From 8f8e53acbe31273838809f3b6788c9705b1eec06 Mon Sep 17 00:00:00 2001 From: Brian Coca Date: Mon, 24 Jul 2017 16:37:59 -0400 Subject: [PATCH] updated readme with vault and 2.4 inv plugins (#26361) * updated readme with vault and 2.4 inv plugins * fixed as per feedback * Edits Need clarification for lines 10 and 11. --- contrib/README.md | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/contrib/README.md b/contrib/README.md index e579f202936..4c3082ad6f4 100644 --- a/contrib/README.md +++ b/contrib/README.md @@ -1,16 +1,26 @@ +contrib +------- +Files here provide an extension mechanism for Ansible similar to plugins. They are not maintained by the Ansible core team or installed with Ansible. + + inventory ========= -Inventory scripts allow you to store your hosts, groups, and variables in any way -you like. Examples include discovering inventory from EC2 or pulling it from -Cobbler. These could also be used to interface with LDAP or database. +Before 2.4 introduced inventory plugins, inventory scripts were the only way to provide sources that were not built into Ansible. Inventory scripts allow you to store your hosts, groups, and variables in any way you like. + +Starting with Ansible version 2.4, they are enabled via the 'script' inventory plugin. +Examples of use include discovering inventory from EC2 or pulling it from Cobbler. These could also be used to interface with LDAP or the database. + +`chmod +x` an inventory plugin and either name it `/etc/ansible/hosts` or use `ansible -i /path/to/inventory/script`. You might also need to copy a configuration file with the same name and/or set environment variables. The scripts or configuration files can provide more details. + +vault +===== -`chmod +x` an inventory plugin and either name it `/etc/ansible/hosts` or use `ansible -i /path/to/inventory/script`. You might also need to copy a configuration -file with the same name and/or set environment variables, the scripts or configuration -files have more details. +If the file passed to `--vault-password-file` has the executable bit set, Ansible will execute it and use the stdout of that execution as 'the secret'. +Vault scripts provided here use this facility to retrieve the vault secret from a number of sources. contributions welcome ===================== -Send in pull requests to add plugins of your own. The sky is the limit! +Send in pull requests to add scripts of your own. The sky is the limit!