-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfetch_access_token.yml
42 lines (40 loc) · 1.3 KB
/
fetch_access_token.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
---
- name: "Fetch ServiceNow API Access Token"
hosts: localhost
gather_facts: false
become: false
tasks:
- name: "Fetch Access token"
# no_log: true
ansible.builtin.uri:
method: POST
url: "{{token_endpoint}}"
body_format: form-urlencoded
body:
grant_type : "{{grant_type}}"
scope : "{{vault_scope}}"
client_id : "{{vault_client_id}}"
client_secret: "{{vault_client_secret}}"
status_code: [200]
return_content: true
register: response_body
<<<<<<< HEAD
- name: "Convert to Vault string"
no_log: true
=======
- name: "Convert Token to Vault variable"
# no_log: true
>>>>>>> 42f5aa2ad37e196a0e9a8de10ee1f2d8126d3b8e
ansible.builtin.shell:
cmd: "ansible-vault encrypt_string \"{{response_body.json.access_token}}\" --vault-id \"$HOME/ansible-practice/passfile\" --name 'vault_access_token'"
when: response_body.status == 200
register: vault_token
<<<<<<< HEAD
- name: "Store token"
=======
- name: "Store Token in vault"
>>>>>>> 42f5aa2ad37e196a0e9a8de10ee1f2d8126d3b8e
ansible.builtin.copy:
content: "{{vault_token.stdout}}"
dest: "$HOME/ansible-practice/host_vars/{{inventory_hostname}}/vault_access_token"
force: true