File tree Expand file tree Collapse file tree 1 file changed +13
-4
lines changed
Expand file tree Collapse file tree 1 file changed +13
-4
lines changed Original file line number Diff line number Diff line change @@ -37,10 +37,19 @@ runs:
3737 echo "Processing pattern: $pattern"
3838 for secret_name in $(az keyvault secret list --vault-name ${{ inputs.keyvault }} --query "[?contains(name, '$pattern')].name" -o tsv); do
3939 echo "Sync secret: env.$secret_name"
40- secret_value=$(az keyvault secret show --only-show-errors --name "$secret_name" --vault-name ${{ inputs.keyvault }} --query value -o tsv)
41- escaped_secret=$(printf '%s' "$secret_value" | sed ':a;N;$!ba;s/%/%25/g' | sed ':a;N;$!ba;s/\r/%0D/g' | sed ':a;N;$!ba;s/\n/%0A/g')
42- echo "::add-mask::$escaped_secret"
43- echo "$secret_name=$secret_value" >> $GITHUB_ENV
40+ secret_value=$(az keyvault secret show --name "$secret_name" --vault-name ${{ inputs.keyvault }} --query value -o tsv)
41+ # check if value is multiline
42+ if [[ "$secret_value" == *$'\n'* ]]; then
43+ echo "Secret $secret_name is multiline"
44+ IFS=@ VAL=$secret_value
45+ while read -r line; do
46+ echo "::add-mask::${line}"
47+ done <<< "${VAL}"
48+ else
49+ echo "Secret $secret_name is single line"
50+ echo "::add-mask::${secret_value}"
51+ echo "$secret_name=$secret_value" >> $GITHUB_ENV
52+ fi
4453 done
4554 done
4655 IFS=$old_IFS
You can’t perform that action at this time.
0 commit comments