From eb1386f3b246ae563c99ecadaaeff6b6d36fc9a5 Mon Sep 17 00:00:00 2001 From: Nathan Henrie Date: Mon, 13 Feb 2023 09:06:58 -0700 Subject: [PATCH 1/2] Use jq instead of sed --- pkgs/agenix.nix | 4 ++-- pkgs/agenix.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/agenix.nix b/pkgs/agenix.nix index 3978cfa..e399dd0 100644 --- a/pkgs/agenix.nix +++ b/pkgs/agenix.nix @@ -2,7 +2,7 @@ lib, stdenv, rage, - gnused, + jq, nix, mktemp, diffutils, @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { version = "0.14.0"; src = substituteAll { inherit ageBin version; - sedBin = "${gnused}/bin/sed"; + jqBin = "${jq}/bin/jq"; nixInstantiate = "${nix}/bin/nix-instantiate"; mktempBin = "${mktemp}/bin/mktemp"; diffBin = "${diffutils}/bin/diff"; diff --git a/pkgs/agenix.sh b/pkgs/agenix.sh index c83abeb..7b2045f 100644 --- a/pkgs/agenix.sh +++ b/pkgs/agenix.sh @@ -115,7 +115,7 @@ function cleanup { trap "cleanup" 0 2 3 15 function keys { - (@nixInstantiate@ --eval -E "(let rules = import $RULES; in builtins.concatStringsSep \"\n\" rules.\"$1\".publicKeys)" | @sedBin@ 's/"//g' | @sedBin@ 's/\\n/\n/g') | @sedBin@ '/^$/d' || exit 1 + (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in builtins.concatStringsSep \"\n\" rules.\"$FILE\".publicKeys)" | @jqBin@ -r .[]) || exit 1 } function decrypt { @@ -185,7 +185,7 @@ function edit { } function rekey { - FILES=$( (@nixInstantiate@ --eval -E "(let rules = import $RULES; in builtins.concatStringsSep \"\n\" (builtins.attrNames rules))" | @sedBin@ 's/"//g' | @sedBin@ 's/\\n/\n/g') || exit 1) + FILES=$( (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in builtins.concatStringsSep \"\n\" (builtins.attrNames rules))" | @jqBin@ -r .[]) || exit 1) for FILE in $FILES do From da763b2c4bfac0310e8c1d972199e10967ad38b8 Mon Sep 17 00:00:00 2001 From: Nathan Henrie Date: Fri, 15 Sep 2023 16:22:30 -0600 Subject: [PATCH 2/2] Don't need concatStringSep if using jq to parse json arrays --- pkgs/agenix.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/agenix.sh b/pkgs/agenix.sh index 7b2045f..5980fe6 100644 --- a/pkgs/agenix.sh +++ b/pkgs/agenix.sh @@ -115,7 +115,7 @@ function cleanup { trap "cleanup" 0 2 3 15 function keys { - (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in builtins.concatStringsSep \"\n\" rules.\"$FILE\".publicKeys)" | @jqBin@ -r .[]) || exit 1 + (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in rules.\"$FILE\".publicKeys)" | @jqBin@ -r .[]) || exit 1 } function decrypt { @@ -185,7 +185,7 @@ function edit { } function rekey { - FILES=$( (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in builtins.concatStringsSep \"\n\" (builtins.attrNames rules))" | @jqBin@ -r .[]) || exit 1) + FILES=$( (@nixInstantiate@ --json --eval -E "(let rules = import $RULES; in builtins.attrNames rules)" | @jqBin@ -r .[]) || exit 1) for FILE in $FILES do