0

I am trying to use the following commands to replace in file.

export SECRET_KEY=${{ secrets.SECRET_KEY }}
    
grep -q '^SECRET_KEY' .env &&
sed -i 's|^SECRET_KEY.*|SECRET_KEY='"$SECRET_KEY"'|' .env ||
echo 'SECRET_KEY=${{ secrets.SECRET_KEY }}' >> .env

However, when I start, I get an error

bash: -c: line 22: syntax error near unexpected token `)'

I think this is due to the fact that there are special characters in the variable $SECRET_KEY. This in sample content:

SECRET_KEY = 'r6mslqw$4md09)r5k(3d%jy32j18&3ceazl**6io=n0*w6502$'

It is a secret key from django to replace in .env from github. How to escape all these symbols correctly? I've read Escaping special characters in bash variables this topic but I didn't quite understand it

I found this function from django source code https://github.com/django/django/blob/bf7afe9c4e21f5fe5090c47b2b6ffc5a03a85815/django/core/management/utils.py#L77:

def get_random_secret_key():
    """
    Return a 50 character random string usable as a SECRET_KEY setting value.
    """
    chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
    return get_random_string(50, chars)

so all of these characters are valid and must be escaped

tripleee
  • 175,061
  • 34
  • 275
  • 318
Vitaly
  • 1
  • 2
  • 1
    Your example does not have 22 lines and none of them contain `)` so the error message is not from this example. Some of your syntax looks like this is being run by Jenkins or Github Actions or something; probably [edit] to explain these details, or remove the irrrelevant details and provide a proper [mre] – tripleee Dec 16 '21 at 09:23
  • `export SECRET_KEY='${{ secrets.SECRET_KEY }}'` with single quotes around the value will prevent the shell from attempting to interpret the string. This could still break if the string contains literal single quotes. – tripleee Dec 16 '21 at 09:25
  • Wrapping the secret key in single-quotes will work unless the password contains a single-quote, in which case it will break horribly. If the password *might* contain a single-quote, you'll have to do something more elaborate. – Gordon Davisson Dec 16 '21 at 11:04
  • single qoutes works, thanks @tripleee – Vitaly Dec 16 '21 at 13:08

0 Answers0