From b8e666c0750b13871a8a542eee52b92ed8e6de66 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Thu, 2 May 2024 12:39:12 +0200
Subject: [PATCH] pkgs/clerie-sops: Properly escape json in clerie-sops-edit

---
 pkgs/clerie-sops/clerie-sops-edit.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/pkgs/clerie-sops/clerie-sops-edit.sh b/pkgs/clerie-sops/clerie-sops-edit.sh
index a1bdb52..79e2b95 100755
--- a/pkgs/clerie-sops/clerie-sops-edit.sh
+++ b/pkgs/clerie-sops/clerie-sops-edit.sh
@@ -7,6 +7,7 @@ set -euo pipefail
 
 SECRETS_FILE="$1"
 KEY="$2"
+KEY_SELECTOR="$(jq -Rsc '[.]' <(echo -n "${KEY}"))"
 
 if [[ -n $EDITOR ]]; then
 	EDITOR=vim
@@ -14,7 +15,7 @@ fi
 
 TMP_FILE="$(mktemp)"
 
-clerie-sops --decrypt --extract "[\"${KEY}\"]" "${SECRETS_FILE}" > "${TMP_FILE}"
+clerie-sops --decrypt --extract "${KEY_SELECTOR}" "${SECRETS_FILE}" > "${TMP_FILE}"
 
 TMP_FILE_HASH_BEFORE="$(sha256sum "${TMP_FILE}")"
 
@@ -27,8 +28,8 @@ if [[ "${TMP_FILE_HASH_BEFORE}" == "${TMP_FILE_HASH_AFTER}" ]]; then
 	exit 0
 fi
 
-JSON_QUOTED_SECRET="$(jq -Rs '.' "${TMP_FILE}")" 
+JSON_QUOTED_SECRET="$(jq -Rsc '.' "${TMP_FILE}")"
 
 rm "${TMP_FILE}"
 
-clerie-sops --set "[\"${KEY}\"] ${JSON_QUOTED_SECRET}" "${SECRETS_FILE}"
+clerie-sops --set "${KEY_SELECTOR} ${JSON_QUOTED_SECRET}" "${SECRETS_FILE}"