How to import/load env/ini file that is located in file on the Remote/Target server?

[Chaz_E]

QUESTION: How can we load or import an env/ini file that is located in a file on the Remote/Target server?

GOAL:
We have an env/ini file on the remote/target server.
We want to read in that file and use the values as variables for the tasks on that machine.

( FYI: Our process does not allow for saving these variables in the Inventory - even though that would be nice. )

Here is an example of what our ini/env file looks like:

Path: /devops/properties/Admin.properties

username = FooAdmin

password = bar123XYZ

activate = no

(Basically property format or ini format without any sections)

ANSIBLE ENVIRONMENT:

We are running playbook jobs from Ansible Tower 2.5.10
Remote / target machines have Ansible 2.4.2.0 & Python 2.7.5

( FYI: We are probably 6months to 1 year away from updating to newer versions - even though that'd be nice too. )

Thanks in advance for any help.

-Chaz

[Chaz_E]

FYI: I have tried with_ini -- but it seems that maybe limited to the controlling/initiating server, and/or maybe the with_ini loop feature is not available in Ansible 2.4

[Hugo Gonzalez]

Hello Chaz,

On 1/10/19 11:00 AM, Chaz_E wrote:

QUESTION: How can we load or import an env/ini file that is located in a file on the Remote/Target server?

GOAL:
We have an env/ini file on the remote/target server.
We want to read in that file and use the values as variables for the tasks on that machine.

( FYI: Our process does not allow for saving these variables in the Inventory - even though that would be nice. )

Here is an example of what our ini/env file looks like:

Path: /devops/properties/Admin.properties

username = FooAdmin

password = bar123XYZ

activate = no

(Basically property format or ini format without any sections)

Can't you link/transform your file to be a local facts file? Take a look at

https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#local-facts-facts-d

[goforawalktwice]

you could use fetch module first to get from remote to local, then use with_ini

But on the face of it it does look like a file that should be source controlled/with the ansible playbooks/roles etc

[Brian Coca]

you can use fetch and make it a 'local file' or the slurp module, use a registered variable and a |base64decode filter on the content and then use another filter to parse the data into a usable structure

--

----------

Brian Coca

[Chaz_E]

I like the idea of this suggestion.

Is local-facts-facts-d usable as Non-Root?

Can facts be loaded from the user's $HOME/.ansible/ , like $HOME/.ansible/facts.d or something like that?

I see for windows there is fact_path does that work for Linux?

Regards,

-Chaz

[Hugo Gonzalez]

Hi Chaz,

On 1/14/19 11:02 AM, Chaz_E wrote:

I like the idea of this suggestion.

Is local-facts-facts-d usable as Non-Root?

They come up as part of the dictionary returned by the setup module as ansible_local, so yes.

Can facts be loaded from the user's $HOME/.ansible/ , like $HOME/.ansible/facts.d or something like that?

I see for windows there is fact_path does that work for Linux?

Reading https://docs.ansible.com/ansible/2.4/intro_configuration.html#fact-path it has precisely that use case (a user's HOME). I don't see that it should not work for Linux. You should try it on a host and see.

Now, back to what you're trying to do. Your variable file is almost an INI file, it just needs a section.

I was curious, so I tried something like what you're trying to do:

[root@gladys facts.d]# pwd
/etc/ansible/facts.d

[root@gladys facts.d]# ls -l
total 4
-rwxr-xr-x. 1 root root 106 Jan 14 18:47 factfile.fact

[root@gladys facts.d]# cat factfile.fact 
#!/bin/bash
# An ini file must have a section
echo '[general]'
cat /home/management/thishasvariables.txt

[root@gladys facts.d]# ls -l /home/management/thishasvariables.txt
-rw-r--r--. 1 management management 11 Jan 14 18:48 /home/management/thishasvariables.txt

[root@gladys facts.d]# cat /home/management/thishasvariables.txt
spam=eggs


my_user@mybox:~$ ansible -u management -i 'gladys, ' all -m setup  -a "filter=ansible_local"
gladys | SUCCESS => {
    "ansible_facts": {
        "ansible_local": {
            "factfile": {
                "general": {
                    "spam": "eggs"
                }
            }
        }
    }, 
    "changed": false
}



This works. Whether it is secure or not, that's a different matter, it does take a user-supplied file and present it as facts for the host. 
Cheers,

Hugo

[Chaz_E]

Hi Hugo,

I like your suggestion -- is so close -- and pretty elegant.

However - /etc/ansible/facts.d is owned by root.

Even though the INI/Property file you loaded was not owned by root, 

Only root could have added /etc/ansible/facts.d/factfile.fact

Thanks for trying!

Let me know if you find out something similar that a non-root user can setup and use.

For now - I am brute forcing it.

I have found that the fewest strokes to get it done is like this:
shell: "cat myfile"

register: capture_myfile

Then parse the capture and set_facts.

    

I tried slurp and fetch but they all ended up really ugly, and un-readable for the next guy.

I am actually shocked that this is not a mainstream feature.

Like sourcing in an ENV file in a script.