community.general.keyring lookup – grab secrets from the OS keyring

Note

This lookup plugin is part of the community.general collection (version 9.4.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this lookup plugin, see Requirements for details.

To use it in a playbook, specify: community.general.keyring.

Synopsis

• Allows you to access data stored in the OS provided keyring/keychain.

Requirements

The below requirements are needed on the local controller node that executes this lookup.

• keyring (python library)

Examples

- name: output secrets to screen (BAD IDEA)
  ansible.builtin.debug:
    msg: "Password: {{item}}"
  with_community.general.keyring:
    - 'servicename username'

- name: access mysql with password from keyring
  community.mysql.mysql_db:
    login_password: "{{ lookup('community.general.keyring', 'mysql joe') }}"
    login_user: joe

Return Value

Key	Description
Return value list / elements=string	Secrets stored. Returned: success

Authors

• Samuel Boucher

Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.

Collection links

• Issue Tracker
• Repository (Sources)
• Ask for help
• Submit a bug report
• Request a feature
• Communication