phase3: refactor

bin/update_sops.sh

@@ -31,16 +31,32 @@ function fn_extract_uid(){
 
 function fn_update_sops_config(){
   # sops.yaml doc: https://github.com/getsops/sops?tab=readme-ov-file#using-sops-yaml-conf-to-select-kms-pgp-and-age-for-new-files
-  # CAVEAT: dirty hacks, just get it done. Not DRY, very WET.
+  # CAVEAT: dirty hacks, as DRY as feasible within bash
 
-  echo "# Fingerprint | User Type | User ID"
+  # hack: 2D list workaround, i.e. difficult to have list-of-lists
+  fpr_list=()
+  uid_list=()
+  type_list=()
   for gpgkeyfile in *automation*gpg.pub; do
-    u_type="autom"
+    type_list+=( "autom" )
-    echo "# $(fn_extract_fpr "${gpgkeyfile}") | ${u_type} | $(fn_extract_uid "${gpgkeyfile}")"
+    fpr_list+=( "$(fn_extract_fpr "${gpgkeyfile}")" )
+    uid_list+=( "$(fn_extract_uid "${gpgkeyfile}")" )
   done
   for gpgkeyfile in $(ls *gpg.pub | grep -v automation); do
-    u_type="human"
+    type_list+=( "human" )
-    echo "# $(fn_extract_fpr "${gpgkeyfile}") | ${u_type} | $(fn_extract_uid "${gpgkeyfile}")"
+    fpr_list+=( "$(fn_extract_fpr "${gpgkeyfile}")" )
+    uid_list+=( "$(fn_extract_uid "${gpgkeyfile}")" )
+  done
+
+
+  # header
+  echo "# Fingerprint | User Type | User ID"
+  # entries/rows
+  for ind in "${!fpr_list[@]}"; do
+    printf "# %s | %s | %s\n" \
+      "${fpr_list[${ind}]}" \
+      "${type_list[${ind}]}" \
+      "${uid_list[${ind}]}"
   done
   echo "# keys in https://git.dev-at.de/smardigo-hetzner/communication-keys"
 
@@ -49,13 +65,6 @@ creation_rules:
   # list of keys for encryption in stage
   - pgp: >-
 EOM
-  fpr_list=()
-  for gpgkeyfile in *automation*gpg.pub; do
-    fpr_list+=( $(fn_extract_fpr "${gpgkeyfile}") )
-  done
-  for gpgkeyfile in $(ls *gpg.pub | grep -v automation); do
-    fpr_list+=( $(fn_extract_fpr "${gpgkeyfile}") )
-  done
 
   # all but last line get comma
   ind_2nd_last=$((${#fpr_list[@]} - 1))