Using lookups to fill dynamic inventory parameters

Get Help
1

Hello,

I am trying to create an inventory plugin that gets info from a Windows server by running a powershell script on it.

I have the basic script running, passing the server, user, and password as parameters to the inventory source script:

---
plugin: my_plugin
server: myserver
user: myuser
password: SuperSecretPassword

This works, and the inventory is created and populated successfully.

Unfortunately, the account that I need to use has a password that is randomly changed to a new password every few hours. So after a few hours, this inventory stops working.

I can get the correct password with a lookup plugin, but I have been unable to find how you can add this lookup call to the inventory source. If I add a {{ lookup('myplugin', 'user') }} to the inventory, the password used is that literal text.

So how do I add a password that’s evaluated at run time to an inventory source?

Joost

2

So how do I add a password that’s evaluated at run time to an inventory source?

As the user of the plugin, you cannot, unless the plugin explicitly handles templating for that option. Some inventory plugins I know explicitly allow templating for certain fields such as username and password - but not all do.

Fortunately you’re writing that inventory plugin yourself, so you can fix this :wink: You can see an example of how to do this here: community.general/plugins/inventory/linode.py at bc99432f893e0efcb141f660e272bebf8ccc6710 · ansible-collections/community.general · GitHub

1 Like
3

Thank you, this seems to work:

        if self.templar.is_template(windows_user:=self.get_option('windows_user')):
            windows_user = self.templar.template(variable=windows_user, disable_lookups=False)
        if self.templar.is_template(windows_password:= self.get_option('windows_password')):
            windows_password = self.templar.template(variable=windows_password, disable_lookups=False)