Fwd: LDAP bindPassword in Ansible inventory

And to the list as well... ​--8<--​ If having the password in clear text in master-coinfig.yaml is OK, you could also use this trick: openshift_master_identity_providers=[{'name':'OpenID', 'kind':'OpenIDIdentityProvider', 'clientSecret':"{{ lookup('file','/path/to/secret') }}"}] This way

Re: LDAP bindPassword in Ansible inventory

Good idea Joel. In the inventory file I can use 'bindPassword': '{{ ldap_bind_password }}' and pass *-e ldap_bind_password=x* when running the playbook. Ansible vault is probably the way to go but this will do for now. Thanks! On 24 October 2017 at 17:19, Joel Pearson

Re: LDAP bindPassword in Ansible inventory

Maybe if you use a vars yaml file, it might work? I was going to try it today, but I didn't get around to it, was hoping you'd get it working first? By a vars file I mean ansible-playbook -e "@varsfile.yml" With something like this in there, but obviously the encrypted bit

Re: LDAP bindPassword in Ansible inventory

Well adding this to the inventory file doesn't work (even if the files are copied to masters before hand). 'bindPassword': {'file': '/root/bindPassword.encrypted', 'keyFile': '/root/bindPassword.key'}, Is there any way to encrypt the bindPassword in the inventory file? On 21 October 2017 at

LDAP bindPassword in Ansible inventory

Hi, I see there's a way to encrypt an ldap bind password for use in the master configs. But I'm not sure how this would work in the Ansible inventory configuration