infra
/
pass-dotenv
mirror of https://github.com/malarinv/pass-dotenv.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add .kubeconfig file and enhance dotenv.bash for improved GPG agent handling and path management

main
Malar Invention 2025-07-18 01:14:30 +05:30
parent 16a4382feb
commit c2d5eb07ea
2 changed files with 65 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.kubeconfig Normal file
View File

@ -0,0 +1 @@
dummy kubeconfig content

78
extension/dotenv.bash
View File

@ -3,7 +3,25 @@
# pass extension for managing .env files
VERSION="0.1.0"
PASS_DIR="$PASSWORD_STORE_DIR"
export PASSWORD_STORE_DIR="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
# Robust gpg-agent environment setup
if [ -n "${GPG_AGENT_INFO}" ]; then
# gpg-agent is already running and GPG_AGENT_INFO is set
export GPG_AGENT_INFO
elif pgrep -x gpg-agent >/dev/null; then
# gpg-agent is running but GPG_AGENT_INFO is not set, try to find it
if [ -f "${HOME}/.gnupg/gpg-agent-info" ]; then
. "${HOME}/.gnupg/gpg-agent-info"
export GPG_AGENT_INFO
fi
else
# gpg-agent is not running, start it
eval $(gpg-agent --daemon)
fi
# Ensure GPG_TTY is set for non-interactive shells
export GPG_TTY=$(tty)
# Helper functions
die() {
@ -75,11 +93,25 @@ cmd_import() {
fi
fi
echo "Reading value for $key from file: $file_path"
local stored_path
local project_root
project_root=$(realpath "$PWD")
local abs_file_path
abs_file_path=$(realpath "$file_path")
# Check if the file is within the project directory
if [[ "$abs_file_path" == "$project_root"* ]]; then
# Store the relative path
stored_path="${abs_file_path#$project_root/}"
else
# Store only the filename, preserving full name
stored_path="${abs_file_path##*/}"
fi
echo "Debug: Storing path: '$stored_path'" >&2
local file_content
file_content=$(<"$file_path")
value="# dotenv-file-path: $abs_file_path
value="# dotenv-file-path: $stored_path
$file_content"
else
# It's a regular value, remove quotes if they are there.
@ -107,7 +139,11 @@ cmd_export() {
echo "Exporting environment variables for project: $project_name"
local project_path="dotenv/$project_name"
pass ls "$project_path" >/dev/null 2>&1 || die "No environment variables found for project: $project_name"
local project_store_path="$PASSWORD_STORE_DIR/$project_path"
if [[ ! -d "$project_store_path" ]]; then
die "No environment variables found for project: $project_name"
fi
if [[ -f "$env_file" ]] && ! yesno "Overwrite existing $env_file?"; then
die "Export aborted."
@ -116,25 +152,39 @@ cmd_export() {
# Clear the file
> "$env_file"
pass ls "$project_path" | while read -r entry; do
# Use find to get a reliable, machine-readable list of secret files.
find "$project_store_path" -type f -name "*.gpg" | while read -r gpg_file; do
# Derive the secret name from the gpg file path
local entry
entry="${gpg_file#$PASSWORD_STORE_DIR/}"
entry="${entry%.gpg}"
local key
key=$(basename "$entry")
local full_content
full_content=$(pass show "$project_path/$key")
if [[ "$full_content" =~ ^#\ dotenv-file-path:\ (.*) ]]; then
local original_path="${BASH_REMATCH[1]}"
# Get content after the first line (the header)
local full_content
full_content=$(/usr/bin/pass show "$entry")
# Extract the header line and then the stored_path using sed
local header_line
header_line=$(echo "$full_content" | head -n 1)
if [[ "$header_line" =~ ^#\ dotenv-file-path:\ (.*) ]]; then
local stored_path="${BASH_REMATCH[1]}"
local file_content
file_content=$(echo "$full_content" | tail -n +2)
local new_filename
new_filename=$(basename "$original_path")
local new_filepath="./$new_filename"
local new_filepath="$stored_path"
# Ensure the directory exists
local new_file_dir
new_file_dir=$(dirname "$new_filepath")
if [[ ! -d "$new_file_dir" ]]; then
mkdir -p "$new_file_dir"
fi
echo "Exporting $key to file: $new_filepath"
# Use printf to avoid issues with content starting with -
printf "%s" "$file_content" > "$new_filename"
printf "%s" "$file_content" > "$new_filepath"
echo "$key=$new_filepath # *file*" >> "$env_file"
else