virsh: secret: Add --plain flag for secret-get-value

Users might want to get the raw value instead of dealing with base64 encoding. This might be useful for redirection to file and also for simple human-readable secrets. Signed-off-by: N Peter Krempa <pkrempa@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com>

virsh: secret: Add --plain flag for secret-get-value
Users might want to get the raw value instead of dealing with base64 encoding. This might be useful for redirection to file and also for simple human-readable secrets. Signed-off-by: N Peter Krempa <pkrempa@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com>
5611795b · Peter Krempa · 1a552ecc · 5611795b · 5611795b
显示空白变更内容
内联并排

Showing with 20 addition and 3 deletion

docs/manpages/virsh.rst docs/manpages/virsh.rst +5 -1

tools/virsh-secret.c tools/virsh-secret.c +15 -2

未找到文件。
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -6576,11 +6576,15 @@ secret-get-value
 .. code-block::
-   secret-get-value secret
+   secret-get-value [--plain] secret
 Output the value associated with *secret* (specified by its UUID) to stdout,
 encoded using Base64.
+If the *--plain* flag is used the value is not base64 encoded, but rather
+printed raw. Note that unless virsh is started in quiet mode (*virsh -q*) it
+prints a newline at the end of the command. This newline is not part of the
+secret.
 secret-undefine
 ---------------

--- a/tools/virsh-secret.c
+++ b/tools/virsh-secret.c
@@ -234,6 +234,10 @@ static const vshCmdOptDef opts_secret_get_value[] = {
     .help = N_("secret UUID"),
     .completer = virshSecretUUIDCompleter,
    },
+    {.name = "plain",
+     .type = VSH_OT_BOOL,
+     .help = N_("get value without converting to base64")
+    },
    {.name = NULL}
 };
@@ -244,6 +248,7 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd)
    VIR_AUTODISPOSE_STR base64 = NULL;
    unsigned char *value;
    size_t value_size;
+    bool plain = vshCommandOptBool(cmd, "plain");
    if (!(secret = virshCommandOptSecret(ctl, cmd, NULL)))
        return false;
@@ -251,9 +256,17 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd)
    if (!(value = virSecretGetValue(secret, &value_size, 0)))
        return false;
+    if (plain) {
+        if (fwrite(value, 1, value_size, stdout) != value_size) {
+            VIR_DISPOSE_N(value, value_size);
+            vshError(ctl, "failed to write secret");
+            return false;
+        }
+    } else {
        base64 = g_base64_encode(value, value_size);
        vshPrint(ctl, "%s", base64);
+    }
    VIR_DISPOSE_N(value, value_size);
    return true;