On 21.07.2017 18:21, JS wrote:
I have a single playbook that with various plays in it.
It goes out to different environments, either dev, uat, or prod (based
on
the --extra-vars input by the user deploying the playbook).
i.e. ansible-playbook -i hosts deploy.yml --extra-vars "env=uat"
Is there anyway I can set the ansible-playbook to require a password if
a
user selects the prod environment?
They should be allowed to deploy to dev and uat without any
authentication
or passwords.
Since you use Pathword in the subject I guess you are after an hurdel so
users don't accidentally run against production?
If so, you can do something like this:
- pre_tasks:
- pause:
prompt: "You are running against production. What is the magic
word?"
register: result
when: env == 'prod'
- fail:
msg: "Aborting, wrong magic."
when: result.user_input | default('') != 'answerable' and env ==
'prod'
If not you could use password against production and keys on the other
environments.
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/c75e8504e16cd5ac00b3108a5aa883f3%40olstad.com.
For more options, visit https://groups.google.com/d/optout.
