secrets modules: pass secrets as bytes

2024-01-30 11:57:07 +01:00
parent 140973270a
commit 59c09a114c
3 changed files with 5 additions and 5 deletions
--- a/pkgs/clan-cli/clan_cli/secrets/modules/password_store.py
+++ b/pkgs/clan-cli/clan_cli/secrets/modules/password_store.py
@@ -10,13 +10,13 @@ class SecretStore:
    def __init__(self, machine: Machine) -> None:
        self.machine = machine

-    def set(self, service: str, name: str, value: str) -> None:
+    def set(self, service: str, name: str, value: bytes) -> None:
        subprocess.run(
            nix_shell(
                ["nixpkgs#pass"],
                ["pass", "insert", "-m", f"machines/{self.machine.name}/{name}"],
            ),
-            input=value.encode("utf-8"),
+            input=value,
            check=True,
        )

--- a/pkgs/clan-cli/clan_cli/secrets/modules/sops.py
+++ b/pkgs/clan-cli/clan_cli/secrets/modules/sops.py
@@ -28,11 +28,11 @@ class SecretStore:
        )
        add_machine(self.machine.flake_dir, self.machine.name, pub_key, False)

-    def set(self, _service: str, name: str, value: str) -> None:
+    def set(self, _service: str, name: str, value: bytes) -> None:
        encrypt_secret(
            self.machine.flake_dir,
            sops_secrets_folder(self.machine.flake_dir) / f"{self.machine.name}-{name}",
-            value,
+            value.decode(),
            add_machines=[self.machine.name],
        )