yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add dummy sops manifest

Browse Source
This commit is contained in:
Jörg Thalheim
2023-08-08 16:40:32 +02:00
parent d8c2df2e72
commit 35f2d6a76e
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkgs/clan-cli/clan_cli/secrets/sops.py
View File

@@ -138,14 +138,17 @@ def encrypt_file(
folder.mkdir(parents=True, exist_ok=True) folder.mkdir(parents=True, exist_ok=True)
# hopefully /tmp is written to an in-memory file to avoid leaking secrets # hopefully /tmp is written to an in-memory file to avoid leaking secrets
with NamedTemporaryFile(delete=False) as f: with NamedTemporaryFile(delete=False) as dummy_manifest_file, NamedTemporaryFile(
delete=False
) as f:
try: try:
with open(f.name, "w") as fd: with open(f.name, "w") as fd:
if isinstance(content, str): if isinstance(content, str):
fd.write(content) fd.write(content)
else: else:
shutil.copyfileobj(content, fd) shutil.copyfileobj(content, fd)
args = ["sops"] # we pass an empty manifest to pick up existing configuration of the user
args = ["sops", "--config", dummy_manifest_file.name]
for key in keys: for key in keys:
args.extend(["--age", key]) args.extend(["--age", key])
args.extend(["-i", "--encrypt", str(f.name)]) args.extend(["-i", "--encrypt", str(f.name)])