diff options
| author | William Carroll <wpcarro@gmail.com> | 2022-01-11T19·13-0800 |
|---|---|---|
| committer | wpcarro <wpcarro@gmail.com> | 2022-01-18T22·27+0000 |
| commit | d9142b952ad42a2c42a6e34b8f4a763acfcb5295 (patch) | |
| tree | 348556a3dcbd8ce1fdb327522720164cf2a0f389 | |
| parent | 942046872dbfe6840c996a15ac6d034e60e93016 (diff) | |
refactor(wpcarro/gnupg): Improve UX for gnupg/{import,export}.sh r/3629
TL;DR:
- Ensure that export.sh -> import.sh -> export.sh can round-trip without
intermediate tools.
- Remove default values for variables like ${1}, which only seem to complicate
things.
- Add `trap cleanup EXIT` to scripts.
- Remove noisy full-paths from `zip` (note: a more intuitive, less configurable
`zip`, `unzip` should exist).
Change-Id: Ibbd98d1f0156639138175fcb89e9dfbd17fdae5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4993
Tested-by: BuildkiteCI
Reviewed-by: wpcarro <wpcarro@gmail.com>
| -rwxr-xr-x | users/wpcarro/configs/.gnupg/export.sh | 25 | ||||
| -rwxr-xr-x | users/wpcarro/configs/.gnupg/import.sh | 25 |
2 files changed, 35 insertions, 15 deletions
diff --git a/users/wpcarro/configs/.gnupg/export.sh b/users/wpcarro/configs/.gnupg/export.sh index bb047e9e3b..31def2beb1 100755 --- a/users/wpcarro/configs/.gnupg/export.sh +++ b/users/wpcarro/configs/.gnupg/export.sh @@ -1,24 +1,29 @@ #!/usr/bin/env bash -set -e +set -euo pipefail # Run this script to export all the information required to transport your GPG # information. -# Usage: ./export.sh [directory] +# Usage: ./export.sh # TODO: run this periodically as a job. -destination="${1:-$(mktemp -d)}" +output="$(pwd)/export.zip" +destination="$(mktemp -d)" -if [ ! -d "${destination}" ]; then - echo "${destination} does not exist. Creating it..." - mkdir -p "${destination}" -fi +function cleanup() { + rm -rf "${destination}" +} +trap cleanup EXIT gpg --armor --export >"${destination}/public.asc" gpg --armor --export-secret-keys >"${destination}/secret.asc" gpg --armor --export-ownertrust >"${destination}/ownertrust.txt" -zip -r "${destination}.zip" "${destination}" -rm -rf "${destination}" +# Strangely enough this appears to be the only way to create a zip of a +# directory that doesn't contain the (noisy) full paths of each item from the +# source filesystem. (i.e. -j doesn't cooperate with -r) +pushd "${destination}" +zip -r "${output}" ./* +popd -echo $(realpath "${destination}.zip") +echo "$(realpath ${output})" diff --git a/users/wpcarro/configs/.gnupg/import.sh b/users/wpcarro/configs/.gnupg/import.sh index e698aa3d2b..bb449267ce 100755 --- a/users/wpcarro/configs/.gnupg/import.sh +++ b/users/wpcarro/configs/.gnupg/import.sh @@ -1,13 +1,28 @@ #!/usr/bin/env bash -set -e +set -euo pipefail # Run this script to import all of the information exported by `export.sh`. -# Usage: ./import.sh path/to/directory +# Usage: ./import.sh path/to/export.zip -gpg --import "$1/public.asc" -gpg --import "$1/secret.asc" -gpg --import-ownertrust "$1/ownertrust.txt" +if [ -z "${1+x}" ]; then + echo "You must specify the path to export.zip. Exiting..." + exit 1 +fi + +destination="$(mktemp -d)" + +function cleanup() { + rm -rf "${destination}" +} +trap cleanup EXIT + +unzip "${1}" -d "${destination}" >/dev/null + +gpg --import "${destination}/public.asc" +gpg --import "${destination}/secret.asc" +gpg --import-ownertrust "${destination}/ownertrust.txt" # Run this at the end to output some verification gpg --list-keys +gpg --list-secret-keys |