{"id":19879982,"url":"https://github.com/passbolt/lab-passbolt-ansible-collection","last_synced_at":"2025-09-05T07:38:43.214Z","repository":{"id":147468615,"uuid":"478590650","full_name":"passbolt/lab-passbolt-ansible-collection","owner":"passbolt","description":"Source repository for https://galaxy.ansible.com/anatomicjc/passbolt","archived":false,"fork":false,"pushed_at":"2025-04-10T16:27:31.000Z","size":65,"stargazers_count":11,"open_issues_count":8,"forks_count":9,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-05-02T13:45:57.694Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit-0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/passbolt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-04-06T14:15:32.000Z","updated_at":"2025-04-23T13:51:05.000Z","dependencies_parsed_at":"2025-09-05T07:38:36.415Z","dependency_job_id":null,"html_url":"https://github.com/passbolt/lab-passbolt-ansible-collection","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/passbolt/lab-passbolt-ansible-collection","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Flab-passbolt-ansible-collection","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Flab-passbolt-ansible-collection/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Flab-passbolt-ansible-collection/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Flab-passbolt-ansible-collection/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/passbolt","download_url":"https://codeload.github.com/passbolt/lab-passbolt-ansible-collection/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passbolt%2Flab-passbolt-ansible-collection/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273727806,"owners_count":25157133,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T17:09:55.189Z","updated_at":"2025-09-05T07:38:38.189Z","avatar_url":"https://github.com/passbolt.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"```\n👩  This project is part of the passbolt \"lab\"!\n⚗️   It is used to illustrate an article or as a conversation starter.\n🧪  Use at your own risks!\n```\n\n## Copyright \u0026 License\n\n(c) 2021 Passbolt SA\n\nPassbolt is registered trademark of Passbolt S.A.\n\nMIT No Attribution - https://opensource.org/licenses/MIT-0\n\n# Ansible Collection - anatomicjc.passbolt\n\nThis is the source repository for [https://galaxy.ansible.com/anatomicjc/passbolt](https://galaxy.ansible.com/anatomicjc/passbolt)\n\n## Passbolt lookup plugin / passbolt_inventory plugin\n\n### passbolt\n\nThis lookup plugin allows you to retrieve ansible secrets from [passbolt](https://www.passbolt.com)\n\nIt is based on [py-passbolt library](https://pypi.org/project/py-passbolt/).\n\n### passbolt_inventory\n\nThis Plugin allows to you to retrieve all [passbolt](https://www.passbolt.com) resources the user has access to. You can use the filter anatomicjc.passbolt.check_naming to check if all resources are compliant with your internal naming guideline.\n\nIt is based on [py-passbolt library](https://pypi.org/project/py-passbolt/).\n\n### Environment variables for configuration\n\n| environment variable name                    | Description                                                                                                          | Comments                                |\n|----------------------------------------------|----------------------------------------------------------------------------------------------------------------------|-----------------------------------------|\n| PASSBOLT_BASE_URL                            | Your passbolt instance url: https://passbolt.domain.tld                                                              | Mandatory                               |\n| PASSBOLT_PRIVATE_KEY                         | Your passbolt private key in one-line format (see the below note)                                                    | PGPy backend                            |\n| PASSBOLT_PASSPHRASE                          | Your passbolt private key passphrase                                                                                 | PGPy backend                            |\n| PASSBOLT_GPG_BINARY                          | Path to gpg binary                                                                                                   | gnupg backend                           |\n| PASSBOLT_GPG_LIBRARY                         | The python library to use                                                                                            | Allowed values: PGPy (default) or gnupg |\n| PASSBOLT_FINGERPRINT                         | The key fingerprint to use for gnupg backend                                                                         | gnupg backend                           |\n| PASSBOLT_VERIFY                              | The path of custom certificate authority                                                                             | exemple:  /etc/ipa/ca.crt default: True |\n| PASSBOLT_CREATE_NEW_RESOURCE                 | Create a new passbolt resource if no resource found (disabled by default)                                            | true / false (default)                  |\n| PASSBOLT_NEW_RESOURCE_PASSWORD_LENGTH        | Password length when creating a new resource                                                                         | Default value: 20                       |\n| PASSBOLT_NEW_RESOURCE_PASSWORD_SPECIAL_CHARS | The plugin creates only alphanumerics characters by default. Set this variable to true to include special characters | true / false (default)                  |\n\nThe environment variables are overridable by variable or the --extra-vars option \n\n**Note**: How to set OpenPGP key in one-line format:\n\nLinux:\n\n```\nsed -z 's/\\n/\\\\n/g' private.asc\n```\n\nMacOS:\n\nInstall `gnu-sed` with brew:\n\n```\n$ brew install gnu-sed\n```\n\nUse gsed instead of sed:\n\n```\ngsed -z 's/\\n/\\\\n/g' private.asc\n```\n\n## Use this plugin with AWX\n\nBuild a custom AWX Execution Environment using [Ansible Builder](https://ansible.readthedocs.io/projects/builder/en/latest/)\n\nAdd to requirements.txt:\n\n```\npy-passbolt\n```\n\nAdd to requirements.yml:\n\n```\ncollections:\n    - name: anatomicjc.passbolt\n```\n\nAdd a new Custom Credential Type to AWX:\n\n* Name: Passbolt Credentials\n* Description: Passbolt credentials for accessing Passbolt\n* Configuration input:\n\n```\nfields:\n  - id: passbolt_url\n    type: string\n    label: Passbolt Base URL\n  - id: passbolt_private_key\n    type: string\n    label: Passbolt Private GPG Key\n    secret: true\n    multiline: true\n  - id: passbolt_passphrase\n    type: string\n    label: Passbolt Private GPG Key Passphrase\n    secret: true\nrequired:\n  - passbolt_url\n  - passbolt_private_key\n  - passbolt_passphrase\n```\n\n* Configuration injector:\n\n```\nenv:\n  PASSBOLT_BASE_URL: '{{ passbolt_url }}'\n  PASSBOLT_PASSPHRASE: '{{ passbolt_passphrase }}'\n  PASSBOLT_PRIVATE_KEY: '{{ passbolt_private_key }}'\n```\n\n* Add a new credential of the type Passbolt Credentials to AWX:\n  * Set the url and passphrase\n  * Upload or paste the contents of the Private key file into the Passbolt Private GPG Key field without any modifications\n* Create or update an AWX template to use the custom EE and add the above defined Passbolt Credentails. The playbook executed by this template will now have access to passbolt using the lookup plugin.\n\n## check_naming filter plugin\n\nThis plugin provides the capability to check if [passbolt](https://www.passbolt.com) resources are compliant with a naming guideline using the output a regex string and the output of the passbolt lookup or the passbolt_inventory lookup.\n\n## Resources\n\n* Blog post about passbolt ansible lookup plugin: [https://blog.passbolt.com/managing-secrets-in-ansible-using-passbolt-87af031ceab6](https://blog.passbolt.com/managing-secrets-in-ansible-using-passbolt-87af031ceab6)\n* Gitlab repository with examples: [https://github.com/passbolt/lab-passbolt-ansible-poc](https://github.com/passbolt/lab-passbolt-ansible-poc)\n* How to use this lookup plugin with AWX: [read this post from passbolt community forum](https://community.passbolt.com/t/ansible-lookup-plugin-throws-typeerror-encoding-without-a-string-argument/9222/7)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpassbolt%2Flab-passbolt-ansible-collection","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpassbolt%2Flab-passbolt-ansible-collection","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpassbolt%2Flab-passbolt-ansible-collection/lists"}