From 25ce97dd5e6d4b1998e5c38ea710623774932ae0 Mon Sep 17 00:00:00 2001 From: Louis Opter Date: Mon, 22 Sep 2025 00:47:27 +0000 Subject: [PATCH] clan-cli/secrets: update some error message in encrypt_secret Found that while reading through some code. --- pkgs/clan-cli/clan_cli/secrets/secrets.py | 30 ++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/pkgs/clan-cli/clan_cli/secrets/secrets.py b/pkgs/clan-cli/clan_cli/secrets/secrets.py index 5b63eeaa5..750d5a3f6 100644 --- a/pkgs/clan-cli/clan_cli/secrets/secrets.py +++ b/pkgs/clan-cli/clan_cli/secrets/secrets.py @@ -27,7 +27,7 @@ from .sops import ( read_keys, update_keys, ) -from .types import VALID_SECRET_NAME, secret_name_type +from .types import VALID_SECRET_NAME, VALID_USER_NAME, secret_name_type log = logging.getLogger(__name__) @@ -158,8 +158,32 @@ def encrypt_secret( admin_keys = sops.ensure_admin_public_keys(flake_dir) if not admin_keys: - # TODO double check the correct command to run - msg = "No keys found. Please run 'clan secrets add-key' to add a key." + users = list_objects( + sops_users_folder(flake_dir), + is_valid=lambda name: VALID_USER_NAME.match(name) is not None, + ) + msg = ( + "No admin keys found.\n\n" + "Please run 'clan secrets key generate' to create a key. " + ) + if (count := len(users)) > 1: + msg += ( + f"Then run 'clan secrets users add-key' " + f"to add the key to an user you already have " + f"({', '.join(users)}), or use 'clan secrets users add' " + f"to create a new user with the new key." + ) + elif count == 1: + msg += ( + f"Then run 'clan secrets users add-key {users[0]}' " + f"to add the key to the user you already have, or use " + f"'clan secrets users add' to create a new user " + f"with the new key." + ) + else: + msg += ( + "Then run 'clan secrets users add' to associate the key with an user." + ) raise ClanError(msg) username = next(iter(admin_keys)).username