generated from pagopa/template-java-spring-microservice
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sops.sh
executable file
·71 lines (58 loc) · 1.89 KB
/
sops.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/bash
# Function to display usage information
display_usage() {
echo "Usage: $0 <action> <environment> <filepath>"
echo " <action>: 'enc' or 'dec'"
echo " <environment>: 'dev', 'uat', or 'prod'"
echo " <filepath>: path to the file"
echo "Example: $0 enc dev /path/to/file"
}
# Function to validate action
validate_action() {
if [ "$1" != "enc" ] && [ "$1" != "dec" ]; then
echo "Error: Action must be 'enc' or 'dec'"
exit 1
fi
}
# Function to validate environment
validate_environment() {
if [ "$1" != "dev" ] && [ "$1" != "uat" ] && [ "$1" != "prod" ]; then
echo "Error: Environment must be 'dev', 'uat', or 'prod'"
exit 1
fi
}
# Function to validate filepath
validate_filepath() {
if [ ! -f "$1" ]; then
echo "Error: File '$1' not found"
exit 1
fi
}
# Main script starts here
main() {
# Validate number of arguments
if [ "$#" -ne 3 ]; then
echo "Error: Incorrect number of arguments"
display_usage
exit 1
fi
# Assign arguments to variables
action="$1"
environment="$2"
filepath="$3"
# Validate action, environment, and filepath
validate_action "$action"
validate_environment "$environment"
validate_filepath "$filepath"
env_short=$(echo "$environment" | cut -c1)
azure_kv_url=$(az keyvault key show --name pagopa-"$env_short"-ebollo-sops-key --vault-name pagopa-"$env_short"-ebollo-kv --query key.kid | sed 's/"//g')
if [ "$action" == "enc" ]; then
sops --encrypt --azure-kv "$azure_kv_url" --input-type dotenv --output-type dotenv ./"$filepath" > ./"$filepath".encrypted
fi;
if [ "$action" == "dec" ]; then
sops --decrypt --azure-kv "$azure_kv_url" --input-type dotenv --output-type dotenv ./"$filepath" > "$(echo "./$filepath" | sed 's/\.encrypted$//')"
fi;
echo 'done'
}
# Call the main function
main "$@"