yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'cli: don't generate a sops key that is world readable' (#3877) from push-ytvoytptyzrz into main

Browse Source 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3877
This commit is contained in:
Michael Hoang
2025-06-06 02:30:48 +00:00
parent 4592eeb0b8 9479f33f6e
commit 9d96c3ab97
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkgs/clan-cli/clan_cli/secrets/sops.py
View File

@@ -352,6 +352,7 @@ def generate_private_key(out_file: Path | None = None) -> tuple[str, str]:
raise ClanError(msg) raise ClanError(msg)
if out_file: if out_file:
out_file.parent.mkdir(parents=True, exist_ok=True) out_file.parent.mkdir(parents=True, exist_ok=True)
out_file.touch(mode=0o600)
out_file.write_text(res) out_file.write_text(res)
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError as e:
msg = "Failed to generate private sops key" msg = "Failed to generate private sops key"