32 lines
928 B
Bash
Executable File
32 lines
928 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
|
VAULT_FILE="${VAULT_FILE:-$REPO_DIR/secrets/vault.yml}"
|
|
VAULT_PASS_FILE="${VAULT_PASS_FILE:-$HOME/.config/continuous-ai-workflow-spec/vault-pass.txt}"
|
|
|
|
SECTION="${1:-}"
|
|
[ -n "$SECTION" ] || { echo "用法: $0 <section>"; exit 1; }
|
|
|
|
TMP_DEC=$(mktemp)
|
|
chmod 600 "$TMP_DEC"
|
|
ansible-vault decrypt "$VAULT_FILE" --vault-password-file "$VAULT_PASS_FILE" --output "$TMP_DEC" 2>/dev/null
|
|
|
|
python3 - <<PY
|
|
import yaml
|
|
from pathlib import Path
|
|
|
|
data = yaml.safe_load(Path('$TMP_DEC').read_text())
|
|
section_data = data.get('$SECTION', {})
|
|
prefix = '${SECTION^^}'.replace('-', '_')
|
|
|
|
for key, val in section_data.items():
|
|
if isinstance(val, dict):
|
|
for subkey, subval in val.items():
|
|
print(f"{prefix}_{key.upper()}_{subkey.upper()}={subval}")
|
|
else:
|
|
print(f"{prefix}_{key.upper()}={val}")
|
|
PY
|
|
|
|
rm -f "$TMP_DEC"
|