ansible/roles/bitwarden/tasks/secrets.yaml

- block:
  - name: Set DB namespace for secret lookup
    set_fact:
      db_namespace: "{{ bitwarden_db_namespace | default(postgres_db_namespace) | default(postgres_namespace) | default(postgres_operator_namespace) | default(namespace) }}"

  - name: Set DB secret name for lookup
    set_fact:
      db_secret_name: "bitwarden.{{ postgres_db_team | default(namespace) }}-postgres.credentials.postgresql.acid.zalan.do"

  - name: Lookup Bitwarden DB secret
    set_fact:
      bitwarden_db_secret: "{{ lookup('k8s', kind='Secret', namespace=db_namespace, resource_name=db_secret_name) }}"

  - debug:
      msg: "{{ bitwarden_db_secret }}"
      verbosity: 2

  - name: Set Bitwarden DB username
    set_fact:
      bitwarden_db_username: "{{ bitwarden_db_secret.data.username | b64decode }}"

  - name: Set Bitwarden DB password
    set_fact:
      bitwarden_db_password: "{{ bitwarden_db_secret.data.password | b64decode }}"
GHP publish 2021-01-09 17:54:42 +00:00			`- block:`
			`- name: Set DB namespace for secret lookup`
			`set_fact:`
			`db_namespace: "{{ bitwarden_db_namespace \| default(postgres_db_namespace) \| default(postgres_namespace) \| default(postgres_operator_namespace) \| default(namespace) }}"`

			`- name: Set DB secret name for lookup`
			`set_fact:`
			`db_secret_name: "bitwarden.{{ postgres_db_team \| default(namespace) }}-postgres.credentials.postgresql.acid.zalan.do"`

			`- name: Lookup Bitwarden DB secret`
			`set_fact:`
			`bitwarden_db_secret: "{{ lookup('k8s', kind='Secret', namespace=db_namespace, resource_name=db_secret_name) }}"`

			`- debug:`
			`msg: "{{ bitwarden_db_secret }}"`
			`verbosity: 2`

			`- name: Set Bitwarden DB username`
			`set_fact:`
			`bitwarden_db_username: "{{ bitwarden_db_secret.data.username \| b64decode }}"`

			`- name: Set Bitwarden DB password`
			`set_fact:`
			`bitwarden_db_password: "{{ bitwarden_db_secret.data.password \| b64decode }}"`