hack

2 years ago · 279de5773f
parent ca0935bf58
commit 279de5773f
2 changed files with 7 additions and 9 deletions
--- a/vault/main.tf
+++ b/vault/main.tf
@ -64,7 +64,7 @@ resource "coder_script" "vault" {
    VAULT_ADDR : var.vault_addr,
    VAULT_TOKEN : data.coder_git_auth.vault.access_token,
    VERSION : var.vault_cli_version,
-    SECRETS : replace(jsonencode(var.secrets), "\"", "\\\"")
+    SECRETS : replace(replace(jsonencode(var.secrets), "\"", "\\\""), "/", "::")
  })
  run_on_start = true
 }
--- a/vault/run.sh
+++ b/vault/run.sh
@ -69,16 +69,14 @@ if [ "${SECRETS}" = "{}" ]; then
    exit 0
 fi

-# DEBUG
-printf "\n\n🐛 DEBUG: Printing secrets ...\n\n"
-echo "${SECRETS}" > /tmp/debug_secrets.txt
-echo "${SECRETS}"
-echo "${SECRETS}" | jq
+# Replace :: back to / in the SECRETS string
+SECRETS=$(echo "${SECRETS}" | sed 's/::/\//g')

+# Now process the SECRETS string as before...
 printf "🔍 Fetching secrets ...\n\n"
-for key in $(echo "${SECRETS}" | jq -r "keys[]" ); do
-    secrets=$(echo "${SECRETS}" | jq -r ".$key.secrets[]")
-    file=$(echo "${SECRETS}" | jq -r ".$key.file")
+for key in $(echo "$${SECRETS}" | jq -r "keys[]" ); do
+    secrets=$(echo "$${SECRETS}" | jq -r ".$key.secrets[]")
+    file=$(echo "$${SECRETS}" | jq -r ".$key.file")
    printf "Fetching secrets from $${key} ...\n"
    for secret in $${secrets}; do
        value=$(vault kv get -format=json $${key} | jq -r ".data.data.$${secret}")