mirror of
https://github.com/Mic92/sops-nix.git
synced 2024-12-14 11:57:52 +00:00
33 lines
877 B
Bash
33 lines
877 B
Bash
_sopsAddKey() {
|
|
@gpg@ --quiet --import "$key"
|
|
local fpr
|
|
# only add the first fingerprint, this way we ignore subkeys
|
|
fpr=$(@gpg@ --with-fingerprint --with-colons --show-key "$key" \
|
|
| awk -F: '$1 == "fpr" { print $10; exit }')
|
|
}
|
|
|
|
sopsImportKeysHook() {
|
|
local key dir
|
|
if [ -n "${sopsCreateGPGHome}" ]; then
|
|
export GNUPGHOME=${sopsGPGHome:-$(pwd)/.git/gnupg}
|
|
mkdir -m 700 -p $GNUPGHOME
|
|
fi
|
|
for key in ${sopsPGPKeys-}; do
|
|
if [[ -f "$key" ]]; then
|
|
_sopsAddKey "$key"
|
|
else
|
|
echo "$key does not exists" >&2
|
|
fi
|
|
done
|
|
for dir in ${sopsPGPKeyDirs-}; do
|
|
while IFS= read -r -d '' key; do
|
|
_sopsAddKey "$key"
|
|
done < <(find -L "$dir" -type f \( -name '*.gpg' -o -name '*.asc' \) -print0)
|
|
done
|
|
}
|
|
|
|
if [ -z "${shellHook-}" ]; then
|
|
shellHook=sopsImportKeysHook
|
|
else
|
|
shellHook="sopsImportKeysHook;${shellHook}"
|
|
fi
|