homelab/lookup_plugins/rbw.py

# python 3 headers, required if submitting to Ansible
from __future__ import absolute_import, division, print_function

__metaclass__ = type

import json
import subprocess

from ansible.errors import AnsibleError, AnsibleParserError
from ansible.plugins.lookup import LookupBase
from ansible.utils.display import Display
from jinja2 import Environment

DOCUMENTATION = r"""
  name: rbw
  short_description: get secrets using rbw
  options:
    _terms:
      description: Name of the secret to get
      required: True
"""

display = Display()


def rbw(name: str):
    sub = subprocess.run(["rbw", "get", name, "--raw"], capture_output=True)

    secret = json.loads(sub.stdout)

    display.debug(f'Obtaining data for "{secret["name"]}"')

    return secret


class LookupModule(LookupBase):
    def run(self, terms, variables=None, **kwargs):
        # First of all populate options,
        # this will already take into account env vars and ini config
        self.set_options(var_options=variables, direct=kwargs)

        # lookups in general are expected to both take a list as input and output a list
        # this is done so they work with the looping construct 'with_'.
        ret = []
        for term in terms:
            secret = rbw(term)

            ret.append(secret)

        return ret