2020-07-06 07:30:09 +01:00
|
|
|
_sopsAddKey() {
|
|
|
|
|
@gpg@ --quiet --import "$key"
|
|
|
|
|
local fpr
|
2020-07-22 15:07:51 +01:00
|
|
|
# only add the first fingerprint, this way we ignore subkeys
|
2020-07-06 07:30:09 +01:00
|
|
|
fpr=$(@gpg@ --with-fingerprint --with-colons --show-key "$key" \
|
2020-07-22 15:07:51 +01:00
|
|
|
| awk -F: '$1 == "fpr" { print $10; exit }')
|
2020-07-14 11:20:35 +01:00
|
|
|
if [[ $fpr != "" ]]; then
|
|
|
|
|
export SOPS_PGP_FP=''${SOPS_PGP_FP}''${SOPS_PGP_FP:+','}$fpr
|
|
|
|
|
fi
|
2020-07-06 07:30:09 +01:00
|
|
|
}
|
|
|
|
|
|
2020-07-13 09:51:53 +01:00
|
|
|
sopsPGPHook() {
|
2020-07-06 07:30:09 +01:00
|
|
|
local key dir
|
2020-07-13 09:51:53 +01:00
|
|
|
for key in $sopsPGPKeys; do
|
2020-07-14 11:20:35 +01:00
|
|
|
if [[ -f "$key" ]]; then
|
|
|
|
|
_sopsAddKey "$key"
|
|
|
|
|
else
|
|
|
|
|
echo "$key does not exists" >&2
|
|
|
|
|
fi
|
2020-07-06 07:30:09 +01:00
|
|
|
done
|
2020-07-13 09:51:53 +01:00
|
|
|
for dir in $sopsPGPKeyDirs; do
|
2020-07-06 07:30:09 +01:00
|
|
|
while IFS= read -r -d '' key; do
|
|
|
|
|
_sopsAddKey "$key"
|
2020-07-14 11:20:35 +01:00
|
|
|
done < <(find -L "$dir" -type f \( -name '*.gpg' -o -name '*.asc' \) -print0)
|
2020-07-06 07:30:09 +01:00
|
|
|
done
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if [ -z "${shellHook-}" ]; then
|
2020-07-13 09:51:53 +01:00
|
|
|
shellHook=sopsPGPHook
|
2020-07-06 07:30:09 +01:00
|
|
|
fi
|
