community.general.keyring lookup – Grab secrets from the OS keyring

Note

This lookup plugin is part of the community.general collection (version 13.1.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this lookup plugin, see Requirements for details.

To use it in a playbook, specify: community.general.keyring.

Synopsis

• Allows you to access data stored in the OS provided keyring/keychain.

Requirements

The below requirements are needed on the local controller node that executes this lookup.

• keyring (python library)

Terms

Parameter	Comments
Terms list / elements=string	List of pairs of service and user name. Every entry must be of the form servicename username.

Examples

- name: output secrets to screen (BAD IDEA)
  ansible.builtin.debug:
    msg: "Password: {{item}}"
  with_community.general.keyring:
    - 'servicename username'

- name: access mysql with password from keyring
  community.mysql.mysql_db:
    login_password: "{{ lookup('community.general.keyring', 'mysql joe') }}"
    login_user: joe

Return Value

Key	Description
Return value list / elements=string	Secrets stored. Returned: success

Authors

• Samuel Boucher

Collection links

• Issue Tracker
• Repository (Sources)
• Ask for help
• Submit a bug report
• Request a feature
• Communication