updated kubernetes_secret_to_external_secret_gcp.sh

kubernetes/kubernetes_secret_to_external_secret_gcp.sh

@@ -80,8 +80,26 @@ yaml_file="external-secret-$secret.yaml"
 
 timestamp "Generating external secret for secret '$secret'"
 
+k8s_secret_json="$(kubectl get secret "$secret" -o json)"
+
+if [ -z "$k8s_secret_json" ]; then
+    timestamp "ERROR: failed to get Kubernetes secret json"
+    exit 1
+fi
+
+keys="$(jq -r '.data | keys[]' <<< "$k8s_secret_json")"
+if [ -z "$keys" ]; then
+    timestamp "ERROR: fails to get keys for secret"
+    exit 1
+fi
+num_keys="$(wc -l <<< "$keys" | sed 's/[[:space:]]//g')"
+if [ "$num_keys" != 1 ]; then
+    timestamp "ERROR: more than 1 key in secret, not handling"
+    exit 1
+fi
+
 # if the secret has a dash in it, then you need to quote it whether .data."$secret" or .data["$secret"]
-k8s_secret_value="$(kubectl get secret "$secret" -o json | jq -r ".data[\"$secret\"]" | base64 --decode)"
+k8s_secret_value="$(jq -r ".data[\"$secret\"]" <<< "$k8s_secret_json" | base64 --decode)"
 
 if [ -z "$k8s_secret_value" ]; then
     timestamp "ERROR: failed to get Kubernetes secret value for '$secret' key '$secret'"