Infisical
Ability to write secrets in Ansible collection
Feature description
Currently, the Infisical Ansible collection only supports read_secrets. We also need to be able to write secrets from Ansible.
Why would it be useful?
One current real-world example: When setting up bacula clients on freshly provisioned Linux servers, an individual client secret gets generated on installation that we need to store in a vault (eg, Infisical) so that the Bacula server can get configured with that client-specific secret and future playbook runs that leverage templating likewise can grok the credential from Infisical.
Additional context
We are replacing a playbook process that previously used Hashicorp Vault as we are trying to standardize on Infisical for these types of operations.
Our current workaround has been to bake the Infisical CLI into a custom Execution Environment for Ansible AWX with a custom Credential Type. It would be great to have an Ansible-native way to do this and for other Infisical Ansible users to not have to build out a similar workaround on their own.
This seems like it will be pretty simple, but it's not quite that straight-forward. Currently the ansible-collection is provided as a lookup-plugin (which is the correct method to use for what it does), but that inherently defines it as a resource consumer, not something that would write-back. Anyone considering this would need to look at transitioning to a module, or perhaps, having an independent module that can do read/write operations.
