pkg/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2026-02-22 21:05:44 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Swap order of age ssh keys and the key file

Browse source 
It makes more sense to import the key when we have one and ignore the
SSH keys instead of only importing the key when we have no SSH keys.
This is because we import all SSH keys by default in the module and
using a key file means the use has to explicitly unset the SSH keys.
This commit is contained in:
Janne Heß 2021-09-30 13:48:27 +02:00
parent ae84c313c5
commit 9083e64fb9
No known key found for this signature in database
GPG key ID: 69165158F05265DF
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pkgs/sops-install-secrets/main.go
View file

@ -645,15 +645,15 @@ func installSecrets(args []string) error {
os.Setenv("GNUPGHOME", manifest.GnupgHome)
}
if len(manifest.AgeSshKeyPaths) != 0 {
if manifest.AgeKeyFile != "" {
os.Setenv("SOPS_AGE_KEY_FILE", manifest.AgeKeyFile)
} else if len(manifest.AgeSshKeyPaths) != 0 {
keyfile := filepath.Join(manifest.SecretsMountPoint, "age-keys.txt")
err = importAgeSSHKeys(manifest.AgeSshKeyPaths, keyfile)
if err != nil {
return err
}
os.Setenv("SOPS_AGE_KEY_FILE", keyfile)
} else if manifest.AgeKeyFile != "" {
os.Setenv("SOPS_AGE_KEY_FILE", manifest.AgeKeyFile)
}
if err := decryptSecrets(manifest.Secrets); err != nil {