diff --git a/__update_sops.sh b/__update_sops.sh index f1bb860..2fc0e34 100755 --- a/__update_sops.sh +++ b/__update_sops.sh @@ -3,6 +3,8 @@ set -euo pipefail # sops.yaml doc: https://github.com/getsops/sops?tab=readme-ov-file#using-sops-yaml-conf-to-select-kms-pgp-and-age-for-new-files +sops_config=".sops.yaml" + function fn_extract_fpr(){ gpgkeyfile=$1;shift; # fingerprint @@ -23,32 +25,36 @@ function fn_extract_uid(){ echo "${uid}" } -# CAVEAT: dirty hacks, just get it done. Not DRY at all. +function fn_update_sops_config(){ + # CAVEAT: dirty hacks, just get it done. Not DRY at all. -echo "# Fingerprint | User Type | User ID" -for gpgkeyfile in *automation*gpg.pub; do - u_type="autom" - echo "# $(fn_extract_fpr "${gpgkeyfile}") | ${u_type} | $(fn_extract_uid "${gpgkeyfile}")" -done -for gpgkeyfile in $(ls *gpg.pub | grep -v automation); do - u_type="human" - echo "# $(fn_extract_fpr "${gpgkeyfile}") | ${u_type} | $(fn_extract_uid "${gpgkeyfile}")" -done -echo "# keys in https://git.dev-at.de/smardigo-hetzner/communication-keys" + echo "# Fingerprint | User Type | User ID" + for gpgkeyfile in *automation*gpg.pub; do + u_type="autom" + echo "# $(fn_extract_fpr "${gpgkeyfile}") | ${u_type} | $(fn_extract_uid "${gpgkeyfile}")" + done + for gpgkeyfile in $(ls *gpg.pub | grep -v automation); do + u_type="human" + echo "# $(fn_extract_fpr "${gpgkeyfile}") | ${u_type} | $(fn_extract_uid "${gpgkeyfile}")" + done + echo "# keys in https://git.dev-at.de/smardigo-hetzner/communication-keys" -cat <- EOM -for gpgkeyfile in *automation*gpg.pub; do - echo " $(fn_extract_fpr "${gpgkeyfile}")," -done -# all but last line get comma -for gpgkeyfile in $(ls *gpg.pub | grep -v automation | sed '$d'); do - echo " $(fn_extract_fpr "${gpgkeyfile}")," -done -# last line no comma -for gpgkeyfile in $(ls *gpg.pub | grep -v automation | tail -n 1); do - echo " $(fn_extract_fpr "${gpgkeyfile}")" -done + for gpgkeyfile in *automation*gpg.pub; do + echo " $(fn_extract_fpr "${gpgkeyfile}")," + done + # all but last line get comma + for gpgkeyfile in $(ls *gpg.pub | grep -v automation | sed '$d'); do + echo " $(fn_extract_fpr "${gpgkeyfile}")," + done + # last line no comma + for gpgkeyfile in $(ls *gpg.pub | grep -v automation | tail -n 1); do + echo " $(fn_extract_fpr "${gpgkeyfile}")" + done +} + +(fn_update_sops_config) >> "${sops_config}"