) = (term.split()[0], term.split()[1]) + display.vvvv(u"username: %s, servicename: %s " % (username, servicename)) + password = keyring.get_password(servicename, username) + if password is None: + raise AnsibleError(u"servicename: %s for user %s not found" % (servicename, username)) + ret.append(password.rstrip()) + return ret |