some changes for macos

#5 #9
joergi · Oct 20, 2024 · 0cda801 · 0cda801
1 parent bf7f96f
commit 0cda801
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 56 deletions.
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
@@ -5,56 +5,56 @@ on:
   workflow_dispatch: {}
 
 jobs:
-#  bash-linux:
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: actions/checkout@v4
-#      - name: install vault-cli
-#        run: |
-#          sudo apt-get update && sudo apt-get install gpg wget gnome-keyring dbus-x11 libsecret-tools
-#          wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
-#          gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
-#          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
-#          sudo apt-get update && sudo apt-get install vault
-#
-#      - name: Run docker-compose
-#        run: docker compose -f ./vault-docker/docker-compose.yml up -d
-#
-#      - name: verifying vault
-#        run: |
-#          echo "Waiting for Vault to start..."
-#          sleep 30
-#          docker ps
-#          echo "docker images"
-#          export $(dbus-launch)
-#          eval "$(echo '\n' | gnome-keyring-daemon --unlock)"
-#          export VAULT_ADDR=http://127.0.0.1:8200
-#          echo "vault status"
-#          vault status
-#          echo "login to vault"
-#          vault login token=vault-plaintext-root-token
-#          mkdir $HOME/.superexport
-#
-#          touch $HOME/.superexport/.exported.sh
-#          chmod +x $HOME/.superexport/.exported.sh
-#          chmod +x superexport.sh
-#          ./superexport.sh MYKEY password /my-secrets/dev foo
-#
-#          echo "reading secrets from from secret tools"
-#          source $HOME/.superexport/.secretreader.sh
-#          echo "mykey is $MYKEY"
-#          echo "GH_ENV=$MYKEY" >> $GITHUB_ENV
-#      - name: check if the password is correct
-#        run: |
-#          CHECKVAR="${{ env.GH_ENV }}"
-#          if [ "$CHECKVAR" = "test_password" ]; then
-#            echo "password is correct"
-#            exit 0
-#          else
-#            echo "password is wrong"
-#            echo "password should be \"test_password\" but was $CHECKVAR"
-#            exit 1
-#          fi
+  bash-linux:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: install vault-cli
+        run: |
+          sudo apt-get update && sudo apt-get install gpg wget gnome-keyring dbus-x11 libsecret-tools
+          wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
+          gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
+          sudo apt-get update && sudo apt-get install vault
+
+      - name: Run docker-compose
+        run: docker compose -f ./vault-docker/docker-compose.yml up -d
+
+      - name: verifying vault
+        run: |
+          echo "Waiting for Vault to start..."
+          sleep 30
+          docker ps
+          echo "docker images"
+          export $(dbus-launch)
+          eval "$(echo '\n' | gnome-keyring-daemon --unlock)"
+          export VAULT_ADDR=http://127.0.0.1:8200
+          echo "vault status"
+          vault status
+          echo "login to vault"
+          vault login token=vault-plaintext-root-token
+          mkdir $HOME/.superexport
+
+          touch $HOME/.superexport/.exported.sh
+          chmod +x $HOME/.superexport/.exported.sh
+          chmod +x superexport.sh
+          ./superexport.sh MYKEY password /my-secrets/dev foo
+
+          echo "reading secrets from from secret tools"
+          source $HOME/.superexport/.secretreader.sh
+          echo "mykey is $MYKEY"
+          echo "GH_ENV=$MYKEY" >> $GITHUB_ENV
+      - name: check if the password is correct
+        run: |
+          CHECKVAR="${{ env.GH_ENV }}"
+          if [ "$CHECKVAR" = "test_password" ]; then
+            echo "password is correct"
+            exit 0
+          else
+            echo "password is wrong"
+            echo "password should be \"test_password\" but was $CHECKVAR"
+            exit 1
+          fi
   mac:
     runs-on: macos-13
     steps:

diff --git a/superexport.sh b/superexport.sh
@@ -105,11 +105,10 @@ export+="\n"
 
 if [[ "$(uname)" == 'Darwin' ]]; then
   if security find-generic-password -a "$USER" -s $secretname -w >/dev/null 2>&1; then
-    echo "mac 1"
-    export+="echo \$$1 | security delete-generic-password -a \"$USER\" -s $secretname >/dev/null 2>&1"
+    security delete-generic-password -a "$USER" -s $secretname >/dev/null 2>&1
   fi
-  echo "after mac1"
-  export+="echo \$$1 | security add-generic-password -a \"$USER\" -s $secretname -w \"$secretname\""
+  vault_value=$(vault kv get -field=$2 "$3")
+  security add-generic-password -a "$USER" -s $secretname -w "$vault_value"
 elif [[ "$(uname)" == 'Linux' ]]; then
   echo "linux"
   export+="echo \$$1 | secret-tool store --label=\"\$USER $secretname\" \$USER $secretname"
@@ -146,11 +145,10 @@ fi
 
 if [[ "$(uname)" == 'Darwin' ]]; then
   echo "mac unten"
-  secretreader="export $1=\$(launchctl setenv \$secretname \"$secretname\")"
+  secretreader="launchctl setenv $secretname \$(vault kv get -field=$2 \"$3\")"
 elif [[ "$(uname)" == 'Linux' ]]; then
   echo "linux unten"
   secretreader="export $1=\$(secret-tool lookup \$USER $secretname)"
 fi
 
 echo -e $secretreader >> $superexportfolder/.secretreader.sh
-