[test last]

backup.yml

@@ -9,6 +9,7 @@
     bw_client_secret: "{{ lookup('env', 'bw_client_secret') }}"
     bw_client_password: "{{ lookup('env', 'bw_client_password') }}"
     bw_client_id: "{{ lookup('env', 'bw_client_id') }}"
+    bw_requested_password_id: cc0c7222-858d-44be-86ab-e0534b6f34a9
     dockerapps_path: /opt/dockerapps
     gitea_conf: /appdata/gitea/gitea/
     gitea_db: /appdata/gitea/gitea-db/gitea-db-pg.sql
@@ -35,23 +36,6 @@
 # export BWS_ACCESS_TOKEN=<ACCESS_TOKEN_VALUE>
 # database_password: "{{ lookup('bitwarden.secrets.lookup', '<SECRET_ID>') }}" 
 
-# #! ants - gouv
-#     - debug:
-#         msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}" 
-#       delegate_to: localhost
-#       environment:
-#         BW_CLIENTID: "{{ bw_client_id }}"
-#         BWS_ACCESS_TOKEN: "{{ bw_client_secret }}"
-#         BW_PASSWORD: "{{ bw_client_password }}"
-# #! fin test
-    # - name: Check if bw is installed
-    #   command: which bw
-    #   register: bw_check
-    #   ignore_errors: yes
-    #   delegate_to: localhost
-    #   changed_when: false
-
-
 #! script
     # - name: Install Bitwarden CLI
     #   ansible.builtin.command:
@@ -79,18 +63,13 @@
       delegate_to: localhost
       register: bw_session_result
 
-    - name: Return all secrets from a path
-      ansible.builtin.debug: 
-        msg: "{{ bw_session_result }}"
-      delegate_to: localhost
-
     - name: Get secret from Bitwarden
       command:
         argv:
           - bw
           - get
           - password
-          - "cc0c7222-858d-44be-86ab-e0534b6f34a9"
+          - "{{ bw_requested_password_id }}"
           - --session
           - "{{ bw_session_result.results[-1].stdout | trim }}"
       delegate_to: localhost
@@ -98,44 +77,26 @@
       no_log: true
       changed_when: false
 
+    # - name: Return all secrets from a path
+    #   ansible.builtin.debug: 
+    #     msg: "{{ gitea_token_result.stdout }}"
+    #   delegate_to: localhost
+
+    - name: Set BW_SESSION as environment variable globally
+      ansible.builtin.set_fact:
+        gitea_token : "{{ gitea_token_result.stdout | trim }}"
+      no_log: true
+      delegate_to: localhost
+
+
     - name: Return all secrets from a path
       ansible.builtin.debug: 
-        msg: "{{ gitea_token_result }}"
+        msg: hostvars['localhost']
-      delegate_to: localhost
 
-    - name: logout 
+    - name: Return all secrets from a path
-      ansible.builtin.command:
+      ansible.builtin.debug: 
-        cmd: bw logout
+        msg: "{{ gitea_token }}"
-      delegate_to: localhost
 
-    # - name: Set BW_SESSION as environment variable globally
-    #   ansible.builtin.set_fact:
-    #     bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
-    #   no_log: true
-
-    # - name: bitwarden token session 
-    #   ansible.builtin.command:
-    #     shell: bw unlock --passwordenv BW_PASSWORD --raw
-    #   environment:
-    #     BW_CLIENTID: "{{ bw_client_id }}"
-    #     BW_CLIENTSECRET: "{{ bw_client_secret }}"
-    #     BW_PASSWORD: "{{ bw_client_password }}"
-    #   delegate_to: localhost
-
-    # - name: Utiliser le lookup
-    #   ansible.builtin.debug:
-    #     msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password',  bw_session='{{ bw_session }}') }}"
-    #   environment:
-    #     BW_SESSION: "{{ bw_session }}"
-    #   delegate_to: localhost
-
-    # # - name: Return all secrets from a path
-    # #   ansible.builtin.debug: "{{ bw_session }}"
-
-    # - name: Return all secrets from a path
-    #   delegate_to: localhost
-    #   ansible.builtin.debug:
-    #     msg: "{{ lookup('community.hashi_vault.hashi_vault', 'secret=apps/data/postgres token=prout url=https://hash.jingoh.fr') }}"
 
 #     - ansible.builtin.git:
 #         repo: https://{{ user }}:{{ token }}@gitea.jingoh.fr/{{ user }}/backup.git
@@ -291,3 +252,8 @@
 #       become: true
 
 
+
+    - name: logout bw
+      ansible.builtin.command:
+        cmd: bw logout
+      delegate_to: localhost