wesley/load-secrets-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jq secret selector

Browse Source
This commit is contained in:
Floris van der Grinten
2021-05-27 14:07:20 +02:00
parent 9adb346f21
commit c5c3979b32
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
entrypoint.sh
View File

@@ -73,18 +73,19 @@ for possible_ref in $(printenv | grep "=op://" | grep -v "^#"); do
echo "Loading item $item from vault $vault..." echo "Loading item $item from vault $vault..."
item_json=$(curl -sSf -H "Content-Type: application/json" -H "Authorization: Bearer $OP_CONNECT_TOKEN" "$OP_CONNECT_HOST/v1/vaults/$vault/items/$item") item_json=$(curl -sSf -H "Content-Type: application/json" -H "Authorization: Bearer $OP_CONNECT_TOKEN" "$OP_CONNECT_HOST/v1/vaults/$vault/items/$item")
jq_field_selector=".id == \"$field\" or .label == \"$field\"" jq_field_selector=".id == \"$field\" or .label == \"$field\""
jq_section_selector=".section == null"
# If the reference contains a section, edit the jq selector to take that into account. # If the reference contains a section, edit the jq selector to take that into account.
if [ -n "$section" ]; then if [ -n "$section" ]; then
echo "Looking for section: $section" echo "Looking for section: $section"
section_id=$(echo "$item_json" | jq -r ".sections[] | select(.id == \"$section\" or .label == \"$section\") | .id") section_id=$(echo "$item_json" | jq -r ".sections[] | select(.id == \"$section\" or .label == \"$section\") | .id")
jq_field_selector=".section.id == \"$section_id\" and ($jq_field_selector)" jq_section_selector=".section.id == \"$section_id\""
else
jq_field_selector=".section == null"
fi fi
jq_secret_selector="$jq_section_selector and ($jq_field_selector)"
echo "Looking for field: $field" echo "Looking for field: $field"
secret_field_json=$(echo "$item_json" | jq -r "first(.fields[] | select($jq_field_selector))") secret_field_json=$(echo "$item_json" | jq -r "first(.fields[] | select($jq_secret_selector))")
field_type=$(echo "$secret_field_json" | jq -r '.type') field_type=$(echo "$secret_field_json" | jq -r '.type')
field_purpose=$(echo "$secret_field_json" | jq -r '.purpose') field_purpose=$(echo "$secret_field_json" | jq -r '.purpose')