mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
linode: Allow templating token for dynamic inventory (#4040)
* linode: Allow templating token for dynamic inventory Template the value for the access_token if it's a Jinja template. Allows for looking up tokens from files or pulling from secrets stores like Vault. * add Linode changelog fragment * Fix lookup example for newer versions of Ansible Co-authored-by: Felix Fontein <felix@fontein.de> * Rename test case for clarity Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
84124224ae
commit
f77a1114fb
3 changed files with 19 additions and 4 deletions
2
changelogs/fragments/4040-linode-token-templating.yaml
Normal file
2
changelogs/fragments/4040-linode-token-templating.yaml
Normal file
|
@ -0,0 +1,2 @@
|
|||
minor_changes:
|
||||
- linode inventory plugin - allow templating of ``access_token`` variable in Linode inventory plugin (https://github.com/ansible-collections/community.general/pull/4040).
|
|
@ -66,6 +66,12 @@ EXAMPLES = r'''
|
|||
# Minimal example. `LINODE_ACCESS_TOKEN` is exposed in environment.
|
||||
plugin: community.general.linode
|
||||
|
||||
# You can use Jinja to template the access token.
|
||||
plugin: community.general.linode
|
||||
access_token: "{{ lookup('ini', 'token', section='your_username', file='~/.config/linode-cli') }}"
|
||||
# For older Ansible versions, you need to write this as:
|
||||
# access_token: "{{ lookup('ini', 'token section=your_username file=~/.config/linode-cli') }}"
|
||||
|
||||
# Example with regions, types, groups and access token
|
||||
plugin: community.general.linode
|
||||
access_token: foobar
|
||||
|
@ -105,6 +111,7 @@ import os
|
|||
from ansible.errors import AnsibleError, AnsibleParserError
|
||||
from ansible.module_utils.six import string_types
|
||||
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
|
||||
from ansible.template import Templar
|
||||
|
||||
|
||||
try:
|
||||
|
@ -119,10 +126,14 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
|
|||
|
||||
NAME = 'community.general.linode'
|
||||
|
||||
def _build_client(self):
|
||||
def _build_client(self, loader):
|
||||
"""Build the Linode client."""
|
||||
|
||||
t = Templar(loader=loader)
|
||||
|
||||
access_token = self.get_option('access_token')
|
||||
if t.is_template(access_token):
|
||||
access_token = t.template(variable=access_token, disable_lookups=False)
|
||||
|
||||
if access_token is None:
|
||||
try:
|
||||
|
@ -287,7 +298,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
|
|||
raise AnsibleError('the Linode dynamic inventory plugin requires linode_api4.')
|
||||
|
||||
config_data = self._read_config_data(path)
|
||||
self._build_client()
|
||||
self._build_client(loader)
|
||||
|
||||
self._get_instances_inventory()
|
||||
|
||||
|
|
|
@ -31,6 +31,7 @@ mandatory_py_version = pytest.mark.skipif(
|
|||
|
||||
|
||||
from ansible.errors import AnsibleError, AnsibleParserError
|
||||
from ansible.parsing.dataloader import DataLoader
|
||||
from ansible_collections.community.general.plugins.inventory.linode import InventoryModule
|
||||
|
||||
|
||||
|
@ -39,10 +40,11 @@ def inventory():
|
|||
return InventoryModule()
|
||||
|
||||
|
||||
def test_access_token_lookup(inventory):
|
||||
def test_missing_access_token_lookup(inventory):
|
||||
loader = DataLoader()
|
||||
inventory._options = {'access_token': None}
|
||||
with pytest.raises(AnsibleError) as error_message:
|
||||
inventory._build_client()
|
||||
inventory._build_client(loader)
|
||||
assert 'Could not retrieve Linode access token' in error_message
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue