Hi,

I am using ansible-playbook at a script and passing password to t. Below is how i used it:

run.sh

#!/bin/bash

…

/bin/expect <<- DONE
spawn ansible-playbook -i $1 $2 -u $Username -k --become-user root --become-method sudo --become
expect "SSH password: "
send “$Password\r”
expect eof
DONE

$ bash run.sh test.txt test/playbook.yml

cat cyberark.txt

[all]
FOO01
FOO02
FOO03
FOO04
FOO05

bash run.sh foo.txt test/playbook.yml

spawn ansible-playbook -i test.txt foo/playbook.yml -u testuser -k --become-user root --become-method sudo --become
SSH password:

PLAY [Swap operations] *********************************************************

TASK [setup] *******************************************************************
ok: [FOO01]

TASK [swap_ops : swapoff] ******************************************************
changed: [FOO01]

TASK [swap_ops : swapon] *******************************************************
changed: [FOO01]

PLAY [Swap operations] *********************************************************

TASK [setup] *******************************************************************
ok: [FOO02]

TASK [swap_ops : swapoff] ******************************************************
changed: [FOO02]

TASK [swap_ops : swapon] *******************************************************
changed: [FOO02]

PLAY [Swap operations] *********************************************************

TASK [setup] *******************************************************************
ok: [FOO03]

TASK [swap_ops : swapoff] ******************************************************

Any idea why the playbook is ended at the 3rd one? when i use a inventory with two hosts, everything is fine. When the number of hosts in inventory increases, ansible is ending at some hosts.

It may be because of spawn usage. Any solution will be appreciated.

Ansible has tty detection which controls it's prompt behaviour, that
might be affecting your playbook.

So what do you suggest?

Any other method to enter password at a bash script?

You can set the ansible_ssh_pass variable, preferably in inventory.

The password is being gathered by a curl command so it is dynamic. Is there a way to set ssh_pass variable dynamic? Like something to get from an environment variable?

use a lookup?

Great tip.

Here is my folder structure:

group_vars/all

some_playbook/playbook.yml

inventory_file

$ ansible-playbook -i inventory_file some_playbook/playbook.yml --become-user root --become-method sudo --become

cat group_vars/all

Hi,

The lookup method sounds more Ansible way. timeout -1 solved the issue by the way. But i would like to solve the lookup problem also.

There is a default time out value for expect. That’s why its timing out. To disable the timeout, we are setting as -1. I don’t think its ansible issue.

Instead of using expect, setting the ansible_ssh_pass is another solution. Instead of running ansible-playbook inside a script, i can directly use it and it may get the ssh password from group_vars variable. I couldn’t make it, thats what i am trying to do now.

Great tip.

Here is my folder structure:

group_vars/all

some_playbook/playbook.yml

inventory_file

$ ansible-playbook -i inventory_file some_playbook/playbook.yml
--become-user root --become-method sudo --become

If you are logging in as root you don't need become to root.

# cat group_vars/all
---
ansible_ssh_pass: "{{lookup('pipe', '/usr/local/bin/passwordrelease',
allow_unsafe=True)}}"
ansible_user: root
ansible_connection: ssh

/usr/local/bin/passwordrelease is echoing the password

This didn't work. When i check with -vvvvv i can see it is trying to
connect via root but, i got authentication error.
Any idea?

If the password is correct this should work.
So is the passwword correct?
Make sure your script add a new line at the end.