From a83d40eacc1a0971eaae2d045271df7854e30fd4 Mon Sep 17 00:00:00 2001 From: lukaszcl <120112546+lukaszcl@users.noreply.github.com> Date: Thu, 16 Jan 2025 13:37:29 +0100 Subject: [PATCH] Decode base64 test secrets by default when fetching test secrets --- tools/ghsecrets/README.md | 4 ++-- tools/ghsecrets/main.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/ghsecrets/README.md b/tools/ghsecrets/README.md index a71576d2d..75bfbc3b1 100644 --- a/tools/ghsecrets/README.md +++ b/tools/ghsecrets/README.md @@ -85,10 +85,10 @@ If you want to retrieve an existing secret from AWS Secrets Manager, use: ghsecrets get --secret-id testsecrets/MySecretName --profile ``` -By default, it prints out the Base64-encoded string. To decode it automatically: +By default, it tries to decode a Base64-encoded test secret. To disable decoding use `--decode false` flag: ```sh -ghsecrets get --secret-id testsecrets/MySecretName --decode --profile +ghsecrets get --secret-id testsecrets/MySecretName --decode false --profile ``` ## FAQ diff --git a/tools/ghsecrets/main.go b/tools/ghsecrets/main.go index db8b53160..6a95d077e 100644 --- a/tools/ghsecrets/main.go +++ b/tools/ghsecrets/main.go @@ -106,7 +106,7 @@ func main() { setCmd.PersistentFlags().StringSliceVar(&sharedWith, "shared-with", []string{}, "Comma-separated list of IAM ARNs to share the secret with") getCmd.PersistentFlags().StringVarP(&secretID, "secret-id", "s", "", "ID of the secret to retrieve") - getCmd.PersistentFlags().BoolVarP(&decode, "decode", "d", false, "Decode the Base64-encoded secret value") + getCmd.PersistentFlags().BoolVarP(&decode, "decode", "d", true, "Decode the Base64-encoded secret value") getCmd.PersistentFlags().StringVar(&profile, "profile", "", "AWS profile to use for credentials (required for AWS backend)") getCmd.MarkPersistentFlagRequired("secret-id")