From 6611f0b623698238349b92a3a92982489903388b Mon Sep 17 00:00:00 2001
From: Patrick Kissling <patrick.kissling@de.bosch.com>
Date: Thu, 26 Oct 2023 17:07:56 +0200
Subject: [PATCH] Install private SSH and GPG key from 1Password

---
 Makefile       |  2 +-
 gpg/install.sh | 11 +++++++++++
 ssh/install.sh | 14 ++++++++++++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 1bf4b7c..eaa2ebb 100644
--- a/Makefile
+++ b/Makefile
@@ -21,7 +21,7 @@ git: bootstrap
 	@chmod +x git/install.sh
 	@./git/install.sh
 
-gpg: bootstrap
+gpg: bootstrap brew
 	@chmod +x gpg/install.sh
 	@./gpg/install.sh
 
diff --git a/gpg/install.sh b/gpg/install.sh
index dcf4ae2..1d8c490 100755
--- a/gpg/install.sh
+++ b/gpg/install.sh
@@ -11,3 +11,14 @@ ln -sfv "${HOME}"/dotfiles/gpg/gpg-agent_"${USAGE}".conf "${HOME}"/.gnupg/gpg-ag
 # import public gpg keys
 gpg --import ~/dotfiles/gpg/private.asc
 gpg --import ~/dotfiles/gpg/work.asc
+
+# add private gpg key from 1password, if not exist
+if [ -z "$(gpg --list-secret-keys)" ]; then
+  if [ "${USAGE}" = "work" ]; then
+    ONE_PASSWORD_VAULT="Azena"
+  else
+    ONE_PASSWORD_VAULT="Personal"
+  fi
+  ONE_PASSWORD_DOCUMENT_ID=$(op item get 'GPG Private Key' --vault "${ONE_PASSWORD_VAULT}" --format json | jq -r .id)
+  gpg --import <(op document get "${ONE_PASSWORD_DOCUMENT_ID}")
+fi
diff --git a/ssh/install.sh b/ssh/install.sh
index 0e492a0..abf20a0 100755
--- a/ssh/install.sh
+++ b/ssh/install.sh
@@ -15,3 +15,17 @@ ln -sfv "${HOME}"/.ssh/"${USAGE}".priv "${HOME}"/.ssh/id_rsa
 
 # create symlinks for config file
 ln -sfv "${HOME}"/dotfiles/ssh/config "${HOME}"/.ssh
+
+# add private ssh key from 1password, if not exist
+# shellcheck disable=SC2140
+if [ ! -f "${HOME}"/.ssh/"${USAGE}.priv" ]; then
+  if [ "${USAGE}" = "work" ]; then
+    ONE_PASSWORD_VAULT="Azena"
+  else
+    ONE_PASSWORD_VAULT="Personal"
+  fi
+  ONE_PASSWORD_DOCUMENT_ID=$(op item get 'SSH Private Key' --vault "${ONE_PASSWORD_VAULT}" --format json | jq -r .id)
+  # shellcheck disable=SC2140
+  op read op://"${ONE_PASSWORD_VAULT}"/"${ONE_PASSWORD_DOCUMENT_ID}"/'private key' > "${HOME}"/.ssh/"${USAGE}.priv"
+  chmod 600 "${HOME}"/.ssh/"${USAGE}.priv"
+fi