maxime.fleury/_Assistant_Lead_Tech
1
0
Fork 0
mirror of https://github.com/MaksTinyWorkshop/_Assistant_Lead_Tech synced 2026-04-06 21:41:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(scripts): remplacer parsing CSV bash par python3 — gère les champs multilignes

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
MaksTinyWorkshop
2026-03-26 18:26:02 +01:00
parent 83ca6c8bb0
commit 28454bf466
2 changed files with 49 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
scripts/load-global-secrets.sh
View File

@@ -46,33 +46,38 @@ EOF
return 1 return 1
} }
local loaded=0 # Parser le CSV avec python3 — gère les champs multilignes et les virgules dans les valeurs
local pairs
pairs=$(python3 - <<'PYEOF' <<< "$csv"
import sys, csv, re
while IFS=',' read -r group title username password rest; do reader = csv.DictReader(sys.stdin)
group="${group//\"/}" for row in reader:
title="${title//\"/}" group = row.get("Group", "")
password="${password//\"/}" title = row.get("Title", "")
password = row.get("Password", "")
if group != "Racine/global" and not group.startswith("Racine/global/"):
continue
if not re.match(r'^[A-Z_][A-Z0-9_]*$', title):
continue
if not password:
continue
print(f"{title}={password}")
PYEOF
)
[[ "$group" != "Racine/global" && "$group" != "Racine/global/"* ]] && continue if [ -z "$pairs" ]; then
local var_name="$title"
if ! printf '%s' "$var_name" | grep -Eq '^[A-Z_][A-Z0-9_]*$'; then
echo "Nom invalide ignoré : $var_name" >&2
continue
fi
[ -z "$password" ] && { echo "Valeur vide ignorée : $var_name" >&2; continue; }
export "$var_name=$password"
loaded=$((loaded + 1))
done <<< "$csv"
if [ "$loaded" -eq 0 ]; then
echo "Aucun secret global chargé." >&2 echo "Aucun secret global chargé." >&2
return 1 return 1
fi fi
local loaded=0
while IFS='=' read -r var_name value; do
[ -z "$var_name" ] && continue
export "$var_name=$value"
loaded=$((loaded + 1))
done <<< "$pairs"
echo "Secrets chargés : $loaded" echo "Secrets chargés : $loaded"
} }

51
scripts/sync-service-secrets.sh
View File

@@ -57,40 +57,35 @@ EOF
return 1 return 1
} }
# Parse CSV : colonnes "Group","Title","Username","Password",... # Parser le CSV avec python3 — gère les champs multilignes et les virgules dans les valeurs
# On garde les entrées dont le Group commence par "services/" local rendered_lines
# ou dont le Group est exactement "services" (selon la structure KeePass) rendered_lines=$(python3 - <<'PYEOF' <<< "$csv"
local rendered_lines="" import sys, csv, re
local loaded=0
while IFS=',' read -r group title username password rest; do reader = csv.DictReader(sys.stdin)
# Retirer les guillemets CSV for row in reader:
group="${group//\"/}" group = row.get("Group", "")
title="${title//\"/}" title = row.get("Title", "")
password="${password//\"/}" password = row.get("Password", "")
if group != "Racine/services" and not group.startswith("Racine/services/"):
continue
if not re.match(r'^[A-Z_][A-Z0-9_]*$', title):
continue
if not password:
continue
print(f"{title}={password}")
PYEOF
)
# Filtrer le groupe services if [ -z "$rendered_lines" ]; then
[[ "$group" != "Racine/services" && "$group" != "Racine/services/"* ]] && continue
# Le nom de variable = titre de l'entrée
local var_name="$title"
if ! printf '%s' "$var_name" | grep -Eq '^[A-Z_][A-Z0-9_]*$'; then
echo "Nom invalide ignoré : $var_name" >&2
continue
fi
[ -z "$password" ] && { echo "Valeur vide ignorée : $var_name" >&2; continue; }
rendered_lines+="$var_name=$password"$'\n'
loaded=$((loaded + 1))
done <<< "$csv"
if [ "$loaded" -eq 0 ]; then
echo "Aucun secret de service chargé." >&2 echo "Aucun secret de service chargé." >&2
return 1 return 1
fi fi
printf '%s' "$rendered_lines" > "$target_file" local loaded
loaded=$(echo "$rendered_lines" | grep -c '.')
printf '%s\n' "$rendered_lines" > "$target_file"
chmod 600 "$target_file" chmod 600 "$target_file"
echo "Secrets de service écrits dans : $target_file" echo "Secrets de service écrits dans : $target_file"