Inject credentials to playbook

Archives AWX Project
1

Hi All

I have followed the instructions here: https://www.ansible.com/blog/ansible-tower-feature-spotlight-custom-credentials

on my template I have added the extra vars:

extra_vars:
AD_Admin_password: ‘{{ password }}’
AD_Admin_username: ‘{{ username }}’

but when I run the playbook I get:

{
“msg”: “The task includes an option with an undefined variable. The error was: ‘AD_Admin_username’ is undefined\n\nThe error appears to have been in ‘/var/lib/awx/projects/_8__ad_realm/realm_dev_env.yml’: line 33, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: Join system to AD and add the computer object in the Linux OU\n ^ here\n”,
“_ansible_no_log”: false
}

any idea why the credentials aren’t getting passed to the playbook?

  • name: Join system to AD and add the computer object in the Linux OU
    expect:
    command: /usr/sbin/realm join domain.com --user=‘{{ AD_Admin_username }}’ --computer-ou=“OU=Linux,OU=Servers,OU=Machines,DC=domain,DC=com”
    responses:
    Password for *: ‘{{ AD_Admin_password }}’
2

I have been stuck with this few days back

Steps that worked for me:

Create custom credentials
Attach those credential to your playbook template
Use the keys from the credentials in your playbook

3

Can you post the contents of your custom credential? Like the injectors, etc.

4

input configuration:

fields:

  • id: username
    type: string
    label: AD Admin username
  • id: password
    type: string
    label: AD Admin password
    secret: true
    required:
  • username
  • password

injector configuration:

extra_vars:
AD_Admin_password: ‘{{ password }}’
AD_Admin_username: ‘{{ username }}’

Should I be defining the variable somewhere in the playbook or should putting the extra vars on the template be enough?

5

Your custom credential looks about right… I think there’s just a misunderstanding about using it. You wrote:

on my template I have added the extra vars:

extra_vars:
AD_Admin_password: ‘{{ password }}’
AD_Admin_username: ‘{{ username }}’

Instead of adding the vars to the template, you need to create a credential of the custom credential type you’re defining and add that credential to the template.