Merge branch 'main' into develop
This commit is contained in:
commit
a65f8de44e
17
README.md
17
README.md
|
@ -1,6 +1,6 @@
|
|||
# Ansible KeePass Lookup Plugin
|
||||
|
||||
The plugin allows to read data from KeePass file (modifying is not supported)
|
||||
This collection provides a plugin that allows to read data from KeePass file (modifying is not supported)
|
||||
|
||||
## How it works
|
||||
|
||||
|
@ -12,11 +12,10 @@ The UNIX socket file is stored in a temporary folder according to OS.
|
|||
|
||||
## Installation
|
||||
|
||||
Requirements: `python 3`, `pykeepass==4.0.2`
|
||||
Requirements: `python 3`, `pykeepass==4.0.3`
|
||||
|
||||
pip install 'pykeepass==4.0.2' --user
|
||||
mkdir -p ~/.ansible/plugins/lookup && cd "$_"
|
||||
curl https://raw.githubusercontent.com/viczem/ansible-keepass/main/keepass.py -o ./keepass.py
|
||||
pip install 'pykeepass==4.0.3' --user
|
||||
ansible-galaxy collection install viczem.keepass
|
||||
|
||||
|
||||
## Variables
|
||||
|
@ -44,8 +43,8 @@ Use `ansible-vault encrypt_string` to encrypt it and use it like below
|
|||
|
||||
### Example
|
||||
|
||||
ansible_user : "{{ lookup('keepass', 'path/to/entry', 'username') }}"
|
||||
ansible_become_pass : "{{ lookup('keepass', 'path/to/entry', 'password') }}"
|
||||
ansible_custom_field : "{{ lookup('keepass', 'path/to/entry', 'custom_properties', 'a_custom_property_name') }}"
|
||||
ansible_user : "{{ lookup('viczem.keepass.keepass', 'path/to/entry', 'username') }}"
|
||||
ansible_become_pass : "{{ lookup('viczem.keepass.keepass', 'path/to/entry', 'password') }}"
|
||||
ansible_custom_field : "{{ lookup('viczem.keepass.keepass', 'path/to/entry', 'custom_properties', 'a_custom_property_name') }}"
|
||||
|
||||
More examples see in [/examples](/examples).
|
||||
More examples see in [/doc/examples](/doc/examples).
|
||||
|
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
- name: Example
|
||||
hosts: 127.0.0.1
|
||||
connection: local
|
||||
vars:
|
||||
spam_login: "{{ lookup('viczem.keepass.keepass', 'spam', 'username') }}"
|
||||
spam_password: "{{ lookup('viczem.keepass.keepass', 'spam', 'password') }}"
|
||||
ham_login: "{{ lookup('viczem.keepass.keepass', 'example/ham', 'username') }}"
|
||||
ham_password: "{{ lookup('viczem.keepass.keepass', 'example/ham', 'password') }}"
|
||||
slash_login: "{{ lookup('viczem.keepass.keepass', 'slash\\/group/slash\\/title', 'username') }}"
|
||||
slash_url: "{{ lookup('viczem.keepass.keepass', 'slash\\/group/slash\\/title', 'url') }}"
|
||||
pork_custom_property: "{{ lookup('viczem.keepass.keepass', 'example/pork', 'custom_properties', 'pork_custom_property')}}"
|
||||
|
||||
|
||||
tasks:
|
||||
- debug:
|
||||
msg: "fetch entry: '/spam'; username: '{{ spam_login }}'; password: '{{ spam_password }}'"
|
||||
|
||||
- debug:
|
||||
msg: "fetch entry: '/examples/ham'; username: '{{ ham_login }}'; password: '{{ ham_password }}'"
|
||||
|
||||
- name: pause to emulate long time operation (greater than keepass_ttl)
|
||||
pause:
|
||||
seconds: 5
|
||||
|
||||
- debug:
|
||||
msg: "fetch entry: '/examples/pork'; custom_properties: 'pork_custom_property' - '{{ pork_custom_property }}'"
|
||||
|
||||
- debug:
|
||||
msg: "fetch entry: '/slash\\/group/slash\\/title'; username: '{{ slash_login }}'; url: '{{ slash_url }}'"
|
||||
|
||||
- debug: "{{ lookup('viczem.keepass.keepass', 'close') }}"
|
Binary file not shown.
|
@ -1,32 +0,0 @@
|
|||
---
|
||||
- name: Example
|
||||
hosts: 127.0.0.1
|
||||
connection: local
|
||||
vars:
|
||||
spam_login: "{{ lookup('keepass', 'spam', 'username') }}"
|
||||
spam_password: "{{ lookup('keepass', 'spam', 'password') }}"
|
||||
ham_login: "{{ lookup('keepass', 'example/ham', 'username') }}"
|
||||
ham_password: "{{ lookup('keepass', 'example/ham', 'password') }}"
|
||||
slash_login: "{{ lookup('keepass', 'slash\\/group/slash\\/title', 'username') }}"
|
||||
slash_url: "{{ lookup('keepass', 'slash\\/group/slash\\/title', 'url') }}"
|
||||
pork_custom_property: "{{ lookup('keepass', 'example/pork', 'custom_properties', 'pork_custom_property')}}"
|
||||
|
||||
|
||||
tasks:
|
||||
- debug:
|
||||
msg: "fetch entry: '/spam'; username: '{{ spam_login }}'; password: '{{ spam_password }}'"
|
||||
|
||||
- debug:
|
||||
msg: "fetch entry: '/examples/ham'; username: '{{ ham_login }}'; password: '{{ ham_password }}'"
|
||||
|
||||
- name: pause to emulate long time operation (greater than keepass_ttl)
|
||||
pause:
|
||||
seconds: 5
|
||||
|
||||
- debug:
|
||||
msg: "fetch entry: '/examples/pork'; custom_properties: 'pork_custom_property' - '{{ pork_custom_property }}'"
|
||||
|
||||
- debug:
|
||||
msg: "fetch entry: '/slash\\/group/slash\\/title'; username: '{{ slash_login }}'; url: '{{ slash_url }}'"
|
||||
|
||||
- debug: "{{ lookup('keepass', 'close') }}"
|
Binary file not shown.
|
@ -0,0 +1,64 @@
|
|||
### REQUIRED
|
||||
# The namespace of the collection. This can be a company/brand/organization or product namespace under which all
|
||||
# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with
|
||||
# underscores or numbers and cannot contain consecutive underscores
|
||||
namespace: viczem
|
||||
|
||||
# The name of the collection. Has the same character restrictions as 'namespace'
|
||||
name: keepass
|
||||
|
||||
# The version of the collection. Must be compatible with semantic versioning
|
||||
version: 0.5.0
|
||||
|
||||
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
|
||||
readme: README.md
|
||||
|
||||
# A list of the collection's content authors. Can be just the name or in the format 'Full Name <email> (url)
|
||||
# @nicks:irc/im.site#channel'
|
||||
authors:
|
||||
- Victor Zemtsov <viczem.dev@gmail.com>
|
||||
|
||||
|
||||
### OPTIONAL but strongly recommended
|
||||
# A short summary description of the collection
|
||||
description: The collection provides a lookup plugin that allow to read data from KeePass file.
|
||||
|
||||
# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
|
||||
# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'
|
||||
license: []
|
||||
|
||||
# The path to the license file for the collection. This path is relative to the root of the collection. This key is
|
||||
# mutually exclusive with 'license'
|
||||
license_file: 'LICENSE'
|
||||
|
||||
# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
|
||||
# requirements as 'namespace' and 'name'
|
||||
tags:
|
||||
- keepass
|
||||
- lookup
|
||||
- plugin
|
||||
|
||||
# Collections that this collection requires to be installed for it to be usable. The key of the dict is the
|
||||
# collection label 'namespace.name'. The value is a version range
|
||||
# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
|
||||
# range specifiers can be set and are separated by ','
|
||||
dependencies: {}
|
||||
|
||||
# The URL of the originating SCM repository
|
||||
repository: https://github.com/viczem/ansible-keepass
|
||||
|
||||
# The URL to any online docs
|
||||
documentation: https://github.com/viczem/ansible-keepass/blob/main/doc
|
||||
|
||||
# The URL to the homepage of the collection/project
|
||||
homepage: https://github.com/viczem/ansible-keepass
|
||||
|
||||
# The URL to the collection issue tracker
|
||||
issues: https://github.com/viczem/ansible-keepass/issues
|
||||
|
||||
# A list of file glob-like patterns used to filter any files or directories that should not be included in the build
|
||||
# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This
|
||||
# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
|
||||
# and '.git' are always filtered
|
||||
build_ignore: []
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
requires_ansible: ">=2.10"
|
||||
|
|
@ -21,24 +21,24 @@ from pykeepass.exceptions import CredentialsError
|
|||
DOCUMENTATION = """
|
||||
lookup: keepass
|
||||
author: Victor Zemtsov <viczem.dev@gmail.com>
|
||||
version_added: '0.4.1'
|
||||
version_added: '0.5.0'
|
||||
short_description: Fetching data from KeePass file
|
||||
description:
|
||||
- This lookup returns a value of a property of a KeePass entry
|
||||
- This lookup returns a value of a property of a KeePass entry
|
||||
- which fetched by given path
|
||||
options:
|
||||
_terms:
|
||||
description:
|
||||
description:
|
||||
- first is a path to KeePass entry
|
||||
- second is a property name of the entry, e.g. username or password
|
||||
required: True
|
||||
notes:
|
||||
- https://github.com/viczem/ansible-keepass
|
||||
|
||||
|
||||
examples:
|
||||
- "{{ lookup('keepass', 'path/to/entry', 'username') }}"
|
||||
- "{{ lookup('keepass', 'path/to/entry', 'password') }}"
|
||||
- "{{ lookup('keepass', 'path/to/entry', 'custom_properties', 'a_custom_property_name') }}"
|
||||
- "{{ lookup('keepass', 'path/to/entry', 'custom_properties', 'my_prop_name') }}"
|
||||
"""
|
||||
|
||||
display = Display()
|
||||
|
@ -157,13 +157,13 @@ class LookupModule(LookupBase):
|
|||
if resp_len == 0:
|
||||
raise AnsibleError("KeePass: '%s' result is empty" % cmd)
|
||||
|
||||
if resp_len == 3:
|
||||
if resp_len >= 3:
|
||||
if resp[0] != cmd:
|
||||
raise AnsibleError(
|
||||
"KeePass: received command '%s', expected '%s'" % (resp[0], cmd)
|
||||
)
|
||||
if resp[1] == "0":
|
||||
return [resp[2]]
|
||||
return [os.linesep.join(resp[2:])]
|
||||
else:
|
||||
raise AnsibleError("KeePass: '%s' has error '%s'" % (resp[2], cmd))
|
||||
|
||||
|
@ -267,7 +267,7 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
|
|||
|
||||
if entry is None:
|
||||
conn.send(
|
||||
_resp("fetch", 1, "path '%s' is not found".format(path))
|
||||
_resp("fetch", 1, "path '%s' is not found" % path)
|
||||
)
|
||||
break
|
||||
|
||||
|
@ -278,8 +278,7 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
|
|||
_resp(
|
||||
"fetch",
|
||||
1,
|
||||
"custom_property key is not set "
|
||||
"for '%s'".format(arg[0]),
|
||||
"no custom_property key for '%s'" % arg[0],
|
||||
)
|
||||
)
|
||||
break
|
||||
|
@ -290,8 +289,8 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
|
|||
_resp(
|
||||
"fetch",
|
||||
1,
|
||||
"custom_property '%s' is not found "
|
||||
"for '%s'".format(prop_key, path),
|
||||
"custom_property '%s' is not found for '%s'"
|
||||
"" % (prop_key, path),
|
||||
)
|
||||
)
|
||||
break
|
||||
|
@ -309,7 +308,7 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
|
|||
_resp(
|
||||
"fetch",
|
||||
1,
|
||||
"unknown property '%s' for '%s'".format(prop, path),
|
||||
"unknown property '%s' for '%s'" % (prop, path),
|
||||
)
|
||||
)
|
||||
break
|
Loading…
Reference in New Issue