1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

linode: Allow templating token for dynamic inventory (#4040)

* linode: Allow templating token for dynamic inventory

Template the value for the access_token if it's a Jinja template.

Allows for looking up tokens from files or pulling from secrets stores like Vault.

* add Linode changelog fragment

* Fix lookup example for newer versions of Ansible

Co-authored-by: Felix Fontein <felix@fontein.de>

* Rename test case for clarity

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Will Hegedus 2022-01-30 16:16:59 -05:00 committed by GitHub
parent 84124224ae
commit f77a1114fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 19 additions and 4 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- linode inventory plugin - allow templating of ``access_token`` variable in Linode inventory plugin (https://github.com/ansible-collections/community.general/pull/4040).

View file

@ -66,6 +66,12 @@ EXAMPLES = r'''
# Minimal example. `LINODE_ACCESS_TOKEN` is exposed in environment.
plugin: community.general.linode
# You can use Jinja to template the access token.
plugin: community.general.linode
access_token: "{{ lookup('ini', 'token', section='your_username', file='~/.config/linode-cli') }}"
# For older Ansible versions, you need to write this as:
# access_token: "{{ lookup('ini', 'token section=your_username file=~/.config/linode-cli') }}"
# Example with regions, types, groups and access token
plugin: community.general.linode
access_token: foobar
@ -105,6 +111,7 @@ import os
from ansible.errors import AnsibleError, AnsibleParserError
from ansible.module_utils.six import string_types
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
from ansible.template import Templar
try:
@ -119,10 +126,14 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
NAME = 'community.general.linode'
def _build_client(self):
def _build_client(self, loader):
"""Build the Linode client."""
t = Templar(loader=loader)
access_token = self.get_option('access_token')
if t.is_template(access_token):
access_token = t.template(variable=access_token, disable_lookups=False)
if access_token is None:
try:
@ -287,7 +298,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
raise AnsibleError('the Linode dynamic inventory plugin requires linode_api4.')
config_data = self._read_config_data(path)
self._build_client()
self._build_client(loader)
self._get_instances_inventory()

View file

@ -31,6 +31,7 @@ mandatory_py_version = pytest.mark.skipif(
from ansible.errors import AnsibleError, AnsibleParserError
from ansible.parsing.dataloader import DataLoader
from ansible_collections.community.general.plugins.inventory.linode import InventoryModule
@ -39,10 +40,11 @@ def inventory():
return InventoryModule()
def test_access_token_lookup(inventory):
def test_missing_access_token_lookup(inventory):
loader = DataLoader()
inventory._options = {'access_token': None}
with pytest.raises(AnsibleError) as error_message:
inventory._build_client()
inventory._build_client(loader)
assert 'Could not retrieve Linode access token' in error_message