是的,您可以通过在 Ansible Tower 上使用“ Ansible Tower ”凭证类型保存您的凭证来实现这一点。
从 Ansible Tower UI 中,转至 Credentials -> New Credential,然后选择凭证类型“Ansible Tower”
此凭证类型需要三个输入,即主机名、用户名和密码。保存凭据并将其作为凭据添加到作业模板后,您可以从 Playbook 中调用它们,如下所示:
---
- name: Trigger an Atower API
hosts: localhost
connection: local
vars:
tower_host: '{{ lookup("env", "TOWER_HOST") }}'
tower_username: '{{ lookup("env", "TOWER_USERNAME") }}'
tower_password: '{{ lookup("env", "TOWER_PASSWORD") }}'
tasks:
- name: Some tasks that can be achieved through "{{ apiEndpoint }}"
uri:
url: "{{ tower_host }}{{ apiEndpoint }}"
method: GET
url_username: "{{ tower_username }}"
url_password: "{{ tower_password }}"
force_basic_auth: yes
validate_certs: False
register: output
顺便说一句,在为这种情况寻找正确的注入值时,我还发现了针对不同凭证类型的其他值。您可以在这里获取它们:
vars:
machine:
username: '{{ ansible_user }}'
password: '{{ ansible_password }}'
network:
username: '{{ lookup("env", "ANSIBLE_NET_USERNAME") }}'
password: '{{ lookup("env", "ANSIBLE_NET_PASSWORD") }}'
aws:
access_key: '{{ lookup("env", "AWS_ACCESS_KEY_ID") }}'
secret_key: '{{ lookup("env", "AWS_SECRET_ACCESS_KEY") }}'
security_token: '{{ lookup("env", "AWS_SECURITY_TOKEN") }}'
vmware:
host: '{{ lookup("env", "VMWARE_HOST") }}'
username: '{{ lookup("env", "VMWARE_USER") }}'
password: '{{ lookup("env", "VMWARE_PASSWORD") }}'
gce:
email: '{{ lookup("env", "GCE_EMAIL") }}'
project: '{{ lookup("env", "GCE_PROJECT") }}'
azure:
client_id: '{{ lookup("env", "AZURE_CLIENT_ID") }}'
secret: '{{ lookup("env", "AZURE_SECRET") }}'
tenant: '{{ lookup("env", "AZURE_TENANT") }}'
subscription_id: '{{ lookup("env", "AZURE_SUBSCRIPTION_ID") }}'
rhev:
ovirt_url: '{{ lookup("env", "OVIRT_URL") }}'
ovirt_username: '{{ lookup("env", "OVIRT_USERNAME") }}'
ovirt_password: '{{ lookup("env", "OVIRT_PASSWORD") }}'
最后,如果您想对您的剧本进行更灵活的注入,您可以检查此链接:
| 归档时间: |
|
| 查看次数: |
15891 次 |
| 最近记录: |