bws version: 1.0.0
Platform: macOS 15.5, Build 24F74
I’m moving my Ansible secret management away from ansible-vault and into Secrets Manager, but I’m having a weird issue when I try to add certificates and private keys.
Because they start with a hyphen (-), I get the following error:
bws secret create test-secret '-ThisIsATest' $ProjectId
error: unexpected argument '-T' found
tip: to pass '-T' as a value, use '-- -T'
Usage: bws secret create [OPTIONS] <KEY> <VALUE> <PROJECT_ID>
For more information, try '--help'.
This happens even when I don’t have a value assigned to $ProjectId, so the error isn’t coming from the server. Also, I can manually create a secret with the same value in the Web UI and retrieve it with bws secret get <secret-id> without error.
If I escape that first hyphen, it succeeds:
bws secret create test-secret '\-ThisIsATest' $ProjectId
{
"id": "<secreti-id>",
"organizationId": "<org-id>",
"projectId": "<project-id>",
"key": "test-secret",
"value": "\\-ThisIsATest",
"note": "",
"creationDate": "<datetime>",
"revisionDate": "<datetime>"
}
If I try using the “tip” from the error, it just happens again:
bws secret create test-secret '-- -ThisIsATest' $ProjectId
error: unexpected argument '-- -ThisIsATest' found
tip: to pass '-- -ThisIsATest' as a value, use '-- -- -ThisIsATest'
Usage: bws secret create <KEY|VALUE|PROJECT_ID|--note <NOTE>>
For more information, try '--help'.
I wrote a script to automate creating secrets from my certificates and keys, and my current workaround is to just have it prepend each value with \, then go into the Web UI and delete the \. That’s a tedious process, though.
- Is there something else I should be doing to be able to create secrets starting with a hyphen?
- Has anyone run into this and come up with a better solution?