dev/sg: add -view flag to show secrets (#30036)

2026-02-06 19:21:50 +00:00 · 2022-01-24 07:37:59 -08:00 · 2022-01-24 07:37:59 -08:00 · b8d741b911
commit b8d741b911
parent f5bb39eb3d
1 changed files with 22 additions and 2 deletions
--- a/dev/sg/sg_secret.go
+++ b/dev/sg/sg_secret.go
@ -2,7 +2,9 @@ package main

 import (
 	"context"
+	"encoding/json"
 	"flag"
+	"fmt"
 	"strings"

 	"github.com/cockroachdb/errors"
@ -15,8 +17,11 @@ import (
 var (
 	secretFlagSet      = flag.NewFlagSet("sg secret", flag.ExitOnError)
 	secretResetFlagSet = flag.NewFlagSet("sg secret reset", flag.ExitOnError)
+
 	secretListFlagSet  = flag.NewFlagSet("sg secret list", flag.ExitOnError)
-	secretCommand      = &ffcli.Command{
+	secretListViewFlag = secretListFlagSet.Bool("view", false, "Display configured secrets when listing")
+
+	secretCommand = &ffcli.Command{
 		Name:       "secret",
 		ShortUsage: "sg secret <subcommand>...",
 		ShortHelp:  "Manipulate secrets stored in memory and in file",
@ -72,6 +77,21 @@ func listSecretExec(ctx context.Context, args []string) error {
 	}
 	stdout.Out.WriteLine(output.Linef("", output.StyleBold, "Secrets:"))
 	keys := secretsStore.Keys()
-	stdout.Out.WriteLine(output.Linef("", output.StyleWarning, strings.Join(keys, ", ")))
+	if *secretListViewFlag {
+		for _, key := range keys {
+			var val map[string]interface{}
+			if err := secretsStore.Get(key, &val); err != nil {
+				return fmt.Errorf("Get %q: %w", key, err)
+			}
+			data, err := json.MarshalIndent(val, "  ", "  ")
+			if err != nil {
+				return fmt.Errorf("Marshal %q: %w", key, err)
+			}
+			stdout.Out.WriteLine(output.Linef("", output.StyleYellow, "- %s:", key))
+			stdout.Out.WriteLine(output.Linef("", output.StyleWarning, "  %s", string(data)))
+		}
+	} else {
+		stdout.Out.WriteLine(output.Linef("", output.StyleYellow, strings.Join(keys, ", ")))
+	}
 	return nil
 }