[bitwarden] ability to fetch all fields from an item

Sometimes a projects has a lot of secrets (more than 10). And its cumbersome to write $(kama secrets fetch ...) with a lot of field names. I want to be able to just fetch all the fields from a given item and then just use these with $(kamal extract NAME)
2024-10-05 16:05:28 +02:00
parent 0f97e0b056
commit 7142534e77
2 changed files with 64 additions and 10 deletions
--- a/lib/kamal/secrets/adapters/bitwarden.rb
+++ b/lib/kamal/secrets/adapters/bitwarden.rb
@@ -25,18 +25,15 @@ class Kamal::Secrets::Adapters::Bitwarden < Kamal::Secrets::Adapters::Base
      {}.tap do |results|
        items_fields(secrets).each do |item, fields|
          item_json = run_command("get item #{item.shellescape}", session: session, raw: true)
-          raise RuntimeError, "Could not read #{secret} from Bitwarden" unless $?.success?
+          raise RuntimeError, "Could not read #{item} from Bitwarden" unless $?.success?
          item_json = JSON.parse(item_json)
-
          if fields.any?
-            fields.each do |field|
-              item_field = item_json["fields"].find { |f| f["name"] == field }
-              raise RuntimeError, "Could not find field #{field} in item #{item} in Bitwarden" unless item_field
-              value = item_field["value"]
-              results["#{item}/#{field}"] = value
-            end
+            results.merge! fetch_secrets_from_fields(fields, item, item_json)
          elsif item_json.dig("login", "password")
            results[item] = item_json.dig("login", "password")
+          elsif item_json["fields"]&.any?
+            fields = item_json["fields"].pluck("name")
+            results.merge! fetch_secrets_from_fields(fields, item, item_json)
          else
            raise RuntimeError, "Item #{item} is not a login type item and no fields were specified"
          end
@@ -44,6 +41,15 @@ class Kamal::Secrets::Adapters::Bitwarden < Kamal::Secrets::Adapters::Base
      end
    end

+    def fetch_secrets_from_fields(fields, item, item_json)
+      fields.to_h do |field|
+        item_field = item_json["fields"].find { |f| f["name"] == field }
+        raise RuntimeError, "Could not find field #{field} in item #{item} in Bitwarden" unless item_field
+        value = item_field["value"]
+        [ "#{item}/#{field}", value ]
+      end
+    end
+
    def items_fields(secrets)
      {}.tap do |items|
        secrets.each do |secret|