Use ansible.builtin.password plugin instead of shell

scylladb / scylla-ansible-roles

Ansible roles for deploying and managing Scylla, Scylla-Manager and Scylla-Monitoring

44 stars 38 forks source link

Use ansible.builtin.password plugin instead of shell #56

Closed elcomtik closed 2 years ago

elcomtik commented 3 years ago

You should use the password plugin to generate a password instead of executing the shell command and copying it to localhost. It can be handled in one task instead of the current two.

https://github.com/scylladb/scylla-ansible-roles/blob/da4a7ae1b3bfce4408211271582227d25500429c/ansible-scylla-node/tasks/manager_agents.yml#L10-L26

elcomtik commented 3 years ago

Actually, it can replace the following task also. https://github.com/scylladb/scylla-ansible-roles/blob/da4a7ae1b3bfce4408211271582227d25500429c/ansible-scylla-node/tasks/manager_agents.yml#L28-L39

elcomtik commented 3 years ago

All of this can be replaced by this code

- name: Get token from file or generate a new token and store on controller
  set_fact:
    auth_token: "{{ lookup('password', 'scyllamgr_auth_token.txt chars=ascii_lowercase,ascii_uppercase,digits length=128') }}"
  run_once: true