#!/usr/bin/env bash
# copyright (c) 2017 Tom Dunlap
# based on lpass-add copyright (c) 2016 Luke Turner
# Released under MIT License (SPDX:MIT)

set -o errexit
set -o nounset
set -o pipefail

readonly LPASS_USER=tdunlap@pivotal.io
readonly KEY_NAME=personal_key

TEMP_CERT_FILE=$(mktemp)
readonly TEMP_CERT_FILE

onexit() {
	local EXIT_CODE=$?
	echo "Removing temporary file $TEMP_CERT_FILE"
	rm "$TEMP_CERT_FILE"
    if [[ $EXIT_CODE == 0 ]]; then
        echo "lpass-add: identity added successfully"
	else
        echo "lpass-add: failed to add identity $KEY_NAME"
        echo "Script exited with code $EXIT_CODE"
    fi
}

trap onexit EXIT

LPASS_DISABLE_PINENTRY=1 lpass login $LPASS_USER
echo "Writing key $KEY_NAME to temporary file $TEMP_CERT_FILE"
lpass show --notes "$KEY_NAME" > "$TEMP_CERT_FILE"
echo "Adding SSH key $KEY_NAME"
ssh-add -t 28800 "$TEMP_CERT_FILE"