X-Git-Url: http://git.scottworley.com/auto-upgrade-with-pinch/blobdiff_plain/9d0c0d71309239cfdc6c19996d2b730fdf06a692..fae44c38c483a1ab6928c28b3c58e45034582a4b:/overlays/keyedgit.nix diff --git a/overlays/keyedgit.nix b/overlays/keyedgit.nix index a4465dc..6cce6fe 100644 --- a/overlays/keyedgit.nix +++ b/overlays/keyedgit.nix @@ -3,17 +3,23 @@ self: super: { keyedgit = keys: let + keyfile = if builtins.isList keys then + super.runCommand "keyfile" { } '' + cat ${super.lib.escapeShellArgs keys} > $out + '' + else + keys; homelessGPG = super.writeShellScript "homeless-gpg" '' export GNUPGHOME=$(mktemp -d) trap 'rm -r "$GNUPGHOME"' EXIT ${self.gnupg}/bin/gpg "$@" ''; - keyring = super.runCommand "keyedkeyring.gpg" {} '' - ${homelessGPG} --no-default-keyring --keyring=$out --import ${keys} + keyring = super.runCommand "keyedkeyring.gpg" { } '' + ${homelessGPG} --no-default-keyring --keyring=$out --import ${keyfile} ''; - keyids = super.runCommand "keyids" {} '' - ${homelessGPG} --no-default-keyring --with-colons --show-keys ${keys} | - ${self.gawk}/bin/awk -F: 'prev == "pub" && $1 == "fpr" { print $10 } { prev = $1 }' > $out + keyids = super.runCommand "keyids" { } '' + ${homelessGPG} --no-default-keyring --with-colons --show-keys ${keyfile} | + ${self.gawk}/bin/awk -F: '$1 == "pub" { print $5 }' > $out ''; keyedGPG = super.writeShellScript "keyed-gpg" '' trusted_key_args=()