get a value with jq by matching one of parent value from a variable

Question

I have JSON data as below, in services.json

{
"checkout-serviceA":{"prId":6644,"Sourcebranch":"","HFX":false,"IS_CR":"Yes"},
"checkout-serviceB":{"prId":15826,"Sourcebranch":"","HFX":false,"IS_CR": "no"},
"checkout-toggle":{"prId":8963,"Sourcebranch":"","HFX":true,"IS_CR": "Yes"},
"checkout-res":{"prId":1104,"Sourcebranch":"","HFX":false,"IS_CR": "Yes"}
}

I have a variable eg $PRID that contains prID value already.

I want to pass this to jq and fetch or get an output of IS_CR value for the respective prID.

I tried jq --arg v "$PRID" '.[] | select(.prId == $v).IS_CR' services.json

&

jq --arg v "$PRID" 'to_entries | map(select(.value.prId == $v))[0].value.IS_CR' services.json

but none worked as it gives null or nothing returns.

kindly help on this

The value of `.prId` is a number. So either import the variable value using `--argjson` instead of `--arg`, or convert it internally using `tonumber`. — pmf, Feb 07 '23 at 13:43

score 6 · Accepted Answer · answered Feb 07 '23 at 13:43

6

--arg creates a string variable, but your prId properties are numbers (6644 != "6644").

Use --argjson instead:

jq --argjson v "$PRID" '.[] | select(.prId == $v).IS_CR' services.json

answered Feb 07 '23 at 13:43

knittl

246,190
53
318
364

score 0 · Answer 2 · answered Feb 07 '23 at 13:46

0

Use: jq '.[] | select(.prId == '"$PRID"') | .IS_CR' services.json

Output:

# PRID=6644
# cat services.json
{
"checkout-serviceA":{"prId":6644,"Sourcebranch":"","HFX":false,"IS_CR":"Yes"},
"checkout-serviceB":{"prId":15826,"Sourcebranch":"","HFX":false,"IS_CR": "no"},
"checkout-toggle":{"prId":8963,"Sourcebranch":"","HFX":true,"IS_CR": "Yes"},
"checkout-res":{"prId":1104,"Sourcebranch":"","HFX":false,"IS_CR": "Yes"}
}
# jq '.[] | select(.prId == '"$PRID"') | .IS_CR' services.json
"Yes"

answered Feb 07 '23 at 13:46

akathimi

1,393
11

1

You're injecting data into code; generally, that's a Bad Idea. jq is restricted in ways that prevent it from being a remote code execution vulnerability right now, but there've been proposals to give the language an unsafe mode that would make this practice _much_ more hazardous in the future. – Charles Duffy Feb 07 '23 at 14:44
@CharlesDuffy thank you, but can you explain further please? as substitution variables in code is very common. – akathimi Feb 07 '23 at 14:47
1

It's _common_, but it's a bad idea even so. Let me give you an example from a language that _is_ powerful enough to be vulnerable to command injection: `find . -name '*.txt' -print0 | xargs -0 sh -c 'ls -l {} && do_something_to {}'` -- if a bad actor creates a file named `$(rm -rf ~).txt`, the person who runs that code is going to have a very bad day. – Charles Duffy Feb 07 '23 at 14:53
1

awk, python, perl, and any other language that's powerful enough to run arbitrary commands is similarly at risk. And it's not like there's _no_ risk in jq; someone claims their prId is `0001 or true` and your code turns into `select(.prid == 0001 or true)` and suddenly _all_ IS_CR values are dumped, not just the one you wanted. – Charles Duffy Feb 07 '23 at 14:56
(err, there should have been an `-I{}` in the example of a vulnerable xargs use above) – Charles Duffy Feb 07 '23 at 15:04

get a value with jq by matching one of parent value from a variable

2 Answers2