get_ssh_key: add support for SSH key field "name"

bartekpacia · Nov 19, 2023 · 72b0a3b · 72b0a3b
1 parent 07ffea7
commit 72b0a3b
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 19 deletions.
diff --git a/.github/workflows/prepare.yaml b/.github/workflows/prepare.yaml
@@ -2,7 +2,9 @@ name: prepare
 
 on:
   push:
+    branches: [master]
   pull_request:
+    branches: [master]
 
 jobs:
   main:

diff --git a/bin/get_ssh_key b/bin/get_ssh_key
@@ -7,48 +7,49 @@ set -euo pipefail
 # $ get_ssh_key "Personal" "git commit signing key"
 
 vault_name="${1:-}"
-key_name="${2:-}"
+item_name="${2:-}"
 
 if [ -z "$vault_name" ]; then
 	echo "vault_name not passed as 1st argument. Nothing was done."
 	exit 1
 fi
 
-if [ -z "$key_name" ]; then
-	echo "key_name not passed as 2nd argument. Nothing was done."
+if [ -z "$item_name" ]; then
+	echo "item_name not passed as 2nd argument. Nothing was done."
 	exit 1
 fi
 
-private_key_path="id_ed25519"
-public_key_path="id_ed25519.pub"
+# First try to get custom key name.
+private_key_name="$(op read "op://$vault_name/$item_name/name" 2>/dev/null || printf "id_ed25519")"
+public_key_name="$private_key_name.pub"
 
-if [ -f "$private_key_path" ]; then
-	echo "$private_key_path already exists. Nothing was done."
+if [ -f "$private_key_name" ]; then
+	echo "$private_key_name already exists. Nothing was done."
 	exit 2
 fi
 
-if [ -f "public_key_path" ]; then
-	echo "public_key_path already exists. Nothing was done."
+if [ -f "$public_key_name" ]; then
+	echo "$public_key_name already exists. Nothing was done."
 	exit 2
 fi
 
 op read \
-	--out-file "$private_key_path" \
-	"op://$vault_name/$key_name/private key?ssh-format=openssh"
+	--out-file "$private_key_name" \
+	"op://$vault_name/$item_name/private key?ssh-format=openssh"
 
 # Apply workaround for:
 # https://1password.community/discussion/142733/bad-characters-when-exporting-ssh-private-key-via-cli
-private_key_content="$(cat "$private_key_path")"
-printf "%s" "$private_key_content" | tr -d '\r' > "$private_key_path"
+private_key_content="$(cat "$private_key_name")"
+echo "$private_key_content" | tr -d '\r' > "$private_key_name"
 
 op read \
-	--out-file "$public_key_path" \
-	"op://$vault_name/$key_name/public key"
+	--out-file "$public_key_name" \
+	"op://$vault_name/$item_name/public key"
 
 # Add a comment (if it exists)
-comment="$(op read "op://Personal/git commit signing key/comment" 2>/dev/null || true)"
+comment="$(op read "op://$vault_name/$item_name/comment" 2>/dev/null || true)"
 if [ -n "$comment" ]; then
-	pubkey_content="$(tr -d '\n' < "$public_key_path")"
-	true > "$public_key_path"
-	printf "%s %s\n" "$pubkey_content" "$comment" > "$public_key_path"
+	pubkey_content="$(tr -d '\n' < "$public_key_name")"
+	true > "$public_key_name"
+	printf "%s %s\n" "$pubkey_content" "$comment" > "$public_key_name"
 fi
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,7 +2,9 @@ name: prepare @@
     on:
       push:
+        branches: [master]
       pull_request:
+        branches: [master]
     jobs:
       main:
@@ Expand Down @@