fix(release): update secrets handling scripts

This commit is contained in:
Harsh Shandilya 2023-07-26 14:08:31 +05:30
parent 1e5f830652
commit ca6b941cbb
No known key found for this signature in database
7 changed files with 17 additions and 15 deletions

View file

@ -2,15 +2,17 @@
set -euo pipefail
# Simple script that uses OpenSSL to encrypt a provided file with a provided key, and writes the result
# to the provided path. Yes it's very needy.
INPUT_FILE="${1:-}"
OUTPUT_FILE="${2:-}"
ENCRYPT_KEY="${3:-}"
AGE_KEY="${3:-}"
if [[ -n "$ENCRYPT_KEY" && -n "$INPUT_FILE" && -n "$OUTPUT_FILE" ]]; then
openssl enc -aes-256-cbc -md sha256 -pbkdf2 -e -in "${INPUT_FILE}" -out "${OUTPUT_FILE}" -k "${ENCRYPT_KEY}"
if ! command -v age 1>/dev/null; then
echo "age not installed"
exit 1
fi
if [[ -n "$AGE_KEY" && -n "$INPUT_FILE" && -n "$OUTPUT_FILE" ]]; then
age --encrypt -r "$(echo "${AGE_KEY}" | age-keygen -y)" -o "${OUTPUT_FILE}" < "${INPUT_FILE}"
else
echo "Usage: ./encrypt-secret.sh <input file> <output file> <encryption key>"
echo "Usage: ./encrypt-secret.sh <input file> <output file> <encryption key>"
fi