#!/usr/bin/env bash

# Edit a single attribute of a sops json file
# Helps working with multiline strings in json

set -euo pipefail

SECRETS_FILE="$1"
KEY="$2"
KEY_SELECTOR="$(jq -Rsc '[.]' <(echo -n "${KEY}"))"

if [[ -n $EDITOR ]]; then
	EDITOR=vim
fi

TMP_FILE="$(mktemp)"

clerie-sops --decrypt --extract "${KEY_SELECTOR}" "${SECRETS_FILE}" > "${TMP_FILE}"

TMP_FILE_HASH_BEFORE="$(sha256sum "${TMP_FILE}")"

vim "${TMP_FILE}"

TMP_FILE_HASH_AFTER="$(sha256sum "${TMP_FILE}")"

# Don't write value back when it hasn't changed
if [[ "${TMP_FILE_HASH_BEFORE}" == "${TMP_FILE_HASH_AFTER}" ]]; then
	exit 0
fi

JSON_QUOTED_SECRET="$(jq -Rsc '.' "${TMP_FILE}")"

rm "${TMP_FILE}"

clerie-sops --set "${KEY_SELECTOR} ${JSON_QUOTED_SECRET}" "${SECRETS_FILE}"