Hi Kai
Fantastic, many thanks for your reply!
I'll give your play shot (I prefer having the keys setup as I have also
made the playbooks available via Jenkins for automation!) and if that
doesn't work I'll use the password authentication for Prod and Keys for the
other environments!
Regards
JS
On Saturday, 22 July 2017 16:17:58 UTC+1, Kai Stian Olstad wrote:
>
> On 21.07.2017 18:21, JS wrote:
> > I have a single playbook that with various plays in it.
> >
> > It goes out to different environments, either dev, uat, or prod (based
> > on
> > the --extra-vars input by the user deploying the playbook).
> >
> >
> > i.e. ansible-playbook -i hosts deploy.yml --extra-vars "env=uat"
> >
> >
> > Is there anyway I can set the ansible-playbook to require a password if
> > a
> > user selects the prod environment?
> >
> > They should be allowed to deploy to dev and uat without any
> > authentication
> > or passwords.
>
> Since you use Pathword in the subject I guess you are after an hurdel so
> users don't accidentally run against production?
>
> If so, you can do something like this:
>
> - pre_tasks:
> - pause:
> prompt: "You are running against production. What is the magic
> word?"
> register: result
> when: env == 'prod'
>
> - fail:
> msg: "Aborting, wrong magic."
> when: result.user_input | default('') != 'answerable' and env ==
> 'prod'
>
>
> If not you could use password against production and keys on the other
> environments.
>
>
> --
> Kai Stian Olstad
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/5712bdcf-149c-45fd-8ac6-c6183aec2204%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
