Last active
February 23, 2022 16:25
-
-
Save adrienjoly/314e69e90cf4933bd8a5412e42e37e68 to your computer and use it in GitHub Desktop.
This script returns the value of the latest enabled revision of the requested GCP secret.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script returns the value of the latest enabled revision of the requested secret. | |
| # Usage: get-last-active-gcp-secret-revision.sh <secret-name> | |
| SECRET_NAME=$1; shift; | |
| if [ -z ${SECRET_NAME} ]; then | |
| echo "Error: please specify the name of the secret to get." | |
| echo "Available secrets:" | |
| gcloud secrets list | |
| exit 1 | |
| fi | |
| set -e | |
| LATEST_REVISION=$(gcloud secrets versions list "${SECRET_NAME}" \ | |
| --filter='state:enabled' --limit=1 --format='value(name)') | |
| gcloud secrets versions access "${LATEST_REVISION}" --secret="${SECRET_NAME}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this, it has been very helpful! It's a pain that if you disable or destroy the latest version, the
latestalias stops being useful. It would be nice if they added another alias to get the latest enabled version.I modified this script to effectively "refresh" the
latestalias, adding a new secret version equivalent to the latest enabled one. I also added the option to specify a project, which I often have to do.refresh-latest-secret-version.sh