mirrors
/
ansible-keepass
mirror of https://github.com/viczem/ansible-keepass.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into develop

This commit is contained in:
Victor Zemtsov 2022-08-09 15:12:22 +03:00
parent b6a1beab0e e57cd7b6b1
commit a65f8de44e
11 changed files with 121 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.flake8 Normal file
View File

@ -0,0 +1,3 @@
[flake8]
max-line-length = 88
extend-ignore = E203

17
README.md
View File

@ -1,6 +1,6 @@
# Ansible KeePass Lookup Plugin
The plugin allows to read data from KeePass file (modifying is not supported)
This collection provides a plugin that allows to read data from KeePass file (modifying is not supported)
## How it works
@ -12,11 +12,10 @@ The UNIX socket file is stored in a temporary folder according to OS.
## Installation
Requirements: `python 3`, `pykeepass==4.0.2`
Requirements: `python 3`, `pykeepass==4.0.3`
pip install 'pykeepass==4.0.2' --user
mkdir -p ~/.ansible/plugins/lookup && cd "$_"
curl https://raw.githubusercontent.com/viczem/ansible-keepass/main/keepass.py -o ./keepass.py
pip install 'pykeepass==4.0.3' --user
ansible-galaxy collection install viczem.keepass
## Variables
@ -44,8 +43,8 @@ Use `ansible-vault encrypt_string` to encrypt it and use it like below
### Example
ansible_user : "{{ lookup('keepass', 'path/to/entry', 'username') }}"
ansible_become_pass : "{{ lookup('keepass', 'path/to/entry', 'password') }}"
ansible_custom_field : "{{ lookup('keepass', 'path/to/entry', 'custom_properties', 'a_custom_property_name') }}"
ansible_user : "{{ lookup('viczem.keepass.keepass', 'path/to/entry', 'username') }}"
ansible_become_pass : "{{ lookup('viczem.keepass.keepass', 'path/to/entry', 'password') }}"
ansible_custom_field : "{{ lookup('viczem.keepass.keepass', 'path/to/entry', 'custom_properties', 'a_custom_property_name') }}"
More examples see in [/examples](/examples).
More examples see in [/doc/examples](/doc/examples).

0
examples/README.md → doc/examples/README.md
View File

32
doc/examples/example-playbook.yml Normal file
View File

@ -0,0 +1,32 @@
---
- name: Example
hosts: 127.0.0.1
connection: local
vars:
spam_login: "{{ lookup('viczem.keepass.keepass', 'spam', 'username') }}"
spam_password: "{{ lookup('viczem.keepass.keepass', 'spam', 'password') }}"
ham_login: "{{ lookup('viczem.keepass.keepass', 'example/ham', 'username') }}"
ham_password: "{{ lookup('viczem.keepass.keepass', 'example/ham', 'password') }}"
slash_login: "{{ lookup('viczem.keepass.keepass', 'slash\\/group/slash\\/title', 'username') }}"
slash_url: "{{ lookup('viczem.keepass.keepass', 'slash\\/group/slash\\/title', 'url') }}"
pork_custom_property: "{{ lookup('viczem.keepass.keepass', 'example/pork', 'custom_properties', 'pork_custom_property')}}"
tasks:
- debug:
msg: "fetch entry: '/spam'; username: '{{ spam_login }}'; password: '{{ spam_password }}'"
- debug:
msg: "fetch entry: '/examples/ham'; username: '{{ ham_login }}'; password: '{{ ham_password }}'"
- name: pause to emulate long time operation (greater than keepass_ttl)
pause:
seconds: 5
- debug:
msg: "fetch entry: '/examples/pork'; custom_properties: 'pork_custom_property' - '{{ pork_custom_property }}'"
- debug:
msg: "fetch entry: '/slash\\/group/slash\\/title'; username: '{{ slash_login }}'; url: '{{ slash_url }}'"
- debug: "{{ lookup('viczem.keepass.keepass', 'close') }}"

BIN
doc/examples/example.kdbx Normal file
View File

Binary file not shown.

0
examples/group_vars/all → doc/examples/group_vars/all
View File

32
examples/example-playbook.yml
View File

@ -1,32 +0,0 @@
---
- name: Example
hosts: 127.0.0.1
connection: local
vars:
spam_login: "{{ lookup('keepass', 'spam', 'username') }}"
spam_password: "{{ lookup('keepass', 'spam', 'password') }}"
ham_login: "{{ lookup('keepass', 'example/ham', 'username') }}"
ham_password: "{{ lookup('keepass', 'example/ham', 'password') }}"
slash_login: "{{ lookup('keepass', 'slash\\/group/slash\\/title', 'username') }}"
slash_url: "{{ lookup('keepass', 'slash\\/group/slash\\/title', 'url') }}"
pork_custom_property: "{{ lookup('keepass', 'example/pork', 'custom_properties', 'pork_custom_property')}}"
tasks:
- debug:
msg: "fetch entry: '/spam'; username: '{{ spam_login }}'; password: '{{ spam_password }}'"
- debug:
msg: "fetch entry: '/examples/ham'; username: '{{ ham_login }}'; password: '{{ ham_password }}'"
- name: pause to emulate long time operation (greater than keepass_ttl)
pause:
seconds: 5
- debug:
msg: "fetch entry: '/examples/pork'; custom_properties: 'pork_custom_property' - '{{ pork_custom_property }}'"
- debug:
msg: "fetch entry: '/slash\\/group/slash\\/title'; username: '{{ slash_login }}'; url: '{{ slash_url }}'"
- debug: "{{ lookup('keepass', 'close') }}"

BIN
examples/example.kdbx
View File

Binary file not shown.

64
galaxy.yml Normal file
View File

@ -0,0 +1,64 @@
### REQUIRED
# The namespace of the collection. This can be a company/brand/organization or product namespace under which all
# content lives. May only contain alphanumeric lowercase characters and underscores. Namespaces cannot start with
# underscores or numbers and cannot contain consecutive underscores
namespace: viczem
# The name of the collection. Has the same character restrictions as 'namespace'
name: keepass
# The version of the collection. Must be compatible with semantic versioning
version: 0.5.0
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
readme: README.md
# A list of the collection's content authors. Can be just the name or in the format 'Full Name <email> (url)
# @nicks:irc/im.site#channel'
authors:
- Victor Zemtsov <viczem.dev@gmail.com>
### OPTIONAL but strongly recommended
# A short summary description of the collection
description: The collection provides a lookup plugin that allow to read data from KeePass file.
# Either a single license or a list of licenses for content inside of a collection. Ansible Galaxy currently only
# accepts L(SPDX,https://spdx.org/licenses/) licenses. This key is mutually exclusive with 'license_file'
license: []
# The path to the license file for the collection. This path is relative to the root of the collection. This key is
# mutually exclusive with 'license'
license_file: 'LICENSE'
# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
# requirements as 'namespace' and 'name'
tags:
- keepass
- lookup
- plugin
# Collections that this collection requires to be installed for it to be usable. The key of the dict is the
# collection label 'namespace.name'. The value is a version range
# L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
# range specifiers can be set and are separated by ','
dependencies: {}
# The URL of the originating SCM repository
repository: https://github.com/viczem/ansible-keepass
# The URL to any online docs
documentation: https://github.com/viczem/ansible-keepass/blob/main/doc
# The URL to the homepage of the collection/project
homepage: https://github.com/viczem/ansible-keepass
# The URL to the collection issue tracker
issues: https://github.com/viczem/ansible-keepass/issues
# A list of file glob-like patterns used to filter any files or directories that should not be included in the build
# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This
# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
# and '.git' are always filtered
build_ignore: []

2
meta/runtime.yml Normal file
View File

@ -0,0 +1,2 @@
requires_ansible: ">=2.10"

25
keepass.py → plugins/lookup/keepass.py
View File

@ -21,24 +21,24 @@ from pykeepass.exceptions import CredentialsError
DOCUMENTATION = """
lookup: keepass
author: Victor Zemtsov <viczem.dev@gmail.com>
version_added: '0.4.1'
version_added: '0.5.0'
short_description: Fetching data from KeePass file
description:
- This lookup returns a value of a property of a KeePass entry
- This lookup returns a value of a property of a KeePass entry
- which fetched by given path
options:
_terms:
description:
description:
- first is a path to KeePass entry
- second is a property name of the entry, e.g. username or password
required: True
notes:
- https://github.com/viczem/ansible-keepass
examples:
- "{{ lookup('keepass', 'path/to/entry', 'username') }}"
- "{{ lookup('keepass', 'path/to/entry', 'password') }}"
- "{{ lookup('keepass', 'path/to/entry', 'custom_properties', 'a_custom_property_name') }}"
- "{{ lookup('keepass', 'path/to/entry', 'custom_properties', 'my_prop_name') }}"
"""
display = Display()
@ -157,13 +157,13 @@ class LookupModule(LookupBase):
if resp_len == 0:
raise AnsibleError("KeePass: '%s' result is empty" % cmd)
if resp_len == 3:
if resp_len >= 3:
if resp[0] != cmd:
raise AnsibleError(
"KeePass: received command '%s', expected '%s'" % (resp[0], cmd)
)
if resp[1] == "0":
return [resp[2]]
return [os.linesep.join(resp[2:])]
else:
raise AnsibleError("KeePass: '%s' has error '%s'" % (resp[2], cmd))
@ -267,7 +267,7 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
if entry is None:
conn.send(
_resp("fetch", 1, "path '%s' is not found".format(path))
_resp("fetch", 1, "path '%s' is not found" % path)
)
break
@ -278,8 +278,7 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
_resp(
"fetch",
1,
"custom_property key is not set "
"for '%s'".format(arg[0]),
"no custom_property key for '%s'" % arg[0],
)
)
break
@ -290,8 +289,8 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
_resp(
"fetch",
1,
"custom_property '%s' is not found "
"for '%s'".format(prop_key, path),
"custom_property '%s' is not found for '%s'"
"" % (prop_key, path),
)
)
break
@ -309,7 +308,7 @@ def _keepass_socket(kdbx, kdbx_key, sock_path, ttl=60, kdbx_password=None):
_resp(
"fetch",
1,
"unknown property '%s' for '%s'".format(prop, path),
"unknown property '%s' for '%s'" % (prop, path),
)
)
break