{"id":24632845,"url":"https://github.com/buttahtoast/ejsonmerger","last_synced_at":"2026-04-16T19:02:55.200Z","repository":{"id":129137906,"uuid":"282847669","full_name":"buttahtoast/ejsonMerger","owner":"buttahtoast","description":"Go application for extended json/yaml merging","archived":false,"fork":false,"pushed_at":"2022-12-21T19:48:56.000Z","size":41,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-27T09:02:43.659Z","etag":null,"topics":["bash","ejson","json","secrets","spruce-operators","yml"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/buttahtoast.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-07-27T09:10:07.000Z","updated_at":"2020-12-27T14:20:47.000Z","dependencies_parsed_at":"2023-03-17T22:30:22.307Z","dependency_job_id":null,"html_url":"https://github.com/buttahtoast/ejsonMerger","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/buttahtoast/ejsonMerger","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buttahtoast%2FejsonMerger","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buttahtoast%2FejsonMerger/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buttahtoast%2FejsonMerger/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buttahtoast%2FejsonMerger/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/buttahtoast","download_url":"https://codeload.github.com/buttahtoast/ejsonMerger/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buttahtoast%2FejsonMerger/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31899986,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"ssl_error","status_checked_at":"2026-04-16T18:21:47.142Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","ejson","json","secrets","spruce-operators","yml"],"created_at":"2025-01-25T08:13:11.868Z","updated_at":"2026-04-16T19:02:55.172Z","avatar_url":"https://github.com/buttahtoast.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# EJSON Merger\n\nEJSON Merger is a simple bash script, which uses the tools [spruce](https://github.com/geofffranks/spruce), [jq](https://stedolan.github.io/jq/) and [ejson](https://github.com/Shopify/ejson). The main purpose of the script is, to merge multiple yaml/yml and json scripts together into one big map, which can be exported to a specific file or stdout. Since the merge process is done via spurce, you are able to use all spruce operators across all your files. See all spruce operators [here](https://github.com/geofffranks/spruce/blob/master/doc/operators.md). This tool gives you great advantages in your CI builds, since you are able to spread information into different files, but can join them with each other. But also, you can safely upload secrets to a repo.\n\n\n## Rules\n\n* Each EJSON file has to contain it's public key. All data is given in the \u003ccode\u003e.data\u003c/code\u003e field. If this field isn't set, the EJSON file is not considered.\n* [JQ](https://stedolan.github.io/jq/) is required\n* [Spruce](https://github.com/geofffranks/spruce) is required.\n* [EJSON](https://github.com/Shopify/ejson) is optional.\n* [Ruby YAML gem](https://ruby-doc.org/stdlib-2.5.1/libdoc/yaml/rdoc/YAML.html) is required for YAML outputs.\n\n## Example\n\nCreate a new EJSON Key-Pair ([More Information](https://github.com/Shopify/ejson))\n\n\u003cpre\u003e\u003ccode\u003eejson keygen\u003c/pre\u003e\u003c/code\u003e\n\nWill give you something like this (Don't use these!!):\n\n\u003cpre\u003e\u003ccode\u003ePublic Key:\nff4bbf46acd0b467ee48f6e75041bc5b45442bb4b32f4bb0a2bfa928d2c21e44\nPrivate Key:\nb9f24a02dabd1f05c327c51a88f99390dab0835f0e56d4766885648cda2a51d6\u003c/pre\u003e\u003c/code\u003e\n\nFirst create the EJSON File, should look like:\n\n\u003cpre\u003e\u003ccode\u003e{\n  \"_public_key\": \"ff4bbf46acd0b467ee48f6e75041bc5b45442bb4b32f4bb0a2bfa928d2c21e44\",\n  \"data\": {\n     \"some_password\": \"muchUnsecret\",\n     \"database\": {\n       \"user\": \"postgresql\",\n       \"password\": \"postgresql\"\n     }\n  }\n}\u003c/pre\u003e\u003c/code\u003e\n\nNext, decrypt the created EJSON file:\n\n\u003cpre\u003e\u003ccode\u003e$ ejson encrypt example/my-secrets.ejson\nWrote 562 bytes to example/my-secrets.ejson.\u003c/pre\u003e\u003c/code\u003e\n\nThe content of \u003ccode\u003eexample/my-secrets.ejson\u003c/code\u003e should look like this now:\n\n\u003cpre\u003e\u003ccode\u003e{\n  \"_public_key\": \"ff4bbf46acd0b467ee48f6e75041bc5b45442bb4b32f4bb0a2bfa928d2c21e44\",\n  \"data\": {\n     \"some_password\": \"EJ[1:cwva0hMYQ0Si3CVnXPvFOehf9i5Le6IYQXkR8NIYlRc=:aMfnwm79BF02LbN/q9rP6JkjfNVb0RmX:E/aFMFo5YpPIitMqgQYl3DT/POUkhEcKqR2KYQ==]\",\n     \"database\": {\n       \"user\": \"EJ[1:cwva0hMYQ0Si3CVnXPvFOehf9i5Le6IYQXkR8NIYlRc=:m+rB13UUhxG6k51HuhrIrQsXLJ4g6zJF:/jyC+uV7210F1KzjGHZ8Ub/Eg/EyoF3facU=]\",\n       \"password\": \"EJ[1:cwva0hMYQ0Si3CVnXPvFOehf9i5Le6IYQXkR8NIYlRc=:hYP7OqZlGkRQc2BjD9bXfUr+8F/otS75:00D6UzYcZKGLeyIBZGii/mNrFw3w7AzW6Ks=]\"\n     }\n  }\n}\u003c/pre\u003e\u003c/code\u003e\n\nAs you can see your secrets are now encrypted and can only be decrypted by the matching private key. This allows you to store secrets in git repositories in a secure way, if that's what you are looking for. Next we want to create a Reference to these secrets. let's create \u003ccode\u003eexample/configuration.yml\u003c/code\u003e:\n\n\u003cpre\u003e\u003ccode\u003e...\n  # Make Usage of Spruce Operators\n  user: (( grab $.SECRETS.database.user ))\n  host: postgres\n  password: (( grab $.SECRETS.database.user ))\n  database: (( concat $.PROJECT.name \"-\" $.PROJECT.version ))\u003c/pre\u003e\u003c/code\u003e\n\nNow you it's time to implement the decryption and merging part, which means running the script with correct parameters. It's very simple, please consider the Options section for all possibilities. For this example, the script needs the private key and the destination (where ejson and other configs are located [./example]). We want the Output to STDOUT in YAML format. The command would look like this:\n\n\u003cpre\u003e\u003ccode\u003ebash ejson-merger.sh -p \"b9f24a02dabd1f05c327c51a88f99390dab0835f0e56d4766885648cda2a51d6\" -m ./example -s ./example -y\u003c/pre\u003e\u003c/code\u003e\n\nIf we haven't done any Syntax Errors the output will look like this:\n\n\u003cpre\u003e\u003ccode\u003e---\nPROJECT:\n  maintainer: oliverbaehler\n  name: example\n  version: 1.0.0\ndatabase:\n  args:\n    database: example-1.0.0\n    host: postgres\n    password: postgresql\n    user: postgresql\n  name: example\nreport_stats: false\nserver_name: localhost:8800\nsigning_key_path: \"/src/.buildkite/test.signing.key\"\nsuppress_key_server_warning: true\ntrusted_key_servers:\n- server_name: matrix.org\u003c/pre\u003e\u003c/code\u003e\n\nAs you can see our secrets were merged in clear text and other spruce operations were executed as well. Since giving this information to STDOUT makes the entire encryption part useless, I would suggest you using the \u003ccode\u003e-f\u003c/code\u003e option. This way the output will be generated into a file which then can be use by other Scripts or whatever. It's time, try it yourself? :)\n\nYou can find these files in the [Example Folder](./example)\n\n## Options\n\nTo see all options available, call the \u003ccode\u003e-h\u003c/code\u003e option:\n\n\u003cpre\u003e\u003ccode\u003eejson-merger.sh -h\u003c/pre\u003e\u003c/code\u003e\n\nThe Script currently supports the following options:\n\n\u003cpre\u003e\u003ccode\u003eUsage: ejson-merger.sh [-h] [-p] \"ejson_key\" [-s] \"directory\" [-m] \"merge_directory\" [-k] \"secret_key\" [-f] \"dir/filename\" [-r]\n    -p ejson_key       Add EJSON private key to decrypt ejson files\n    -s directory       Source directory for ejson files (will be searched recursive) [Default \".\"]\n    -m merge_dir       Directory where your json/yml files are located to merge with secrets [Default \".\"]\n    -k secret_key      Top level key for secrets to be mapped to - (( grab $.secret_key.* )) [Default \"SECRETS\"]\n    -f dir/filename    Merge all files with Secrets in one json file. Given parameter is the name of the generated JSON/YAML\n    -r                 Remove Secrets from merged files [Default: True]\n    -y                 Output in YAML format [Default: JSON]\n    -h                 Show this context\n\nScript logs events/errors to [./ejson-merger.sh.log]\u003c/pre\u003e\u003c/code\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbuttahtoast%2Fejsonmerger","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbuttahtoast%2Fejsonmerger","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbuttahtoast%2Fejsonmerger/lists"}