Secrets Manager get secret task output not a valid json

[rahul-ve]

Describe the bug

Not sure if I am doing something wrong or a bug! I am using Secrets Manager Get secret task and saving the secret value to a variable. When I print the variable, I was expecting it to be valid JSON but it is not.

To reproduce

- task: SecretsManagerGetSecret@1
  inputs:
    awsCredentials: '${{ parameters.awsCredentials }}'
    regionName:     '${{ parameters.awsRegion }}'
    secretIdOrName: 'my-secret'
    variableName: 'build-var-my-secret'

# print out variable
- script: echo $(build-var-my-secret)
  displayName: 'Print out variable'

Expected behavior

was expecting valid JSON

{"foo":"bar"}

Instead got {foo:bar}

Screenshots

Your Environment

• cloud version
• Azure DevOps version: Not sure, it is cloud version, not self-hosted!
• AWS Toolkit for Azure DevOps version: 1.13.0

Thanks!

[tometchy]

Same for me, it's problematic to parse it for example with jq program. And what if the value will contain comma, then it will be:

{pets:dog,cat,owner:tom}

instead:

{"pets":"dog,cat","owner":"tom"}

Curly bracket inside value will break everything as well.

[niCSan]

Hopefully this bug is fixed soon, as there is no way to get the exact value from a Secrets stored as a JSON, In my case I had to use awk and sed to extract the value, for OP's case would be like:

build-var-my-secret=$(echo $(build-var-my-secret) | awk -F ':' '{print $2}' | sed 's/}//')
echo $build-var-my-secret #will print bar