blob: 30ff41d491baa72526dbd7a08b04b6c6c108663c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
#!/usr/bin/env python
import argparse
from argparse import RawDescriptionHelpFormatter
description = """
Replace a string in one file with a secret from a second file.
Since the secret is read from a file, it won't be leaked through
'/proc/<pid>/cmdline', unlike when 'sed' or 'replace' is used.
"""
parser = argparse.ArgumentParser(
description=description,
formatter_class=RawDescriptionHelpFormatter
)
parser.add_argument("string_to_replace", help="the string to replace")
parser.add_argument("secret_file", help="the file containing the secret")
parser.add_argument("file", help="the file to perform the replacement on")
args = parser.parse_args()
with open(args.secret_file) as sf, open(args.file, 'r+') as f:
old = f.read()
secret = sf.read().strip("\n")
new_content = old.replace(args.string_to_replace, secret)
f.seek(0)
f.write(new_content)
f.truncate()
|