31 lines
846 B
Bash
Executable File
31 lines
846 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
SOPS_SENTINEL="${SOPS_SENTINEL:-}"
|
|
SOPS_AGE_KEY_FILE="${SOPS_AGE_KEY_FILE:-$HOME/.config/sops/age/keys.txt}"
|
|
|
|
if [[ -z "$SOPS_SENTINEL" ]]; then
|
|
echo "ERROR: SOPS_SENTINEL is not set" >&2
|
|
echo "Set SOPS_SENTINEL to the encrypted file you want to verify." >&2
|
|
exit 1
|
|
fi
|
|
|
|
if ! command -v sops >/dev/null 2>&1; then
|
|
echo "ERROR: sops is not installed" >&2
|
|
exit 1
|
|
fi
|
|
|
|
if [[ ! -s "$SOPS_AGE_KEY_FILE" ]]; then
|
|
echo "ERROR: SOPS age key file is missing or empty: $SOPS_AGE_KEY_FILE" >&2
|
|
echo "Place the operator age identity there, or set SOPS_AGE_KEY_FILE to its path." >&2
|
|
exit 1
|
|
fi
|
|
|
|
if [[ ! -f "$SOPS_SENTINEL" ]]; then
|
|
echo "ERROR: sentinel file does not exist: $SOPS_SENTINEL" >&2
|
|
exit 1
|
|
fi
|
|
|
|
sops -d "$SOPS_SENTINEL" >/dev/null
|
|
echo "ok: decrypted $SOPS_SENTINEL with $SOPS_AGE_KEY_FILE"
|