diff options
| author | talyz <kim.lindberger@gmail.com> | 2022-09-30 17:02:24 +0200 |
|---|---|---|
| committer | Yureka <yuka@yuka.dev> | 2022-10-09 08:12:19 +0200 |
| commit | 4df4d2a8eac999e47f973911857b9756281f8273 (patch) | |
| tree | a49de96238ca7752569a24dc011a3f08184549c9 /nixos | |
| parent | de25676c9f0954c9fdbb703cdb9326af9301ad50 (diff) | |
genJqSecretsReplacementSnippet: Allow dots in attribute names...
...and escape quotation marks and backslashes.
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/lib/utils.nix | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/nixos/lib/utils.nix b/nixos/lib/utils.nix index d7671a374999..f646f70323e3 100644 --- a/nixos/lib/utils.nix +++ b/nixos/lib/utils.nix @@ -102,7 +102,11 @@ rec { if item ? ${attr} then nameValuePair prefix item.${attr} else if isAttrs item then - map (name: recurse (prefix + "." + name) item.${name}) (attrNames item) + map (name: + let + escapedName = ''"${replaceChars [''"'' "\\"] [''\"'' "\\\\"] name}"''; + in + recurse (prefix + "." + escapedName) item.${name}) (attrNames item) else if isList item then imap0 (index: item: recurse (prefix + "[${toString index}]") item) item else @@ -182,13 +186,13 @@ rec { '') (attrNames secrets)) + "\n" - + "${pkgs.jq}/bin/jq >'${output}' '" - + concatStringsSep + + "${pkgs.jq}/bin/jq >'${output}' " + + lib.escapeShellArg (concatStringsSep " | " (imap1 (index: name: ''${name} = $ENV.secret${toString index}'') - (attrNames secrets)) + (attrNames secrets))) + '' - ' <<'EOF' + <<'EOF' ${builtins.toJSON set} EOF (( ! $inherit_errexit_enabled )) && shopt -u inherit_errexit |