2025-05-12 19:08:21 +00:00
2 changed files with 3 additions and 21 deletions
--- a/README.md
+++ b/README.md
@ -105,19 +105,6 @@ For Scripting we have a -j or --json flag to convert the Output for the create,

 Note: The JSON Output does not cover Error Messages, you can detect Errors by checking if the Exitcode is not 0

-# Exposing Secrets to Subprocesses
-The `exec` command allows you to execute another command with environment variables that reference secrets stored in Passbolt.
-Any environment variables containing `passbolt://` references are automatically resolved to their corresponding secret values
-before the specified command is executed. This ensures that secrets are securely injected into the child process's environment
-without exposing them to the parent shell.
-For example:
-```bash
-export GITHUB_TOKEN=passbolt://<PASSBOLT_RESOURCE_ID_HERE>
-passbolt exec -- gh auth login
-```
-
-This would resolve the passbolt:// reference in GITHUB_TOKEN to its actual secret value and pass it to the gh process.
-
 # Documentation
 Usage for all Subcommands is [here](https://github.com/passbolt/go-passbolt-cli/wiki/passbolt).
 And is also available via `man passbolt`
--- a/cmd/exec.go
+++ b/cmd/exec.go
@ -3,15 +3,14 @@ package cmd
 import (
 	"context"
 	"fmt"
-	"os"
-	"os/exec"
-	"strings"
-
 	"github.com/passbolt/go-passbolt-cli/util"
 	"github.com/passbolt/go-passbolt/api"
 	"github.com/passbolt/go-passbolt/helper"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"os"
+	"os/exec"
+	"strings"
 )

 const PassboltPrefix = "passbolt://"
@ -93,10 +92,6 @@ func resolveEnvironmentSecrets(ctx context.Context, client *api.Client) ([]strin
 		}

 		envVars[i] = key + "=" + secret
-
-		if viper.GetBool("debug") {
-			fmt.Fprintf(os.Stdout, "%v env var populated with resource id %v\n", key, resourceId)
-		}
 	}

 	return envVars, nil