Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

-d option in recrypt overrides encryption_method from config.yaml #292

Open
oveaurs opened this issue Nov 14, 2019 · 1 comment
Open

-d option in recrypt overrides encryption_method from config.yaml #292

oveaurs opened this issue Nov 14, 2019 · 1 comment

Comments

@oveaurs
Copy link

oveaurs commented Nov 14, 2019

If you have a config.yaml with encryption_method: 'gpg' and do a eyaml recrypt, pkcs7 is still used, because the -d option added in https://github.com/voxpupuli/hiera-eyaml/pull/232/files overrides it. I see that there also is a -n option for the recrypt command that is possibly trying to do the same thing. This also fails: eyaml recrypt -n gpg somefile and tries to use pkcs7.

I've worked around the problem by adding change_encryption: 'gpg' to my config.yaml, but it seems to me that the -d and -n options are redundant, and -d should be removed (or added as an alias somehow for the -n option perhaps to avoid breaking it for those using the -d option).

@mricon
Copy link

mricon commented Oct 9, 2020

Thank you for the workaround. I can confirm that setting change_encryption: 'gpg' fixes the problem.

On a side note, looks like eyaml recrypt has been broken for gpg for over 3 years, which isn't a good sign for users of eyaml. :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants