On 07/06/2021 13:32, Elkmar wrote:
Yep, Antony right.
The idea is as follows: we have fileA and fileB. FileA is "signed" by me (for
example has digital signature) and we can start it with ansible-playbook command. FileB
doesn't have signature so it can't do any changes on remote hosts. Is it
On Mon, 7 Jun 2021 12:48:57 +0200
Antony Stone wrote:
> I interpret "signed" in the original question to mean something that cannot
> be
> falsified by someone who is running the ansible commands.
Locally, you might want to set the ownership and the permissions as
appropriate. Use get_url if
Yep, Antony right.
The idea is as follows: we have fileA and fileB. FileA is "signed" by me
(for example has digital signature) and we can start it with
ansible-playbook command. FileB doesn't have signature so it can't do any
changes on remote hosts. Is it possible?
понедельник, 7 июня 2021
On Monday 07 June 2021 at 12:44:23, Vladimir Botka wrote:
> shell> cat test-003.yml
> - hosts: all
> gather_facts: false
> vars:
> my_filename: test-003.yml
> my_path: "{{ playbook_dir }}/{{ my_filename }}"
> my_hash_path: "{{ my_path }}.sha1"
> my_hash: "{{ (lookup('file',
On Mon, 7 Jun 2021 02:48:39 -0700 (PDT)
Elkmar wrote:
> ... check a playbook authenticity before execution
For example
shell> cat test-003.yml
- hosts: all
gather_facts: false
vars:
my_filename: test-003.yml
my_path: "{{ playbook_dir }}/{{ my_filename }}"
my_hash_path: "{{