[libvirt] [PATCH 2/4] virsh: secret: Allow getting secret's value without base64 encoding
Users might want to get the raw value instead of dealing with base64
encoding. This might be useful for redirection to file and also for
simple human-readable secrets.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/manpages/virsh.rst | 6 +++++-
tools/virsh-secret.c | 16 ++++++++++++++--
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 03364684b5..fcc8ef6758 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -6586,11 +6586,15 @@ secret-get-value
.. code-block::
- secret-get-value secret
+ secret-get-value [--plain] secret
Output the value associated with *secret* (specified by its UUID) to stdout,
encoded using Base64.
+If the *--plain* flag is used the value is not base64 encoded, but rather
+printed raw. Note that unless virsh is started in quiet mode (*virsh -q*) it
+prints a newline at the end of the command. This newline is not part of the
+secret.
secret-undefine
---------------
diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index 9f64be6b14..6d95ed9d5d 100644
--- a/tools/virsh-secret.c
+++ b/tools/virsh-secret.c
@@ -303,6 +303,10 @@ static const vshCmdOptDef opts_secret_get_value[] = {
.help = N_("secret UUID"),
.completer = virshSecretUUIDCompleter,
},
+ {.name = "plain",
+ .type = VSH_OT_BOOL,
+ .help = N_("get value without converting to base64")
+ },
{.name = NULL}
};
@@ -313,6 +317,7 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd)
VIR_AUTODISPOSE_STR base64 = NULL;
unsigned char *value;
size_t value_size;
+ bool plain = vshCommandOptBool(cmd, "plain");
bool ret = false;
secret = virshCommandOptSecret(ctl, cmd, NULL);
@@ -323,9 +328,16 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd)
if (value == NULL)
goto cleanup;
- base64 = g_base64_encode(value, value_size);
+ if (plain) {
+ if (fwrite(value, 1, value_size, stdout) != value_size) {
+ vshError(ctl, "failed to write secret");
+ goto cleanup;
+ }
+ } else {
+ base64 = g_base64_encode(value, value_size);
- vshPrint(ctl, "%s", base64);
+ vshPrint(ctl, "%s", base64);
+ }
ret = true;
cleanup:
--
2.24.1