Implementation as cache plugin about ansible-keepass HOT 6 OPEN

Here's an example setup:
Me an my colleague have different clusters with different inventory setups like:

# Personal inventory that uses keepass
# /host_vars/my_host_A.yaml
secret_CA_root_key: "{{ lookup('viczem.keepass.keepass', 'Root CA', 'attachments', 'CA_key) }}"

# Colleague inventory that doesn't use keepass
# /host_vars/colleague_host_Z.yaml
secret_CA_root_key: /local/path/to/CA/key

But we are both working on the same repo with a gitignore

# .gitignore
/host_vars
/group_vars
/inventory.yaml

Using the same roles and playbooks

# /our_role/tasks/main.yaml
- name: Sign some certificate
  community.crypto.x509_certificate:
    provider: ownca
    ownca_privatekey_path: "{{ secret_CA_root_key }}"

# /our_playbook.yaml
- name: Do some stuff
  hosts: common_group_name
  role:
    - our_role

In this setup we are not imposing a specific format/plugins/etc. on each other and we can both work on the same roles/playbooks etc.

from ansible-keepass.

You can set the ttl to 0 and close socket when you need by lookup('viczem.keepass.keepass', 'close')

from ansible-keepass.

That is not ideal because I want to make my playbooks and roles portable to share it with colleagues and only have the keepass integration on the inventory.

from ansible-keepass.

What you think about using the module viczem.keepass.attachment? You can remove an attachment file by ansible.builtin.file when needed.

from ansible-keepass.

This would still not be able to be used within the inventory and would not make it as portable

from ansible-keepass.

Could you give more information why using the viczem.keepass.attachment module is not a solution?

from ansible-keepass.