vault-secrets-buildkite-plugin icon indicating copy to clipboard operation
vault-secrets-buildkite-plugin copied to clipboard

Published 20 hours ago verified publisher icon buildkite-plugins

JSON secrets break the plugin

Open ClayShentrup opened this issue 11 months ago • 2 comments

we have some secrets which are a JSON string. this leads to the following error.

/etc/buildkite-agent/plugins/github-robot-car-cruise-vault-secrets-buildkite-plugin-git-v2-0-0/hooks/environment: line 133: PRIVATE: command not found

the cause? this apparently isn't bash escaped correctly.

https://github.com/buildkite-plugins/vault-secrets-buildkite-plugin/blob/master/hooks/environment#L36

here are some techniques gemini suggested:

Bash JSON_STRING=$(get_json) ESCAPED_JSON=$(jq -R '.' <<< "$JSON_STRING")
export MY_VAR="$ESCAPED_JSON"

Method 2: Using sed Bash JSON_STRING=$(get_json) ESCAPED_JSON=$(sed 's/"/\"/g; s/\/\\/g; s/$/\$/g' <<< "$JSON_STRING") export MY_VAR="$ESCAPED_JSON"

thank you

ClayShentrup avatar Mar 01 '24 18:03 ClayShentrup

@ClayShentrup thanks for raising this! I just wanted to verify you're submitting this issue on the correct plugin. In the error message you shared I can see the plugin checkout path is checking out a different vault secrets plugin:

github-robot-car-cruise-vault-secrets-buildkite-plugin-git-v2-0-0

In either case I'm taking a look at this, but I just wanted to verify you're seeing the same thing on this plugin too.

jeremybumsted avatar Mar 25 '24 20:03 jeremybumsted

yeah that's just our (unmodified) fork of it in the cruise enterprise GitHub.

On Mon, Mar 25, 2024, 1:09 PM Jeremy Bumsted @.***> wrote:

@ClayShentrup https://github.com/ClayShentrup thanks for raising this! I just wanted to verify you're submitting this issue on the correct plugin. In the error message you shared I can see the plugin checkout path is checking out a different vault secrets plugin:

github-robot-car-cruise-vault-secrets-buildkite-plugin-git-v2-0-0

In either case I'm taking a look at this, but I just wanted to verify you're seeing the same thing on this plugin too.

— Reply to this email directly, view it on GitHub https://github.com/buildkite-plugins/vault-secrets-buildkite-plugin/issues/47#issuecomment-2018821941, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABIAKZ7ULP2PUAUMJM2VMLY2B76JAVCNFSM6AAAAABECF3RDWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMJYHAZDCOJUGE . You are receiving this because you were mentioned.Message ID: <buildkite-plugins/vault-secrets-buildkite-plugin/issues/47/2018821941@ github.com>

ClayShentrup avatar Mar 25 '24 22:03 ClayShentrup

Hey, fixed the issue PR https://github.com/buildkite-plugins/vault-secrets-buildkite-plugin/pull/51

ivannalisetska avatar Jun 10 '24 18:06 ivannalisetska