'How to use my custom yaml tag in Ansible?
I've created a YAML parser in Python to decrypt values using yaml tags.
password: !decrypt LS0tLS1CRUdJ...TiBQRS0tCg==
In my parser script, I can add a custom constructor to decrypt the values.
def get_loader():
loader = yaml.SafeLoader
loader.add_constructor("!decrypt", decrypt_constructor)
return loader
data = yaml.load(open(file, "rb"), Loader=get_loader())
When parsing the YAML file using Ansible, I get the following error:
ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each:
JSON: Expecting value: line 1 column 1 (char 0)
Syntax Error while loading YAML.
could not determine a constructor for the tag '!decrypt'
How can I add a constructor to the YAML parser that is used by Ansible? I've seen these tags before, like !vault and !unsafe.
Solution 1:[1]
You would need to add code to Ansible to teach it how to parse your custom YAML tags.
It looks like this sort of things lives in lib/ansible/parsing/yaml in the Ansible repository. For example, that's where you'll find support for !vault objects in objects.py:
class AnsibleVaultEncryptedUnicode(Sequence, AnsibleBaseYAMLObject):
'''Unicode like object that is not evaluated (decrypted) until it needs to be'''
__UNSAFE__ = True
__ENCRYPTED__ = True
yaml_tag = u'!vault'
[...]
You would end up maintaining your own custom version of Ansible.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | larsks |