mirror of https://github.com/ryantm/agenix.git
Compare commits
4 Commits
bf579344ad
...
4a3eae3a50
Author | SHA1 | Date |
---|---|---|
Zeke Dou | 4a3eae3a50 | |
Ryan Mulligan | 24a7ea3905 | |
Ellis Gibbons | 2c1d1fb134 | |
c4710n | 2c9abfec86 |
|
@ -3,6 +3,7 @@
|
||||||
stdenv,
|
stdenv,
|
||||||
age,
|
age,
|
||||||
jq,
|
jq,
|
||||||
|
gnused,
|
||||||
nix,
|
nix,
|
||||||
mktemp,
|
mktemp,
|
||||||
diffutils,
|
diffutils,
|
||||||
|
@ -18,6 +19,7 @@ in
|
||||||
src = substituteAll {
|
src = substituteAll {
|
||||||
inherit ageBin version;
|
inherit ageBin version;
|
||||||
jqBin = "${jq}/bin/jq";
|
jqBin = "${jq}/bin/jq";
|
||||||
|
sedBin = "${gnused}/bin/sed";
|
||||||
nixInstantiate = "${nix}/bin/nix-instantiate";
|
nixInstantiate = "${nix}/bin/nix-instantiate";
|
||||||
mktempBin = "${mktemp}/bin/mktemp";
|
mktempBin = "${mktemp}/bin/mktemp";
|
||||||
diffBin = "${diffutils}/bin/diff";
|
diffBin = "${diffutils}/bin/diff";
|
||||||
|
|
|
@ -115,7 +115,7 @@ function cleanup {
|
||||||
trap "cleanup" 0 2 3 15
|
trap "cleanup" 0 2 3 15
|
||||||
|
|
||||||
function keys {
|
function keys {
|
||||||
(@nixInstantiate@ --json --eval --strict -E "(let rules = import $RULES; in rules.\"$1\".publicKeys)" | @jqBin@ -r .[]) || exit 1
|
(@nixInstantiate@ --json --eval --strict -E "(let rules = import $RULES; in rules.\"$1\".publicKeys)" | @jqBin@ -r .[] | @sedBin@ '/^$/d') || exit 1
|
||||||
}
|
}
|
||||||
|
|
||||||
function decrypt {
|
function decrypt {
|
||||||
|
@ -171,7 +171,9 @@ function edit {
|
||||||
ENCRYPT=()
|
ENCRYPT=()
|
||||||
while IFS= read -r key
|
while IFS= read -r key
|
||||||
do
|
do
|
||||||
ENCRYPT+=(--recipient "$key")
|
if [ -n "$key" ]; then
|
||||||
|
ENCRYPT+=(--recipient "$key")
|
||||||
|
fi
|
||||||
done <<< "$KEYS"
|
done <<< "$KEYS"
|
||||||
|
|
||||||
REENCRYPTED_DIR=$(@mktempBin@ -d)
|
REENCRYPTED_DIR=$(@mktempBin@ -d)
|
||||||
|
|
Loading…
Reference in New Issue