fatalerrors/init.sh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: fatalerrors:a02cb3b3bdc60eb459c5f3a6fb0bf5c7f9d622ad
Branches Tags
fatalerrors:master
...
compare: fatalerrors:a3b69a7c886bfac448e2cbd817c2dcc5339072c0
Branches Tags
fatalerrors:master

2 Commits
a02cb3b3bd ... a3b69a7c88

Author SHA1 Message Date
fatalerrors
a3b69a7c88 updated README file 2025-09-24 15:41:04 +02:00
fatalerrors
1e277ac209 fixed secret lib 2025-09-24 15:40:29 +02:00
2 changed files with 26 additions and 13 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -328,6 +328,12 @@ The following table is giving a list of error codes with explanation:
| 18 | Module file don't exists or is empty |
| 20 | Ambigous realm with autodetection |
| 21 | Unconsistant directory structure with configured realm |
| 22 | Required secret management software missing |
| 23 | Secret key not found in secret database |
| 24 | File is not readable |
| 25 | Needed variable not set or not declared |
| 26 | Secret reference missing or malformed |
| 27 | Unknown secret reference |
| 50..100 | Error in module execution |
| 126 | Command exists but is not executable |
| 127 | Command not found |
@@ -394,7 +400,7 @@ You can mail author to fatalerrors \<at\> geoffray-levasseur \<dot\> org.
-----------------------------------------------------------------------------
Documentation (c) 2019-2022 Geoffray Levasseur.
Documentation (c) 2019-2025 Geoffray Levasseur.
This file is distributed under3-clause BSD license. The complete license
agreement can be obtained at: https://opensource.org/licenses/BSD-3-Clause

31
lib/secret.sh
View File

@@ -12,12 +12,13 @@
# ------------------------------------------------------------------------------
# Passbolt
get_passbolt_secret() {
get_passbolt_secret()
{
local name="$1" secret
if ! command -v passbolt >/dev/null 2>&1; then
prnt E "Passbolt CLI not found (required to fetch passbolt:$name)."
return 3
die 22
fi
# Exemple basé sur CLI Passbolt + jq
@@ -26,26 +27,28 @@ get_passbolt_secret() {
if [[ -z "$secret" || "$secret" == "null" ]]; then
prnt E "Secret '$name' not found in Passbolt."
return 4
die 23
fi
printf '%s' "$secret"
}
export -f get_passbolt_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# File
get_file_secret() {
get_file_secret()
{
local path="$1" secret
if [[ -z "$path" ]]; then
prnt E "get_file_secret: missing path"
return 5
die 10
fi
if [[ ! -r "$path" ]]; then
prnt E "get_file_secret: '$path' not readable"
return 6
die 24
fi
secret=$(<"$path")
@@ -53,21 +56,23 @@ get_file_secret() {
secret="${secret%$'\n'}"
printf '%s' "$secret"
}
export -f get_file_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Environment variable
get_var_secret() {
get_var_secret()
{
local var="$1" secret
if [[ -z "$var" ]]; then
prnt E "get_var_secret: missing variable name"
return 7
die 25
fi
if ! printenv "$var" >/dev/null 2>&1; then
prnt E "get_var_secret: variable '$var' not set"
return 8
die 25
fi
secret="$(printenv "$var")"
@@ -75,18 +80,20 @@ get_var_secret() {
secret="${secret%$'\n'}"
printf '%s' "$secret"
}
export -f get_var_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Main dispatcher
# Usage: fetch_secret "scheme:identifier"
fetch_secret() {
fetch_secret()
{
local ref="$1"
local scheme identifier func
if [[ -z "$ref" ]]; then
prnt E "fetch_secret: no reference provided"
return 1
die 26
fi
# par défaut, si pas de scheme -> "file"
@@ -102,7 +109,7 @@ fetch_secret() {
if ! declare -f "$func" >/dev/null 2>&1; then
prnt E "fetch_secret: unsupported scheme '$scheme' (no function $func)"
return 2
die 27
fi
"$func" "$identifier"