first pass at incorporating mesh setup/config

roles/bitbucket_mesh_config/tasks/bitbucket_api_setup.yml

@@ -0,0 +1,30 @@
+#  handle setting up to call the bitbucket api
+
+- name: set_fact for the MeshRegistrationCredentialsSecret
+  ansible.builtin.set_fact:
+    mesh_registration_credential_secret: "{{ cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret }}"
+  # NOTE: we decided we want to barf early if the secret doesnt exist as ll the rest of this is somewhat useless if we cant register nodes
+  # when:
+  #   - cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret is defined
+
+- name: get the mesh registration username
+  ansible.builtin.set_fact:
+    mesh_registration_username: "{{ lookup('amazon.aws.secretsmanager_secret', secretpath, region=ansible_ec2_placement_region, bypath=false, nested=true) }}"
+  ignore_errors: no
+  vars:
+    secretpath: "{{ cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret }}.username"
+
+- name: get the mesh registration password
+  ansible.builtin.set_fact:
+    mesh_registration_password: "{{ lookup('amazon.aws.secretsmanager_secret', secretpath, region=ansible_ec2_placement_region, bypath=false, nested=true) }}"
+  ignore_errors: no
+  vars:
+    secretpath: "{{ cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret }}.password"
+  no_log: True
+
+- name: generate the basic auth string
+  ansible.builtin.set_fact:
+    mesh_basic_auth: "{{ auth_string | b64encode }}"
+  vars:
+    auth_string: "{{ mesh_registration_username }}:{{ mesh_registration_password }}"
+  no_log: True