From b22ebd4ac777f8398bc3fe558e080d39c5209bd9 Mon Sep 17 00:00:00 2001 From: Johan Rooijakkers Date: Wed, 26 Feb 2025 17:49:53 +0100 Subject: [PATCH] update --- action.yml | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/action.yml b/action.yml index 90de81f..eb74636 100644 --- a/action.yml +++ b/action.yml @@ -28,7 +28,7 @@ runs: steps: - name: Configure Bitwarden Server shell: sh - run: bw config server ${{ inputs.server }} + run: bw config server "${{ inputs.server }}" - name: Unlock Vault shell: sh @@ -36,36 +36,34 @@ runs: bw login --apikey echo "BW_SESSION=$(bw unlock '${{ inputs.password }}' --raw)" >> "$GITHUB_ENV" env: - BW_CLIENTID: ${{ inputs.client-id }} - BW_CLIENTSECRET: ${{ inputs.client-secret }} - + BW_CLIENTID: "${{ inputs.client-id }}" + BW_CLIENTSECRET: "${{ inputs.client-secret }}" + - name: Retrieve Requested Secrets shell: bash run: | - if [[ -z "$BW_SESSION" ]]; then - echo "❌ BW_SESSION is not set. Please log in to Bitwarden first." - exit 1 - fi - - echo "${{ inputs.secrets }}" | while IFS='>' read -r SECRET_ID ENV_VAR; do + if [[ -z "$BW_SESSION" ]]; then + echo "❌ BW_SESSION is not set. Please log in to Bitwarden first." + exit 1 + fi + echo "${{ inputs.secrets }}" | while IFS='>' read -r SECRET_ID ENV_VAR; do + # Trim whitespace SECRET_ID=$(echo "$SECRET_ID" | xargs) ENV_VAR=$(echo "$ENV_VAR" | xargs) # Skip empty or invalid lines if [[ -z "$SECRET_ID" || -z "$ENV_VAR" ]]; then - continue + continue fi echo "🔍 Retrieving secret: $SECRET_ID..." SECRET_VALUE=$(bw get notes "$SECRET_ID" --session "$BW_SESSION" 2>/dev/null) if [[ -n "$SECRET_VALUE" ]]; then - echo "$ENV_VAR=$SECRET_VALUE" >> "$GITHUB_ENV" - echo "✅ Stored $SECRET_ID in $ENV_VAR" + echo "$ENV_VAR=\"$SECRET_VALUE\"" >> "$GITHUB_ENV" + echo "✅ Stored $SECRET_ID in $ENV_VAR" else - echo "❌ Failed to retrieve secret: $SECRET_ID" + echo "❌ Failed to retrieve secret: $SECRET_ID" fi - done - - + done