| Serge Bazanski | a5be0d8 | 2018-12-23 01:35:07 +0100 | [diff] [blame] | 1 | #!/usr/bin/env python3 |
| 2 | |
| 3 | # A little tool to encrypt/decrypt git secrets. Kinda like password-store, but more purpose specific and portable. |
| 4 | |
| 5 | import sys |
| 6 | import subprocess |
| 7 | |
| 8 | keys = [ |
| Sergiusz Bazanski | 711c4a9 | 2019-01-13 00:02:10 +0100 | [diff] [blame^] | 9 | "63DFE737F078657CC8A51C00C29ADD73B3563D82", # q3k |
| 10 | "482FF104C29294AD1CAF827BA43890A3DE74ECC7", # inf |
| Serge Bazanski | a5be0d8 | 2018-12-23 01:35:07 +0100 | [diff] [blame] | 11 | ] |
| 12 | |
| 13 | def main(): |
| 14 | if len(sys.argv) < 3 or sys.argv[1] not in ('encrypt', 'decrypt'): |
| 15 | raise Exception("Usage: {} encrypt/decrypt file".format(sys.argv[0])) |
| 16 | |
| 17 | action = sys.argv[1] |
| 18 | src = sys.argv[2] |
| 19 | |
| 20 | if action == 'encrypt': |
| 21 | cmd = ['gpg' , '--encrypt', '--armor', '--batch', '--yes', '--output', '-'] |
| 22 | for k in keys: |
| 23 | cmd.append('--recipient') |
| 24 | cmd.append(k) |
| 25 | cmd.append(src) |
| 26 | subprocess.check_call(cmd) |
| 27 | else: |
| 28 | cmd = ['gpg', '--decrypt', '--output', '-', src] |
| 29 | subprocess.check_call(cmd) |
| 30 | |
| 31 | if __name__ == '__main__': |
| 32 | sys.exit(main() or 0) |