Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Github Action Error: invalid JSON provided #10

Open
caruccio opened this issue Aug 9, 2024 · 3 comments
Open

Github Action Error: invalid JSON provided #10

caruccio opened this issue Aug 9, 2024 · 3 comments

Comments

@caruccio
Copy link

caruccio commented Aug 9, 2024

Hi.

I 'm trying to edit an item using this github action but it's failing with Error: 2024/08/09 19:06:52 invalid JSON provided

2024-08-09T19:06:51.0562468Z --- START
2024-08-09T19:06:51.5807310Z 7:06PM | DEBUG | InitDefaultCache: successfully initialized cache
2024-08-09T19:06:51.5828654Z 7:06PM | DEBUG | EncryptedKeysets: Cache miss on keyset
2024-08-09T19:06:51.6463028Z 7:06PM | DEBUG | SetEncryptedKeysets: Successfully cached keyset
2024-08-09T19:06:51.6464435Z 7:06PM | DEBUG | Vault: cache miss on vault ***
2024-08-09T19:06:51.7261988Z 7:06PM | DEBUG | SetVault: successfully cached vault ***
2024-08-09T19:06:51.7939655Z 7:06PM | DEBUG | VaultItems: cache miss on vault items of vault ***
2024-08-09T19:06:51.8613037Z 7:06PM | DEBUG | SetVaultItems: successfully cached vault items of vault ***
2024-08-09T19:06:51.8614163Z ID                            TITLE                                             VAULT                             EDITED
2024-08-09T19:06:51.8616188Z [REDACTED]    Service Account Auth Token: github-actions        Operations - Customers            1 hour ago
2024-08-09T19:06:51.8618739Z ***    Customer Keys                                     Operations - Customers            2 minutes ago
2024-08-09T19:06:51.8627866Z --- MID
2024-08-09T19:06:51.8697896Z 7:06PM | DEBUG | Skipped loading desktop app settings file. The desktop app might not be installed: read file: lstat /home/runner/.config/1Password/settings/settings.json: no such file or directory
2024-08-09T19:06:52.1080185Z 7:06PM | DEBUG | InitDefaultCache: successfully initialized cache
2024-08-09T19:06:52.1081314Z 7:06PM | DEBUG | EncryptedKeysets: Cache hit on keyset
2024-08-09T19:06:52.1082233Z [ERROR] 2024/08/09 19:06:52 invalid JSON provided
2024-08-09T19:06:52.1092324Z --- END
2024-08-09T19:06:52.1101095Z ##[debug]Finishing: Update 1Password```

I 'm using a RW Service Account token from exported to repos secret OP_SERVICE_ACCOUNT_TOKEN.

Both item list and item edit works from my desktop. I've no OP desktop app installed, only the chrome extension.
Only item list works from githuc action.

This is the snippet of my workflow. All variables are properly populated

    - name: Install 1Password CLI
      uses: 1password/install-cli-action@v1

    - name: Update 1Password
      run: |
        echo --- START
        op --debug item list --vault $OP_VAULT_ID || true
        echo --- MID
        op --debug item edit $OP_ITEM_ID --vault $OP_VAULT_ID keys=teste || true
        echo --- END
@SimonPNorra
Copy link

Hey @caruccio

Having the same issue. Were you able to workaround this?

Thanks!

@SimonPNorra
Copy link

Ok, I found a way to resolve this.

What went into the "invalid JSON provided" message for me was the trial to change just a value via the op CLI:

      - id: 'update-secret-in-1password'
        env:
          SECRET_VALUE: ${{ secrets.secret-value }}
          OP_SERVICE_ACCOUNT_TOKEN: ${{ steps.secrets.outputs.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET_NAME_1PASSWORD: ${{ inputs.secret-name-1password }}
          VAULT: "My Vault"
        run: |
          op item edit "${SECRET_NAME_1PASSWORD}" --vault "${VAULT}" "password=${SECRET_VALUE}"

I then tried to load the json, change the file and push it again. Basically the example from the CLI help output:
op item edit --debug "${SECRET_NAME_1PASSWORD}" --template=1password-secret.json

But this went into: cannot edit an item from template and stdin at the same time

My current solution is to load the json, change the file and pipe it into the edit command. Here is a full step approach:

jobs:

  apply:
    runs-on: ubuntu-latest
    env:
      VAULT: "My Vault"
      SECRET_NAME_1PASSWORD: "Your Secret name in 1Password"
...
      - id: 'read-secret'
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ steps.secrets.outputs.OP_SERVICE_ACCOUNT_TOKEN }}
        run: |
          op item get "${SECRET_NAME_1PASSWORD}" --vault "${VAULT}" --format json > 1password-secret.json

      - name: Update password value
        env:
          SECRET_VALUE: ${{ inputs.secret-value }}
        run: |
          # Update the JSON file
          jq --arg new_password "$SECRET_VALUE" '
            .fields |= map(
              if .id == "password" then
                .value = $new_password
              else
                .
              end
            )
          ' 1password-secret.json > 1password-secret_updated.json
        
          mv 1password-secret_updated.json 1password-secret.json

      - id: 'update-secret-in-1password'
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ steps.secrets.outputs.OP_SERVICE_ACCOUNT_TOKEN }}
        run: |
          cat 1password-secret.json | op item edit "${SECRET_NAME_1PASSWORD}"

(Do not forget to add proper cleanups at the end of your workflow.)

Hope it helps. :-)

@caruccio
Copy link
Author

Thanks @SimonPNorra! I'm gonna try your suggestion ASAP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@caruccio @SimonPNorra