fixed minisign failure with trailing newline in .plan

2 years ago · 1c736072d5
parent 43bc144185
commit 1c736072d5
2 changed files with 17 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -55,7 +55,6 @@ Several other aspects can be configured via environment variables:
 - `DOTPLAN_CONFIG_PATH`: the config file to read and write (`$HOME/.dotplan.conf.json`)
 - `DOTPLAN_MINISIGN_PRIVATE_KEY` the location of your private key (`$HOME/.minisign/minisign.key`)
 - `DOTPLAN_PLAN_PATH` the location of your plan for the `publish` and `edit` commands (`$HOME/.plan`)
- `DOTPLAN_PLAN_SIG_PATH` where to save the signature for the `publish` and `edit` commands (`$HOME/.plan.minisig`)
 - `DOTPLAN_CURL_PATH` to specify the location of `curl`
 - `DOTPLAN_JQ_PATH` to specify the location of `jq`
 - `DOTPLAN_DRILL_PATH` to specify the location of `drill` or `dig`
--- a/23
+++ b/23
@ -15,11 +15,10 @@
 #   "relayProvider": "https://dotplan.online"
 # }

-version="v0.9.1"
+version="v0.9.2"
 config_path=${DOTPLAN_CONFIG_PATH:-"$HOME/.dotplan.conf.json"}
 minisign_private_key=${DOTPLAN_MINISIGN_PRIVATE_KEY:-"$HOME/.minisign/minisign.key"}
 plan_path=${DOTPLAN_PLAN_PATH:-"$HOME/.plan"}
-plan_sig_path=${DOTPLAN_PLAN_SIG_PATH:-"$HOME/.plan.minisig"}

 usage() {
  echo "dotplan.online CLI $version"
@ -91,6 +90,10 @@ validate_email() (
  exit $good_email
 )

+make_temp_file() {
+  echo 'mkstemp(template)' | m4 -D template="${TMPDIR:-"/tmp"}/dotplanXXXXXX"
+}
+
 check_curl_resp() {
  curl_resp=$1
  check_key=$2
@ -174,11 +177,19 @@ publish() (
  curl_data=$(jq -n --arg token "$token" --arg plan "$plan_content" '{"plan":$plan,"auth":$token}')
  if [ -n "$minisign" ]; then
    echo "signing plan with key $minisign_private_key"
-    if ! $minisign -S -q -s "$minisign_private_key" -x "$plan_sig_path" -m "$plan_path"; then
+    plan_temp_file=$(make_temp_file)
+    plan_sig_temp_file=$(make_temp_file)
+    # this normalizes the content with the json,
+    # removing trailing newline if it exists
+    printf "%s" "$plan_content" > "$plan_temp_file"
+    $minisign -S -q -s "$minisign_private_key" -x "$plan_sig_temp_file" -m "$plan_temp_file"
+    minisign_success=$?
+    plan_sig_content=$(cat "$plan_sig_temp_file")
+    rm "$plan_temp_file" "$plan_sig_temp_file"
+    if [ "$minisign_success" -ne 0 ]; then
      error 'minisign command failed'
      exit 1
    fi
-    plan_sig_content=$(cat "$plan_sig_path")
    curl_data=$(echo "$curl_data" | jq --arg signature "$plan_sig_content" '.signature=$signature')
  fi
  curl_url="$publish_provider/plan/$(url_encode "$auth_email")"
@ -229,8 +240,8 @@ fetch() (
      error "plan is not signed"
      exit 1
    fi
-    temp_plan_file=$(echo 'mkstemp(template)' | m4 -D template="${TMPDIR:-"/tmp"}/dotplanXXXXXX")
-    temp_sig_file="$temp_plan_file.minisig"
+    temp_plan_file=$(make_temp_file)
+    temp_sig_file=$(make_temp_file)
    printf "%s" "$plan_content" > "$temp_plan_file"
    printf "%s" "$sig_content" > "$temp_sig_file"
    minisign -q -Vm "$temp_plan_file" -x "$temp_sig_file" -P "$fetch_pubkey"