36 lines
757 B
Bash
Executable File
36 lines
757 B
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Edit a single attribute of a sops json file
|
|
# Helps working with multiline strings in json
|
|
|
|
set -euo pipefail
|
|
|
|
SECRETS_FILE="$1"
|
|
KEY="$2"
|
|
KEY_SELECTOR="$(jq -Rsc '[.]' <(echo -n "${KEY}"))"
|
|
|
|
if [[ -n $EDITOR ]]; then
|
|
EDITOR=vim
|
|
fi
|
|
|
|
TMP_FILE="$(mktemp)"
|
|
|
|
clerie-sops --decrypt --extract "${KEY_SELECTOR}" "${SECRETS_FILE}" > "${TMP_FILE}"
|
|
|
|
TMP_FILE_HASH_BEFORE="$(sha256sum "${TMP_FILE}")"
|
|
|
|
vim "${TMP_FILE}"
|
|
|
|
TMP_FILE_HASH_AFTER="$(sha256sum "${TMP_FILE}")"
|
|
|
|
# Don't write value back when it hasn't changed
|
|
if [[ "${TMP_FILE_HASH_BEFORE}" == "${TMP_FILE_HASH_AFTER}" ]]; then
|
|
exit 0
|
|
fi
|
|
|
|
JSON_QUOTED_SECRET="$(jq -Rsc '.' "${TMP_FILE}")"
|
|
|
|
rm "${TMP_FILE}"
|
|
|
|
clerie-sops --set "${KEY_SELECTOR} ${JSON_QUOTED_SECRET}" "${SECRETS_FILE}"
|