action.yml

@@ -42,8 +42,13 @@ runs:
     - name: Retrieve Requested Secrets
       shell: sh
       run: |
-        IFS=',' read -r -a secret_pairs <<< "${{ inputs.secrets }}"
-        for pair in "${secret_pairs[@]}"; do
+        # Convert comma-separated secrets into a list
+        OLDIFS=$IFS
+        IFS=','
+        set -- ${{ inputs.secrets }}
+        IFS=$OLDIFS
+
+        for pair in "$@"; do
           SECRET_ID=$(echo "$pair" | cut -d'=' -f1)
           ENV_VAR=$(echo "$pair" | cut -d'=' -f2)
           
@@ -51,11 +56,9 @@ runs:
           SECRET_VALUE=$(bw get notes "$SECRET_ID" --session "$BW_SESSION")
 
           if [ -n "$SECRET_VALUE" ]; then
-            echo "$ENV_VAR=$SECRET_VALUE" >> $GITHUB_ENV
+            echo "$ENV_VAR=$SECRET_VALUE" >> "$GITHUB_ENV"
             echo "✅ Stored $SECRET_ID in $ENV_VAR"
           else
             echo "❌ Failed to retrieve secret: $SECRET_ID"
           fi
         done
-      env:
-        BW_SESSION: ${{ env.BW_SESSION }}