Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
1af59b6
commit a6df4ff
Showing
3 changed files
with
60 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,38 +1,65 @@ | ||
| #!/bin/bash | ||
|
|
||
| # Define the location of the script in the Jenkins workspace | ||
| SCRIPT_PATH="$WORKSPACE/secrets-manager.sh" | ||
|
|
||
| echo "running setup" | ||
|
|
||
| # Write the script content to the specified location | ||
| cat <<EOF > "$SCRIPT_PATH" | ||
| #!/usr/bin/env bash | ||
| extract_value_from_json() { | ||
| local json="$1" | ||
| local key="$2" | ||
| local value=$(echo "$json" | jq -r ".$key") | ||
| local secret_json="\$1" | ||
| local secret_key="\$2" | ||
| local secret_value=$(echo "$secret_json" | jq -r ".$secret_key") | ||
| } | ||
| fetch_whole_secret() { | ||
| local secret_name="$1" | ||
| local variable_name="$2" | ||
| local secret_value=$(aws secretsmanager get-secret-value --secret-id "$secret_name" --query "SecretString" --output text) | ||
| local secret_name="\$1" | ||
| local variable_name="\$2" | ||
| SECRET_JSON=\$(aws secretsmanager get-secret-value --secret-id "\$secret_name" --region "us-east-1" --output json) | ||
| echo "\$SECRET_JSON" | ||
| value=\$(echo "\$SECRET_JSON" | jq -r ".SecretString | fromjson.\"\$variable_name\"") | ||
| echo $value | ||
| #set whole file as env var | ||
| declare "${secret_name%=*}=${secret_value}" | ||
| echo "$secret_value" > "$WORKSPACE/$variable_name" | ||
| # Output the contents of the file to verify | ||
| cat "$WORKSPACE/variable_name" | ||
| #declare "$variable_name=$secret_value" | ||
| #declare "$variable_name=\"$secret_value\"" | ||
| #what brian said to do | ||
| #declare "${secret_name%=*}=${secret_value}" | ||
| } | ||
| fetch_specific_key() { | ||
| local secret_name="$1" | ||
| local key="$2" | ||
| local secret_name="\$1" | ||
| local key="\$2" | ||
| local secret_value=$(aws secretsmanager get-secret-value --secret-id "$secret_name" --query "SecretString" --output text) | ||
| local extracted_value=$(extract_value_from_json "$secret_value" "$key") | ||
| declare "${key%=*}=${extracted_value}" | ||
| } | ||
| # Main script | ||
| if [[ "$1" == "-w" ]]; then | ||
| if [ $# -ne 3 ]; then | ||
| echo "Usage: $0 -w <name_of_file> <name_of_variable>" | ||
| exit 1 | ||
| secret_script() { | ||
| echo "\$1" | ||
| echo "\$2" | ||
| echo "\$3" | ||
| if [[ "\$1" == "-w" ]]; then | ||
| if [ \$# -ne 3 ]; then | ||
| echo "Usage: $0 -w <name_of_file> <name_of_variable>" | ||
| exit 1 | ||
| fi | ||
| fetch_whole_secret "\$2" "\$3" | ||
| else | ||
| if [ $# -ne 2 ]; then | ||
| echo "Usage: $0 <name_of_file> <name_of_key>" | ||
| exit 1 | ||
| fi | ||
| fetch_specific_key "\$1" "\$2" | ||
| fi | ||
| fetch_whole_secret "$2" "$3" | ||
| else | ||
| if [ $# -ne 2 ]; then | ||
| echo "Usage: $0 <name_of_file> <name_of_key>" | ||
| exit 1 | ||
| fi | ||
| fetch_specific_key "$1" "$2" | ||
| fi | ||
| } | ||
| EOF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters