[英]Replace occurrences of a string in file with different bytes of entropy each
On Linux, I need to programmatically replace placeholder strings such as <SECRET>
in a .env
file like this:在 Linux 上,我需要以编程方式替换
.env
文件中的占位符字符串,例如<SECRET>
,如下所示:
KEY=<SECRET>
ANOTHER_VARIABLE=another-value
# here's a comment
PASSWORD=<SECRET>
The caveat is, that each occurrence of this placeholder must be replaced with a different instantiation of Base64 encoded randomness - eg from OpenSSL, since it's readily available on many Linuxes.需要注意的是,这个占位符的每次出现都必须用 Base64 编码的随机性的不同实例替换——例如来自 OpenSSL,因为它在许多 Linux 上都很容易获得。
Reading this answer , I tried this with GNU sed
4.8:阅读这个答案,我用 GNU
sed
4.8 尝试了这个:
sed -i '0,/<SECRET>/ s__'$(openssl rand -base64 42)'_' .env
(In the substitution part the alternative delimiter _
was chosen, because the Base64 encoded bytes can contain /
or +
characters and would otherwise clash when inadvertently used as delimiters.) (在替换部分,选择了替代分隔符
_
,因为 Base64 编码的字节可以包含/
或+
字符,否则在无意中用作分隔符时会发生冲突。)
This works for single replacements, one call at a time.这适用于单个替换,一次一个调用。
But sed's return code is always 0
, even when all occurrences of the regex have been consumed and replaced...但是 sed 的返回码始终为
0
,即使所有出现的正则表达式都已被消耗和替换...
Question: Is there a way to make sed return a non-zero code when placeholders have been exhausted?问题:当占位符用完时,有没有办法让 sed 返回非零代码?
(If this can't be done with sed, I'm happy for any solution with awk or similar.) (如果这不能用 sed 完成,我很高兴使用 awk 或类似的任何解决方案。)
Instead of sed
, you could use grep
:您可以使用
grep
代替sed
:
grep '<SECRET>' .env
From man grep
:来自
man grep
:
EXIT STATUS
退出状态
Normally the exit status is 0 if a line is selected, 1 if no lines were selected, and 2 if an error occurred.
通常,如果选择了一行,退出状态为 0,如果没有选择任何行,则退出状态为 1,如果发生错误,则退出状态为 2。 However, if the -q or --quiet or --silent is used and a line is selected, the exit status is 0 even if an error occurred.
但是,如果使用 -q 或 --quiet 或 --silent 并选择了一行,即使发生错误,退出状态也是 0。
If the return value is 0, then apply your sed
command to perform the substitution.如果返回值为 0,则应用
sed
命令来执行替换。
$ awk '
BEGIN { cmd = "openssl rand -base64 42" }
match($0,/<SECRET>/) {
val = ( (cmd | getline line) > 0 ? line : "N/A" )
$0 = substr($0,1,RSTART-1) val substr($0,RSTART+RLENGTH)
close(cmd)
}
1' file
KEY=hDc3Bw4J9+TUbbhw4cNKda+mDHVRGGrAWUU6LX7aYZnWwDZWyqrmzi3z
ANOTHER_VARIABLE=another-value
# here's a comment
PASSWORD=LzGaB43Mm5mF6tsJnwOLqgeeoTwajH9FNLty9yD22QovadhwWKpr7AP6
or if <SECRET>
can occur multiple times on 1 line then:或者如果
<SECRET>
可以在 1 行上多次出现,则:
$ awk '
BEGIN { cmd = "openssl rand -base64 42" }
{
while ( match($0,/<SECRET>/) ) {
val = ( (cmd | getline line) > 0 ? line : "N/A" )
$0 = substr($0,1,RSTART-1) val substr($0,RSTART+RLENGTH)
close(cmd)
}
}
1' file
KEY=t3/bimGkyPQcjOL6ubV6QmRnPjrvtg4+HvvkuJSnuYCYc+BzOmAWKRV6
ANOTHER_VARIABLE=another-value
# here's a comment
PASSWORD=TKvDbMphOhmhL0/NSQEE2Gs9sFr3Cwt9o3CbOoe9FZPjAR/+m6i4QjcR
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.