mirror of
https://github.com/Mic92/sops-nix.git
synced 2024-12-14 11:57:52 +00:00
66393a1c82
fixes #17
30 lines
774 B
Bash
30 lines
774 B
Bash
_sopsAddKey() {
|
|
@gpg@ --quiet --import "$key"
|
|
local fpr
|
|
# only add the first fingerprint, this way we ignore subkeys
|
|
fpr=$(@gpg@ --with-fingerprint --with-colons --show-key "$key" \
|
|
| awk -F: '$1 == "fpr" { print $10; exit }')
|
|
if [[ $fpr != "" ]]; then
|
|
export SOPS_PGP_FP=''${SOPS_PGP_FP}''${SOPS_PGP_FP:+','}$fpr
|
|
fi
|
|
}
|
|
|
|
sopsPGPHook() {
|
|
local key dir
|
|
for key in $sopsPGPKeys; do
|
|
if [[ -f "$key" ]]; then
|
|
_sopsAddKey "$key"
|
|
else
|
|
echo "$key does not exists" >&2
|
|
fi
|
|
done
|
|
for dir in $sopsPGPKeyDirs; do
|
|
while IFS= read -r -d '' key; do
|
|
_sopsAddKey "$key"
|
|
done < <(find -L "$dir" -type f \( -name '*.gpg' -o -name '*.asc' \) -print0)
|
|
done
|
|
}
|
|
|
|
if [ -z "${shellHook-}" ]; then
|
|
shellHook=sopsPGPHook
|
|
fi
|