just make a new object

opentdf · Dec 20, 2024 · e2a3077 · e2a3077
1 parent b537380
commit e2a3077
Showing 1 changed file with 18 additions and 12 deletions.
diff --git a/test/start-up-with-containers/action.yaml b/test/start-up-with-containers/action.yaml
@@ -46,30 +46,36 @@ runs:
       env:
         EXTRA_KEYS: ${{ inputs.extra-keys }}
       run: |
-        keylist='['
+        extra_keys='['
+        extra_keyring='['
         while IFS= read -r -d $'\0' json <&3; do
           printf 'processing %s\n' "${json}"
           pem="$(jq -r '.pem' <<< "${json}")"
           kid="$(jq -r '.kid' <<< "${json}")"
           private_path="${HOME}/${kid}.pem"
           echo "${pem}" >"${private_path}"
 
-          command="$(printf '{kid, alg, private: "%s"}' "${private_path}")"
+          keylist_command="$(printf '{kid, alg, private: "%s"}' "${private_path}")"
 
-          keyobj="$(jq "${command}" <<< "${json}")"
-          if [ "${keylist}" != '[' ]; then
-            keylist+=','
+          keylist_obj="$(jq "${keylist_command}" <<< "${json}")"
+          if [ "${extra_keys}" != '[' ]; then
+            extra_keys+=','
           fi
-          keylist+="${keyobj}"
+          extra_keys+="${keylist_obj}"
+
+          if [ "${extra_keyring}" != '[' ]; then
+            extra_keyring+=','
+          fi
+          keyring_obj="$(jq '{kid, alg}' <<< "${json}")"
+          extra_keyring+="${keyring_obj}"
+
         done 3< <(jq -c --raw-output0 '.[]' <<< "${EXTRA_KEYS}")
-        keylist+=']'
+        extra_keys+=']'
+        extra_keyring+=']'
 
-        printf 'adding the following extra keys: %s\n' "${keylist}"
+        printf 'adding the following extra keys: %s-%s\n' "${extra_keys}" "${extra_keyring}"
 
-        yq_command=$(printf '
-             (.services.kas.keyring = [{"kid":"ec1","alg":"ec:secp256r1"},{"kid":"r1","alg":"rsa:2048"}] + (%s[] | del(.pem)))
-             | (.server.cryptoProvider.standard.keys = [{"kid":"ec1","alg":"ec:secp256r1","private":"kas-ec-private.pem","cert":"kas-ec-cert.pem"},{"kid":"r1","alg":"rsa:2048","private":"kas-private.pem","cert":"kas-cert.pem"}] + %s)
-           '"${EXTRA_KEYS}" "${keylist}")
+        yq_command=$(printf '(.services.kas.keyring = [{"kid":"ec1","alg":"ec:secp256r1"},{"kid":"r1","alg":"rsa:2048"}] + %s) | (.server.cryptoProvider.standard.keys = [{"kid":"ec1","alg":"ec:secp256r1","private":"kas-ec-private.pem","cert":"kas-ec-cert.pem"},{"kid":"r1","alg":"rsa:2048","private":"kas-private.pem","cert":"kas-cert.pem"}] + %s)' "${extra_keyring}" "${extra_keys}")
 
         printf 'the command is %s\n' "${yq_command}"
         <opentdf-dev.yaml >opentdf.yaml yq e "${yq_command}"