pkgs/clerie-sops: Properly escape json in clerie-sops-edit

pkgs/clerie-sops: Do not write back unchanged values in clerie-sops-edit
2024-05-02 12:39:12 +02:00 · 2024-05-02 12:28:22 +02:00
1 changed files with 13 additions and 3 deletions
--- a/pkgs/clerie-sops/clerie-sops-edit.sh
+++ b/pkgs/clerie-sops/clerie-sops-edit.sh
@ -7,6 +7,7 @@ set -euo pipefail
 SECRETS_FILE="$1"
 KEY="$2"
 KEY_SELECTOR="$(jq -Rsc '[.]' <(echo -n "${KEY}"))"
 if [[ -n $EDITOR ]]; then
 	EDITOR=vim
@ -14,12 +15,21 @@ fi
 TMP_FILE="$(mktemp)"
-clerie-sops --decrypt --extract "[\"${KEY}\"]" "${SECRETS_FILE}" > "${TMP_FILE}"
+clerie-sops --decrypt --extract "${KEY_SELECTOR}" "${SECRETS_FILE}" > "${TMP_FILE}"
 TMP_FILE_HASH_BEFORE="$(sha256sum "${TMP_FILE}")"
 vim "${TMP_FILE}"
-JSON_QUOTED_SECRET="$(jq -Rs '.' "${TMP_FILE}")" 
+TMP_FILE_HASH_AFTER="$(sha256sum "${TMP_FILE}")"
 # Don't write value back when it hasn't changed
 if [[ "${TMP_FILE_HASH_BEFORE}" == "${TMP_FILE_HASH_AFTER}" ]]; then
 	exit 0
 fi
 JSON_QUOTED_SECRET="$(jq -Rsc '.' "${TMP_FILE}")"
 rm "${TMP_FILE}"
-clerie-sops --set "[\"${KEY}\"] ${JSON_QUOTED_SECRET}" "${SECRETS_FILE}"
+clerie-sops --set "${KEY_SELECTOR} ${JSON_QUOTED_SECRET}" "${SECRETS_FILE}"
Author	SHA1	Message	Date
clerie	b8e666c075	pkgs/clerie-sops: Properly escape json in clerie-sops-edit	2024-05-02 12:39:12 +02:00
clerie	730903d0d8	pkgs/clerie-sops: Do not write back unchanged values in clerie-sops-edit	2024-05-02 12:28:22 +02:00