Feature flag to disable cli search wildcard wrapper

Feature name

Feature flag to disable cli search wildcard wrapper

Feature function

  • What will this feature do differently?
    Allows for user to deliberately disable cli search wildcard wrapper in order to only pull back an exact vault item name.
  • What benefits will this feature bring?
    Allows for users to get back exactly what is expected, rather than a bunch of related vault item names and having to use the unique ids. My personal use case is for a set of scripts that run for various users and their own personal vaults that would have vault items with their own unique ids. Allowing to pull back a unique vault item name will make the scripts run for many users without any hacky antics to get what is desired.

Related topics + references

Semi-related to this discussion, although that may not be cli specific and I’m asking for a toggle switch, essentially:

I originally made a Github issue before I realized that this was the official avenue for a feature request on this project:

Transcript from that:
I have some scripts that rely on specific, often similarly named vault items (often the name is in a portion of other vault item names). The ability to disable the wildcard wrapper would make pulling back a specific vault item by unique name much easier. I know that there are vault item ids that are unique. But, those are unique to a user and as this particular script is consumed by many users, it would be easier if the names could just be searched explicitly as given. I ended up coming up with a workaround for it. But, it isn’t ideal and I’d much rather just be able to pass a flag to be able to search for a specific name.

I essentially would like to run something like:
bw get password --no-wildcard-wrapper uniquename

and be met with the unique entry instead of the following:
More than one result was found. Try getting a specific object by id instead. The following objects were found: …

Thank you for this request!

When I read it I was reminded of some other work going on. The idea behind it isn’t to get rid of the soft searching and return of lists, but to ALSO check for exact name matches. If a match is exact (and only one matches) we’d return just that result.

Does that satisfy your request as well as a flag to disable fuzzy searching? From code as well as use perspectives I think I prefer the exact match solution to an option.

@mgibson - If I’m understanding that correctly, I believe that should solve my issue, yes.

looks like a nice improvement
As of today, I cannot automate “bw get foo” if foobar secret exists

It does depend on what you’re trying to do. But, if it helps in the meantime, I will share what I was able to cobble together as a workaround from various sources:
bw list items --search "foo" | jq -r ".[]" | grep -w -e "name" -e "password" | grep -A1 -w \"foo\" | cut -d "\"" -f 4 | tail -n1 | tr -d "\n"

This is just to grab and return the password value of vault item foo.

1 Like

Did this ever get implemented? I happened to test today and didn’t see any change to behavior yet and I’m currently on 1.19.1 of the cli.

Not yet, we do have an open invitation if anyone is willing to implement. Unfortunately, there is always too much to do. I think this would be a good first feature if anyone wants to get their hands dirty.