feat(playbook): add support for SSH password prompt
Introduced a `--ask-pass` argument to prompt for the SSH password, using the same password as the become password when provided. This allows secure SSH connections without pre-stored credentials, enhancing security and flexibility in multi-user environments.
This commit is contained in:
parent
40b130aae6
commit
519c84e7f3
GPG key ID:
ECBCC9082395383F
1 changed files with 12 additions and 1 deletions
13
playbook.py
13
playbook.py
|
|
@ -17,6 +17,12 @@ def parse_arguments():
|
|||
default="inventory.yml",
|
||||
help="The path to the inventory file.",
|
||||
)
|
||||
parser.add_argument(
|
||||
"-k",
|
||||
"--ask-pass",
|
||||
action="store_true",
|
||||
help="Use become password as SSH password",
|
||||
)
|
||||
return parser.parse_args()
|
||||
|
||||
|
||||
|
|
@ -61,7 +67,12 @@ def main():
|
|||
become_pass = getpass(f"Enter become password for {host}: ")
|
||||
|
||||
# Use JSON to safely pass the become password as an extra var
|
||||
extra_vars = json.dumps({"ansible_become_pass": become_pass})
|
||||
raw_vars = {"ansible_become_pass": become_pass}
|
||||
|
||||
if args.ask_pass:
|
||||
raw_vars["ansible_ssh_pass"] = become_pass
|
||||
|
||||
extra_vars = json.dumps(raw_vars)
|
||||
|
||||
# Execute Ansible playbook for each host
|
||||
subprocess.run(
|
||||
|
|
|
|||
Loading…
Reference in a new issue