-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpull-secrets.ps1
executable file
·46 lines (40 loc) · 1.09 KB
/
pull-secrets.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#!/usr/bin/env pwsh
# Script to pull secrets used in the given project from a custom static file server vault
function Get-Secrets {
param (
[Parameter(Mandatory = $true)]
[string]
$Url,
[Parameter(Mandatory = $true)]
[string]
$Token
)
$project = (Get-Item -Path ".").Name
$insideSecrets = $false
$secrets = @()
foreach ($line in Get-Content .gitignore) {
if ($line -eq '# end secrets') {
$insideSecrets = $false
}
if ($insideSecrets) {
$secrets += $line
}
if ($line -eq '# begin secrets') {
$insideSecrets = $true
}
}
foreach ($file in $secrets) {
$request = $Url + $project + '/' + $file + '?' + $Token
Invoke-WebRequest -Uri $request -OutFile $file
}
}
if (Test-Path -Path ".vaultsecrets.json") {
$secrets = Get-Content -Path ".vaultsecrets.json" | ConvertFrom-Json
$Url = $secrets.Url
$Token = $secrets.Token
Get-Secrets -Url $Url -Token $Token
}
else {
Get-Secrets
# TODO: offer to save $Url and $Token in .vaultsecrets.json
}