Skip to content

Instantly share code, notes, and snippets.

@nicerobot

nicerobot/.gitignore

Forked from pepasflo/.gitignore
Created October 27, 2018 19:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save nicerobot/7cada98031eff6094a2df6faebbe985c to your computer and use it in GitHub Desktop.
Save nicerobot/7cada98031eff6094a2df6faebbe985c to your computer and use it in GitHub Desktop.
Download ZIP
Scripts for encrypting / decrypting secrets (to prevent them from being accidentally checked into git)
Raw
decrypt-secrets.sh
#!/bin/bash
set -eu -o pipefail
if ! which gpg &> /dev/null
then
echo "Error: gpg not installed." >&2
echo "Please 'brew install gpg'" >&2
exit 2
fi
if [ -n "${SECRETS_PASSWORD}" ]
then
gpg \
--quiet \
--cipher-algo AES256 \
--batch \
--passphrase "${SECRETS_PASSWORD}" \
secrets.tar.gz.gpg
else
gpg \
--quiet \
--cipher-algo AES256 \
secrets.tar.gz.gpg
fi
rm -rf secrets
cat secrets.tar.gz | gunzip | tar x
rm -f secrets.tar.gz
Raw
encrypt-secrets.sh
#!/bin/bash
set -e -o pipefail
if ! which gpg &> /dev/null
then
echo "Error: gpg not installed." >&2
echo "Please 'brew install gpg'" >&2
exit 2
fi
if [ ! -d secrets ]
then
echo "No secrets directory found. Did you invoke as scripts/encrypt-secrets.sh?" 1>&2
exit 1
fi
tar c secrets | gzip > secrets.tar.gz
rm -f secrets.tar.gz.gpg
if [ -n "${SECRETS_PASSWORD}" ]
then
gpg \
--quiet \
--cipher-algo AES256 \
--batch \
--passphrase "${SECRETS_PASSWORD}" \
--symmetric secrets.tar.gz
else
gpg \
--quiet \
--cipher-algo AES256 \
--symmetric secrets.tar.gz
fi
rm -f secrets.tar.gz
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment