Here is some background first.
I have a dynamic inventory which pulls data from an external source. I have various playbooks which does a few tasks using this inventory, and I run them by either an adhoc ansible-playbook command, and via Ansible AWX.
When testing connectivity to managed hosts, I can run commands such as ansible -m ping -i inventories/ linuxnode.servers.fqdn, and this works totally fine. I also have an inventory sync in AWX, and that works fine as well.
This works using an inventory source within inventories/ in YAML format, wherein I pass some values to the custom inventory script the_custom_plugin. Sample YAML file datacenter1.yml:
plugin: the_custom_plugin
url: "https://externalapp.servers.fqdn"
username: poweruser
privatekey: secretpassword
Now, I want to get rid of the username and password for obvious security reasons, and instead, hide them:
- In environment variables when running via the
ansible-playbookcommand; and - In AWX credentials when running via
AWX.
The problem is, there doesn't seem a way to inject values to variables in the inventory souce. Even a very simple change like this does not work (i.e. the custom plugin fails):
plugin: the_custom_plugin
url: "https://externalapp.servers.fqdn"
temp_username: poweruser
username: "{{ temp_username }}"
privatekey: secretpassword
Is there any secret YAML syntax for an inventory source file which uses an external plugin? Or is the issue somehow in the custom plugin code? I'm very much perplexed that this doesn't even work:
temp_username: poweruser
username: "{{ temp_username }}"
Cheers.
