From 6455d4522facb9805daa20cb8f3fd04ee79838b8 Mon Sep 17 00:00:00 2001 From: Trevor Porter Date: Thu, 24 Oct 2019 11:21:13 -0700 Subject: [PATCH 1/3] Fix key_placer --- scripts/key_placer.sh | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/scripts/key_placer.sh b/scripts/key_placer.sh index a5372f196ca..e76142baeb7 100755 --- a/scripts/key_placer.sh +++ b/scripts/key_placer.sh @@ -39,27 +39,40 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" cd $DIR cd .. +if [[ $1 != "encrypt" ]] && [[ $1 != "decrypt" ]]; then + echo "invalid action $1. Choose 'encrypt' or 'decrypt'" + exit 1 +fi command -v gcloud > /dev/null 2>&1 if [[ $? -eq 1 ]]; then - echo "gcloud is not installed - skipping decryption" - exit 0 + echo "gcloud is not installed - skipping ${1}ion" + exit 1 fi for file_path in "${files[@]}"; do - file_path_without_extension=`echo "$file_path" | sed "s/.*\///"` - file_dir=$(dirname "${file_path}") - encrypted="$file_dir/$file_path_without_extension.enc" + encrypted_file_path="$file_path.enc" + + if [[ $1 == "decrypt" ]] && ! test -f "$encrypted_file_path"; then + echo "$encrypted_file_path does not exist, cannot decrypt - skipping file" + continue + elif [[ $1 == "encrypt" ]] && ! test -f "$file_path"; then + echo "$file_path does not exist, cannot encrypt - skipping file" + continue + fi - if test -f "$encrypted"; then - gcloud kms $1 --ciphertext-file=$encrypted --plaintext-file=$file_path --key=github-key --keyring=celo-keyring --location=global --project celo-testnet > /dev/null 2>&1 - if [[ $? -eq 1 ]]; then - echo "Only C Labs employees can decrypt keys - skipping decryption" - exit 0 - fi + gcloud kms $1 --ciphertext-file=$encrypted_file_path --plaintext-file=$file_path --key=github-key --keyring=celo-keyring --location=global --project celo-testnet + if [[ $? -eq 1 ]]; then + echo "Only C Labs employees can $1 keys - skipping ${1}ion" + exit 1 fi done -echo "Encrypted files decrypted" +if [[ $1 == "decrypt" ]]; then + echo "Encrypted files decrypted" +elif [[ $1 == "encrypt" ]]; then + echo "Decrypted files encrypted" +fi + exit 0 From 9921e1e887b74443d79964c71808d4afec6b4de5 Mon Sep 17 00:00:00 2001 From: Trevor Porter Date: Thu, 24 Oct 2019 11:36:52 -0700 Subject: [PATCH 2/3] Update key_placer.sh --- scripts/key_placer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/key_placer.sh b/scripts/key_placer.sh index e76142baeb7..b424805ecff 100755 --- a/scripts/key_placer.sh +++ b/scripts/key_placer.sh @@ -48,7 +48,7 @@ command -v gcloud > /dev/null 2>&1 if [[ $? -eq 1 ]]; then echo "gcloud is not installed - skipping ${1}ion" - exit 1 + exit 0 fi for file_path in "${files[@]}"; do From 7c9c3859d6b8f37a6893c313ebb02fc7106c5213 Mon Sep 17 00:00:00 2001 From: Trevor Porter Date: Thu, 24 Oct 2019 14:28:45 -0700 Subject: [PATCH 3/3] Update key_placer.sh --- scripts/key_placer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/key_placer.sh b/scripts/key_placer.sh index b424805ecff..ebd7df35e40 100755 --- a/scripts/key_placer.sh +++ b/scripts/key_placer.sh @@ -65,7 +65,7 @@ for file_path in "${files[@]}"; do gcloud kms $1 --ciphertext-file=$encrypted_file_path --plaintext-file=$file_path --key=github-key --keyring=celo-keyring --location=global --project celo-testnet if [[ $? -eq 1 ]]; then echo "Only C Labs employees can $1 keys - skipping ${1}ion" - exit 1 + exit 0 fi done