Is there a way to make Ansible try the default password, and keep running the playbook if that fails?
Aqui está um exemplo, não corresponde exatamente ao que você mencionou, mas pode ser um ponto de partida.
---
# SYNOPSIS
# try authentication using keys, if that fails, fall back to default credentials
- import_playbook: ../bootstrap.yml
- hosts: linux_systems
gather_facts: no
become: yes
any_errors_fatal: true
vars:
ansible_user_first_run: vagrant
ansible_pass_first_run: vagrant
tasks:
- block:
- name: Check if connection is possible using keys
command: ssh -F {{project_dir}}/.ssh/ansible_ssh_config -o User={{ ansible_user }} -o ConnectTimeout=10 -o PreferredAuthentications=publickey -o PubkeyAuthentication=yes {{ ansible_host }} /bin/true
register: result
connection: local
ignore_errors: yes
changed_when: False
- name: If using user_first_run
connection: local
set_fact:
using_first_run: true
when: result is failed
- name: If no connection, change ansible_user
connection: local
set_fact:
ansible_user: "{{ ansible_user_first_run }}"
when: result is failed
- name: If no connection, change ansible_ssh_pass
connection: local
set_fact:
ansible_ssh_pass: "{{ ansible_pass_first_run }}"
when: result is failed
- name: If no connection, change ansible_become_pass
connection: local
set_fact:
ansible_become_pass: "{{ ansible_pass_first_run }}"
when: result is failed
# since any_errors_fatal this should fail the play
# if we still cannot reach all hosts.
- name: Check if connection is possible
raw: /bin/true
changed_when: False
tags:
- always
- name: Perform a ansible ping
ping: {}