community.general.keyring – grab secrets from the OS keyring

Note

This plugin is part of the community.general collection (version 3.8.1).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.keyring.

Synopsis

  • Allows you to access data stored in the OS provided keyring/keychain.

Requirements

The below requirements are needed on the local controller node that executes this lookup.

  • keyring (python library)

Examples

- name : output secrets to screen (BAD IDEA)
  ansible.builtin.debug:
    msg: "Password: {{item}}"
  with_community.general.keyring:
    - 'servicename username'

- name: access mysql with password from keyring
  mysql_db: login_password={{lookup('community.general.keyring','mysql joe')}} login_user=joe

Return Values

Common return values are documented here, the following are the fields unique to this lookup:

Key Returned Description
_raw
list / elements=string
success
Secrets stored.



Authors

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/keyring_lookup.html