Open matman26 opened 2 years ago
Good idea, I think adding a new inventory to the nornir-utils repo that inherits from SimpleInventory would be the way to go, that way you just need to add the few bits and pieces you need for that.
Great! I'll probably look into it towards the weekend. Will open a PR over there.
The idea would be to unencrypt file-based inventories on-the-fly to extract host, group and defaults data, similar to how Ansible implements this for vault-encrypted host vars. A vault key would be required to execute the script with access to host data, making host data otherwise inaccessible. This would at least mitigate the issue of using plain-text inventories for handling sensitive data.
This could maybe be implemented as a separate inventory plugin, or some kind of flag for SimpleInventory?
I'd be willing to submit a PR for this myself, but would like to discuss how it would better integrate with the current Nornir ecosystem first. Thanks!