X-Git-Url: http://git.scottworley.com/auto-upgrade-with-pinch/blobdiff_plain/f1a53b29b8269cb5dd28a3285bc95a7df37f9a16..33362ddf74325c727ebe7945148611f7c94aca8f:/overlays/keyedgpg.nix diff --git a/overlays/keyedgpg.nix b/overlays/keyedgpg.nix index 202abb3..a78062f 100644 --- a/overlays/keyedgpg.nix +++ b/overlays/keyedgpg.nix @@ -11,42 +11,19 @@ let ${self.gnupg}/bin/gpg --no-default-keyring "$@" ''; in { - keyedgpg = super.writeShellScript "keyed-gpg" '' + keyedgpg = keyfiles: super.writeShellScript "keyed-gpg" '' set -eo pipefail - usage() { - echo "usage: keyed-gpg /path/to/keyfile1.asc ... -- gpg-command..." >&2 - exit 1 - } - - incomplete=true - keyfiles=() - while (( $# > 0 ));do - if [[ "$1" == -- ]];then - shift - incomplete=false - break - fi - if [[ ! -r "$1" ]];then - usage - fi - keyfiles+=$1 - shift - done - if "$incomplete";then - usage - fi - keyring=$(${self.coreutils}/bin/mktemp) cleanup() { ${self.coreutils}/bin/rm "$keyring"; } trap cleanup EXIT - ${homelessGPG} --keyring="$keyring" --import "''${keyfiles[@]}" + ${homelessGPG} --keyring="$keyring" --import ${self.lib.escapeShellArgs keyfiles} trusted_key_args=() while read keyid;do trusted_key_args+=( --trusted-key "$keyid" ) done < <( - ${homelessGPG} --with-colons --show-keys "''${keyfiles[@]}" | + ${homelessGPG} --with-colons --show-keys ${self.lib.escapeShellArgs keyfiles} | ${self.gawk}/bin/awk -F: '$1 == "pub" { print $5 }') ${homelessGPG} --keyring="$keyring" "''${trusted_key_args[@]}" "$@"