about summary refs log tree commit diff
path: root/users
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2022-01-11T19·13-0800
committerwpcarro <wpcarro@gmail.com>2022-01-18T22·27+0000
commitd9142b952ad42a2c42a6e34b8f4a763acfcb5295 (patch)
tree348556a3dcbd8ce1fdb327522720164cf2a0f389 /users
parent942046872dbfe6840c996a15ac6d034e60e93016 (diff)
refactor(wpcarro/gnupg): Improve UX for gnupg/{import,export}.sh r/3629
TL;DR:
- Ensure that export.sh -> import.sh -> export.sh can round-trip without
  intermediate tools.
- Remove default values for variables like ${1}, which only seem to complicate
  things.
- Add `trap cleanup EXIT` to scripts.
- Remove noisy full-paths from `zip` (note: a more intuitive, less configurable
  `zip`, `unzip` should exist).

Change-Id: Ibbd98d1f0156639138175fcb89e9dfbd17fdae5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4993
Tested-by: BuildkiteCI
Reviewed-by: wpcarro <wpcarro@gmail.com>
Diffstat (limited to 'users')
-rwxr-xr-xusers/wpcarro/configs/.gnupg/export.sh25
-rwxr-xr-xusers/wpcarro/configs/.gnupg/import.sh25
2 files changed, 35 insertions, 15 deletions
diff --git a/users/wpcarro/configs/.gnupg/export.sh b/users/wpcarro/configs/.gnupg/export.sh
index bb047e9e3b91..31def2beb179 100755
--- a/users/wpcarro/configs/.gnupg/export.sh
+++ b/users/wpcarro/configs/.gnupg/export.sh
@@ -1,24 +1,29 @@
 #!/usr/bin/env bash
 
-set -e
+set -euo pipefail
 
 # Run this script to export all the information required to transport your GPG
 # information.
-# Usage: ./export.sh [directory]
+# Usage: ./export.sh
 # TODO: run this periodically as a job.
 
-destination="${1:-$(mktemp -d)}"
+output="$(pwd)/export.zip"
+destination="$(mktemp -d)"
 
-if [ ! -d "${destination}" ]; then
-  echo "${destination} does not exist. Creating it..."
-  mkdir -p "${destination}"
-fi
+function cleanup() {
+  rm -rf "${destination}"
+}
+trap cleanup EXIT
 
 gpg --armor --export >"${destination}/public.asc"
 gpg --armor --export-secret-keys >"${destination}/secret.asc"
 gpg --armor --export-ownertrust >"${destination}/ownertrust.txt"
 
-zip -r "${destination}.zip" "${destination}"
-rm -rf "${destination}"
+# Strangely enough this appears to be the only way to create a zip of a
+# directory that doesn't contain the (noisy) full paths of each item from the
+# source filesystem. (i.e. -j doesn't cooperate with -r)
+pushd "${destination}"
+zip -r "${output}" ./*
+popd
 
-echo $(realpath "${destination}.zip")
+echo "$(realpath ${output})"
diff --git a/users/wpcarro/configs/.gnupg/import.sh b/users/wpcarro/configs/.gnupg/import.sh
index e698aa3d2bd2..bb449267ce5e 100755
--- a/users/wpcarro/configs/.gnupg/import.sh
+++ b/users/wpcarro/configs/.gnupg/import.sh
@@ -1,13 +1,28 @@
 #!/usr/bin/env bash
 
-set -e
+set -euo pipefail
 
 # Run this script to import all of the information exported by `export.sh`.
-# Usage: ./import.sh path/to/directory
+# Usage: ./import.sh path/to/export.zip
 
-gpg --import "$1/public.asc"
-gpg --import "$1/secret.asc"
-gpg --import-ownertrust "$1/ownertrust.txt"
+if [ -z "${1+x}" ]; then
+  echo "You must specify the path to export.zip. Exiting..."
+  exit 1
+fi
+
+destination="$(mktemp -d)"
+
+function cleanup() {
+  rm -rf "${destination}"
+}
+trap cleanup EXIT
+
+unzip "${1}" -d "${destination}" >/dev/null
+
+gpg --import "${destination}/public.asc"
+gpg --import "${destination}/secret.asc"
+gpg --import-ownertrust "${destination}/ownertrust.txt"
 
 # Run this at the end to output some verification
 gpg --list-keys
+gpg --list-secret-keys