Terraform sshfp

gistfile1.txt

#!/bin/bash
set -euo pipefail
IFS=$'\t\n'

# This script JSON formatted stdin and produces as JSON formatted stdout
# Sean OMeara <sean@sean.io>

export PATH=$PATH:$1/bin

function error_exit() {
    echo "$1" 1>&2
    exit 1
}

function check_deps() {
    test -f $(which jq) || error_exit "jq command not found in PATH"
    test -f $(which base64) || error_exit "base64 command not found in PATH"
    test -f $(which openssl) || error_exit "openssl command not found in PATH"
}

PRINTS=()
for i in $(jq -r '.public_keys' | jq '.[]'); do
    KEY_TYPE=$(echo ${i} | xargs | awk '{ print $1 }')
    KEY_DATA=$(echo ${i} | xargs | awk '{ print $2 }')

    DIGEST_SHA1=$(echo ${KEY_DATA} | base64 --decode | openssl dgst -sha1 | awk '{ print $2 }')
    DIGEST_SHA256=$(echo ${KEY_DATA} | base64 --decode | openssl dgst -sha256 | awk '{ print $2 }')

    case ${KEY_TYPE} in
        ssh-rsa*)
            ALGORITHM=1
            ;;
        ssh-dss*)
            ALGORITHM=2
        ;;
        ecdsa*)
            ALGORITHM=3
        ;;
        ssh-ed25519)
            ALGORITHM=4
        ;;
        *)
            error_exit "Error: Invalid key type"
    esac
    RAY+=("{ \"algorithm\": \"${ALGORITHM}\", \"type\": \"2\", \"fingerprint\": \"${DIGEST_SHA256}\" }")
done

function join_by() {
    local d=$1 ; shift

    echo -n $1 ; shift
    for i in "$@"; do
        echo -n "$d "
        echo -n $i
    done
}

function values() {
    echo -n "["
    join_by , "${RAY[@]}"
    echo -n "]"
}

function json_encode() {
    echo "$($1 | jq -R)"
}

print_payload() {
    echo "{ \"sshfp\": $(json_encode values) }"
}

print_payload