yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix: do not assume users use age keys in vars/sops

Browse Source 
With added support for PGP for users keys, do not assume an age key is
going to be present in secrets files.
This commit is contained in:
Louis Opter
2024-09-29 19:27:20 -07:00
committed by Mic92
parent 30d0afe75b
commit 710b832066
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/clan-cli/clan_cli/vars/secret_modules/sops.py
View File

@@ -229,7 +229,7 @@ class SecretStore(SecretStoreBase):
) -> bool: ) -> bool:
secret_path = self.secret_path(generator_name, secret_name, shared) secret_path = self.secret_path(generator_name, secret_name, shared)
secret = json.loads((secret_path / "secret").read_text()) secret = json.loads((secret_path / "secret").read_text())
recipients = [r["recipient"] for r in secret["sops"]["age"]] recipients = [r["recipient"] for r in (secret["sops"].get("age") or [])]
machines_folder_path = sops_machines_folder(self.machine.flake_dir) machines_folder_path = sops_machines_folder(self.machine.flake_dir)
machine_pubkey = json.loads( machine_pubkey = json.loads(
(machines_folder_path / self.machine.name / "key.json").read_text() (machines_folder_path / self.machine.name / "key.json").read_text()