wesley/load-secrets-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add handeling for open ssh format

Browse Source
This commit is contained in:
Jill Regan
2026-02-22 12:20:59 -05:00
parent db4ac8464b
commit e7517d7b3e
6 changed files with 226 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/assert-env-unset.sh
View File

@@ -21,3 +21,6 @@ assert_env_unset "FILE_MULTILINE_SECRET"
assert_env_unset "SECRET_WITH_FILE"
assert_env_unset "SECRET_WITH_FILE_IN_SECTION"
assert_env_unset "DOUBLE_SECTION_SECRET"
assert_env_unset "SSH_PRIVATE_KEY"
assert_env_unset "SSH_PRIVATE_KEY_OPENSSH"

34
tests/assert-ssh-keys.sh Executable file
View File

@@ -0,0 +1,34 @@
#!/bin/bash
set -e
# SSH_PRIVATE_KEY: any private key format
v="$(printenv SSH_PRIVATE_KEY)"
if [ -z "$v" ]; then
echo "SSH_PRIVATE_KEY is not set"
exit 1
fi
if ! echo "$v" | head -1 | grep -qE -- '^-----BEGIN (RSA |EC |OPENSSH )?PRIVATE KEY-----'; then
echo "SSH_PRIVATE_KEY does not start with a private key header"
exit 1
fi
if ! echo "$v" | tail -1 | grep -qE -- '-----END (RSA |EC |OPENSSH )?PRIVATE KEY-----$'; then
echo "SSH_PRIVATE_KEY does not end with a private key footer"
exit 1
fi
echo "SSH_PRIVATE_KEY has valid key format"
# SSH_PRIVATE_KEY_OPENSSH: OpenSSH format only
v="$(printenv SSH_PRIVATE_KEY_OPENSSH)"
if [ -z "$v" ]; then
echo "SSH_PRIVATE_KEY_OPENSSH is not set"
exit 1
fi
if ! echo "$v" | head -1 | grep -q -- '-----BEGIN OPENSSH PRIVATE KEY-----'; then
echo "SSH_PRIVATE_KEY_OPENSSH is not in OpenSSH format"
exit 1
fi
if ! echo "$v" | tail -1 | grep -q -- '-----END OPENSSH PRIVATE KEY-----$'; then
echo "SSH_PRIVATE_KEY_OPENSSH does not end with OpenSSH private key footer"
exit 1
fi
echo "SSH_PRIVATE_KEY_OPENSSH has valid OpenSSH key format"