Add Custom Dynamic Inventory in Ansible Tower ( ServiceNow )

We want to be able to add a custom dynamic inventory into Ansible Tower, I am going to do this for Service Now but the following method can be used with any.

The custom inventory script has already been made and can be available here.

https://github.com/ServiceNowITOM/ansible-sn-inventory.

 

In Ansible Tower navigate to Inventory Scripts and add a new one, we will then copy the contents of the now.py file from the github repo above or the raw link to the now.py is here.

https://raw.githubusercontent.com/ServiceNowITOM/ansible-sn-inventory/master/now.py

Tower should look like this.

snow_inv

Now reading through both the custom inventory script and the Readme on the github project we can see we will need to pass a credential to connect to Service Now the following 3 environment variables are needed.

SN_INSTANCE
SN_USERNAME
SN_PASSWORD

It is possible to add the above 3 and put them into extra vars in our inventory source. However: I personally find this unacceptable due to the nature of a password that would be clear text. So we are going to create a custom credential type to take care of it.

Navigate to Credential Types and add a new one

I called mine Service Now

In the Input Configuration we want to add the 3 fields for username, password and instance ( Note for Password I set secret to true

fields:
  - type: string
    id: username
    label: Username
  - secret: true
    type: string
    id: password
    label: Password
  - type: string
    id: instance
    label: Instance

And in the Injector Configuration we will add in the relevant Service Now environment tags.

env:
  SN_INSTANCE: '{{instance}}'
  SN_PASSWORD: '{{password}}'
  SN_USERNAME: '{{username}}'

Tower will look like this.

Custom_Cred.png

Now we want to create a credential for Service Now, navigate to credentials and add a new credential.

Give it a name, and in the Credential Type you will now see Service Now as an option when you select that the 3 fields will become present for you. fill them out.

cred.png

Finally we can create our Inventory.

Navigate to Inventories, and either select an existing inventory to add the source into or create a new one, I have created a new one called ServiceNow

inventory.png

After saving the new inventory the sources tab will become available click into sources

sources

and add a new one

Source will be Custom Script.

Credential will be ServiceNow

And the custom Inventory script will be ServiceNow

It will look like this.

source_completed.png

Note ( I use update on launch and overwrite but these are up to you. Update on launch will do an inventory refresh on any job template against this inventory before it runs, the overwrite will delete out objects if they no longer exist on the source. )

 

You now have a fully functioning custom dynamic inventory and the credentials are clean and kept away.

 

Leave a Reply

Your email address will not be published. Required fields are marked *