in deploy/ansible/lookup_plugins/azure_keyvault_secret.py [0:0]
def run(self, terms, variables, **kwargs):
ret = []
vault_url = kwargs.pop('vault_url', None)
if vault_url is None:
raise AnsibleError('Failed to get valid vault url.')
if TOKEN_ACQUIRED:
secret_params = {'api-version': '2016-10-01'}
secret_headers = {'Authorization': 'Bearer ' + token}
for term in terms:
try:
secret_res = requests.get(vault_url + '/secrets/' + term, params=secret_params, headers=secret_headers)
ret.append(secret_res.json()["value"])
except requests.exceptions.RequestException:
raise AnsibleError('Failed to fetch secret: ' + term + ' via MSI endpoint.')
except KeyError:
raise AnsibleError('Failed to fetch secret ' + term + '.')
return ret
else:
return lookup_secret_non_msi(terms, vault_url, kwargs)