如何列出并查找密钥库中将在未来 60 天内过期的所有秘密？

如何列出并查找密钥库中将在未来 60 天内过期的所有秘密？

要查找

Azure Key Vault

   
#Azure Key Vault details
keyVaultName="Keyvault name"

#Get the current date in UTC
currentDate=$(date -u +"%Y-%m-%dT%H:%M:%SZ")

#Get a list of secrets in the Key Vault
secrets=$(az keyvault secret list --vault-name $keyVaultName --query "[].{Name:name, Expires:attributes.expires}")

#Iterate through the secrets
for row in $(echo "${secrets}" | jq -c '.[]'); do
    secretName=$(echo "$row" | jq -r '.Name')
    expirationDate=$(echo "$row" | jq -r '.Expires')

    # Check if the secret is already expired
    if [ "$(date -u +"%s")" -gt "$(date -u -d "$expirationDate" +"%s")" ]; then
        echo "Output-------------------------------------"
        echo "Expired: Secret $secretName has already expired on $expirationDate."

    else
        # Calculate the remaining days until expiration
        remainingDays=$(( ($(date -u -d "$expirationDate" +"%s") - $(date -u -d "$currentDate" +"%s")) / 86400 ))

        # Check if the secret is about to expire (within the next 60 days)
        if [ $remainingDays -lt 60 ]; then
            echo "About to Expire in 60 days : Secret $secretName is about to expire in $remainingDays days. Expiration Date: $expirationDate"

            # Trigger Azure DevOps release pipeline
            echo "Triggering Azure DevOps release pipeline..."
            # add your script to trigger the Azure DevOps release pipeline

        else
            echo "Not Expiring Soon: Secret $secretName is not expiring in 60 days. It's about to expire in $remainingDays days. Expiration Date: $expirationDate"
        fi
    fi
done

上述脚本将在Key Vault中显示已过期秘密、即将在60天内过期的秘密以及

尚未过期

输出：