From 710b832066c9ba5135a21e2fb1ca38bdcdb75830 Mon Sep 17 00:00:00 2001 From: Louis Opter Date: Sun, 29 Sep 2024 19:27:20 -0700 Subject: [PATCH] Fix: do not assume users use age keys in vars/sops With added support for PGP for users keys, do not assume an age key is going to be present in secrets files. --- pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py b/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py index 761621674..42d0f7bbb 100644 --- a/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py +++ b/pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py @@ -229,7 +229,7 @@ class SecretStore(SecretStoreBase): ) -> bool: secret_path = self.secret_path(generator_name, secret_name, shared) secret = json.loads((secret_path / "secret").read_text()) - recipients = [r["recipient"] for r in secret["sops"]["age"]] + recipients = [r["recipient"] for r in (secret["sops"].get("age") or [])] machines_folder_path = sops_machines_folder(self.machine.flake_dir) machine_pubkey = json.loads( (machines_folder_path / self.machine.name / "key.json").read_text()