From 79d8bfaacfb9dd3f4fc85d78624ed8aab1a14267 Mon Sep 17 00:00:00 2001
From: staffadmin <stephane.gratiasquiquandon@gmail.com>
Date: Tue, 11 Nov 2025 17:39:20 +0100
Subject: [PATCH] [test last]

---
 backup.yml | 40 +++++++++++++++++++++++-----------------
 1 file changed, 23 insertions(+), 17 deletions(-)

diff --git a/backup.yml b/backup.yml
index bc096b5..0b78f87 100644
--- a/backup.yml
+++ b/backup.yml
@@ -32,24 +32,20 @@
 #         msg: "{{ bw_client_id }}"
 #       # delegate_to: localhost
 # #! fin test
-    - name: Check if bw is installed
-      command: which bw
-      register: bw_check
-      ignore_errors: yes
-      delegate_to: localhost
-      changed_when: false
+    # - name: Check if bw is installed
+    #   command: which bw
+    #   register: bw_check
+    #   ignore_errors: yes
+    #   delegate_to: localhost
+    #   changed_when: false
 
     - name: Install Bitwarden CLI
-      block:
-        - name: bitwarden token session 
-          ansible.builtin.command:
-            cmd: "{{ item }}"
-          delegate_to: localhost
-          loop: 
-            - apk add --no-cache nodejs npm
-            - npm install -g @bitwarden/cli 
-      when: bw_check.rc != 0
-  
+      ansible.builtin.command:
+        cmd: "{{ item }}"
+      delegate_to: localhost
+      loop: 
+        - apk add --no-cache nodejs npm
+        - npm install -g @bitwarden/cli 
 
     - name: bitwarden token session 
       ansible.builtin.command:
@@ -57,13 +53,23 @@
       environment:
         BW_CLIENTID: "{{ bw_client_id }}"
         BW_CLIENTSECRET: "{{ bw_client_secret }}"
+        BW_PASSWORD: "{{ bw_client_password }}"
       loop:
         - bw config server {{ vaultwarden_url }}
         - bw login --apikey
-        - bw unlock {{ bw_client_password }} --raw
+        - bw unlock --passwordenv BW_PASSWORD --raw
       delegate_to: localhost
       register: bw_session_result
 
+    - name: Set BW_SESSION as environment variable globally
+      ansible.builtin.set_fact:
+        bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
+      no_log: true
+
+    - name: Return all secrets from a path
+      ansible.builtin.debug: "{{ bw_session }}"
+
+
     - name: Utiliser le lookup
       ansible.builtin.debug:
         msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password') }}"