From 9fcabba3149642742f55eccd40e96cd3eae65231 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Fri, 27 Sep 2024 14:31:19 -0400 Subject: [PATCH] fix: use sops `filestatus` for discovering non-encrypted sops files Fixes: https://github.com/onedr0p/cluster-template/issues/1539 --- .taskfiles/Sops/Taskfile.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 7880a0056f9..5bb2885a32f 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -18,7 +18,7 @@ tasks: file: "{{.ITEM}}" vars: file: - sh: find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" -exec grep -L "ENC\[AES256_GCM" {} \; + sh: find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" | xargs -I {} sh -c 'sops filestatus {} | jq --exit-status ".encrypted == false" > /dev/null && echo {}' .encrypt-file: internal: true