#!/usr/bin/env bash

if [[ "$#" -ne 1 ]]; then
  echo "Usage: $0 <sops-master-key>"
  exit 1
fi

export SOPS_AGE_KEY_FILE="$1"

for SOPS_FILE in $(find . -type f -name 'sops.yaml'); do
  dir=$(dirname "${SOPS_FILE}")
  echo "${dir}"
  find "${dir}" -maxdepth 1 -type f -regextype posix-extended -regex '.+\.(yaml|yml|json|env|ini|bin)' | while read -r file; do
    echo "${file}"
    nix shell nixpkgs#sops --command sops --config "${SOPS_FILE}" updatekeys "${file}" -y
  done
done