feat(playbook): add support for SSH password prompt
Introduced a `--ask-pass` argument to prompt for the SSH password, using the same password as the become password when provided. This allows secure SSH connections without pre-stored credentials, enhancing security and flexibility in multi-user environments.
This commit is contained in:
parent
40b130aae6
commit
519c84e7f3
GPG key ID:
ECBCC9082395383F
1 changed files with 12 additions and 1 deletions
13
playbook.py
13
playbook.py
|
|
@ -17,6 +17,12 @@ def parse_arguments():
|
||||||
default="inventory.yml",
|
default="inventory.yml",
|
||||||
help="The path to the inventory file.",
|
help="The path to the inventory file.",
|
||||||
)
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"-k",
|
||||||
|
"--ask-pass",
|
||||||
|
action="store_true",
|
||||||
|
help="Use become password as SSH password",
|
||||||
|
)
|
||||||
return parser.parse_args()
|
return parser.parse_args()
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -61,7 +67,12 @@ def main():
|
||||||
become_pass = getpass(f"Enter become password for {host}: ")
|
become_pass = getpass(f"Enter become password for {host}: ")
|
||||||
|
|
||||||
# Use JSON to safely pass the become password as an extra var
|
# Use JSON to safely pass the become password as an extra var
|
||||||
extra_vars = json.dumps({"ansible_become_pass": become_pass})
|
raw_vars = {"ansible_become_pass": become_pass}
|
||||||
|
|
||||||
|
if args.ask_pass:
|
||||||
|
raw_vars["ansible_ssh_pass"] = become_pass
|
||||||
|
|
||||||
|
extra_vars = json.dumps(raw_vars)
|
||||||
|
|
||||||
# Execute Ansible playbook for each host
|
# Execute Ansible playbook for each host
|
||||||
subprocess.run(
|
subprocess.run(
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue