Hey all - looking for some advice. I need to write either a plugin or a module to interact with Thycotic Secret Server. In most cases, my code will simply retrieve a credential from Thycotic, so a lookup plugin makes perfect sense. However, there are cases where a specific credential doesn't yet exist in Thycotic, so my code will tell Thycotic to generate a credential, store it in Thycotic, and then return it. The rub here is then we have a side effect; if a credential doesn't exist, it gets created, stored, and returned. Generally speaking, I tend to view lookup plugins as being read only, so the idea that a lookup plugin would WRITE data is counterintuitive (to me). However, I see the passwordstore plugin also has side effects, so perhaps this isn't so bad. But I could also write a module (delegated to the control machine) to accomplish the functionality I need, and modules certainly can have side effects. Any opinions from the Core community on which way I should lean? Are lookup plugin side effects really that bad, or am I overreacting?
Appreciate your thoughts. Thanks. Rob -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/27b897d6-7970-4b3e-b449-0302956642f7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
