Comments (15)
mike10010100
commented on May 27, 2024
1
This is still occurring for sops 3.0.5. Any updates on this?
from helm-secrets.
nitrogear
commented on May 27, 2024
1
Have the same issue. Can anyone explain how to resolve it?
from helm-secrets.
stefanthorpe
commented on May 27, 2024
@stoyle did you find out what the cause of the issue was? I'm getting the same results.
from helm-secrets.
stoyle
commented on May 27, 2024
No, still failing. But I am using helm-secrets successfully with my own encrypted files. So it works, regardless of this test failure.
from helm-secrets.
stefanthorpe
commented on May 27, 2024
I upgraded sops to 3.0.3 this seemed to help
from helm-secrets.
stoyle
commented on May 27, 2024
Same problem here:
Error: plugin "secrets" exited with error
General error
➜ helm-secrets git:(master) ✗ sops --version
sops 3.0.3 (latest)
helm secrets is working for us, by the way. Just not in this test.
Cheers,
Alf
from helm-secrets.
caussourd
commented on May 27, 2024
I have the same issue (sops 3.0.3)
from helm-secrets.
marcpalm
commented on May 27, 2024
I just tried to get the examples running:
helm secrets dec example/helm_vars/projectX/sandbox/us-east-1/java-app/secrets.yaml
Decrypting example/helm_vars/projectX/sandbox/us-east-1/java-app/secrets.yaml
Error decrypting tree: Error walking tree: Could not decrypt value: crypto/aes: invalid key size 31
Maybe this is related? Btw, helm secrets dec example/helm_vars/secrets.yaml works.
Best, Marc
from helm-secrets.
yujunz
commented on May 27, 2024
Have the same issue when trying the example
helm secrets dec example/helm_vars/projectX/sandbox/us-east-1/java-app/secrets.yaml
Decrypting example/helm_vars/projectX/sandbox/us-east-1/java-app/secrets.yaml
Error decrypting tree: Error walking tree: Could not decrypt value: crypto/aes: invalid key size 31
Error: plugin "secrets" exited with error
- sops 3.0.5 (latest)
- helm-secrets 1.3.1
from helm-secrets.
tarrall
commented on May 27, 2024
Here's a couple more datapoints: the issue happens with plain old sops (not just helm-secrets), and before the upgrade from sops 2.x to sops 3.x, the error wasn't happening:
tarrall@Tarrall <~/gits/helm-secrets>git status
HEAD detached at 98509c7
nothing to commit, working tree clean
tarrall@Tarrall <~/gits/helm-secrets>sops -d example/helm_vars/projectX/production/us-east-1/java-app/secrets.yaml
secret_production_projectx: secret_foo_123
tarrall@Tarrall <~/gits/helm-secrets>git checkout 098df35aabbd4169d0a9569227cef454560e7f86
[...]
tarrall@Tarrall <~/gits/helm-secrets>sops -d example/helm_vars/projectX/production/us-east-1/java-app/secrets.yaml
Error decrypting tree: Error walking tree: Could not decrypt value: crypto/aes: invalid key size 31
Given the timing on that commit, I wonder if it was bitten by getsops/sops#278 ... though mildly surprising that it's not failing for everyone.
If it's that, re-encrypting the examples with a more recent version of sops (e.g. 3.1.1) would be a fix.
from helm-secrets.
sandywang1982
commented on May 27, 2024
Getting the same error with secrets 2.0.0, sops 3.1.1, both are latest.
from helm-secrets.
jbuettnerbild
commented on May 27, 2024
same with sops 3.2.0
from helm-secrets.
szibis
commented on May 27, 2024
@jbuettnerbild @sandywang1982 @stoyle anyone can check if these issues exist on latest 2.0.1 version from the master?
from helm-secrets.
stoyle
commented on May 27, 2024
Looks like it is failing somewhat earlier now. On latest master:
➜ helm-secrets git:(master) sops --version
sops 3.2.0 (latest)
➜ helm-secrets git:(master) ./test.sh
+++ Installing helm-secrets plugin
[OK] helm-secrets plugin installed
+++ Importing private pgp key for projectx
gpg: key AF1D073646ED4927: "helm-secrets-example-projectx <[email protected]>" not changed
gpg: key AF1D073646ED4927: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys unchanged: 1
+++ Importing private pgp key for projectx
gpg: key 19F6A67BB1B8DDBE: "helm-secrets-example-projecty <[email protected]>" not changed
gpg: key 19F6A67BB1B8DDBE: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys unchanged: 1
+++ Show helm_vars tree from example
example/helm_vars/
├── .sops.yaml
├── projectX
│ ├── .sops.yaml
│ ├── production
│ │ └── us-east-1
│ │ └── java-app
│ │ ├── secrets.yaml
│ │ └── value.yaml
│ └── sandbox
│ └── us-east-1
│ └── java-app
│ ├── secrets.yaml
│ └── value.yaml
├── projectY
│ ├── .sops.yaml
│ ├── production
│ │ └── us-east-1
│ │ └── java-app
│ │ ├── secrets.yaml
│ │ └── value.yaml
│ └── sandbox
│ └── us-east-1
│ └── java-app
│ ├── secrets.yaml
│ └── value.yaml
├── secrets.yaml
└── values.yaml
14 directories, 13 files
+++ Testing ./example/helm_vars/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[FAIL] Not Encrypted or re-encrypted. Should be already encrypted with no re-encryption.
General error
from helm-secrets.
sandywang1982
commented on May 27, 2024
Mine works fine, I have checked out the latest code.
sandy@xxxx:~/helm-secrets$ ./test.sh
+++ Installing helm-secrets plugin
[OK] helm-secrets plugin installed
+++ Importing private pgp key for projectx
gpg: key AF1D073646ED4927: "helm-secrets-example-projectx <[email protected]>" not changed
gpg: key AF1D073646ED4927: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys unchanged: 1
+++ Importing private pgp key for projectx
gpg: key 19F6A67BB1B8DDBE: "helm-secrets-example-projecty <[email protected]>" not changed
gpg: key 19F6A67BB1B8DDBE: secret key imported
gpg: Total number processed: 1
gpg: unchanged: 1
gpg: secret keys read: 1
gpg: secret keys unchanged: 1
+++ Show helm_vars tree from example
example/helm_vars/
├── .sops.yaml
├── projectX
│ ├── .sops.yaml
│ ├── production
│ │ └── us-east-1
│ │ └── java-app
│ │ ├── secrets.yaml
│ │ └── value.yaml
│ └── sandbox
│ └── us-east-1
│ └── java-app
│ ├── secrets.yaml
│ └── value.yaml
├── projectY
│ ├── .sops.yaml
│ ├── production
│ │ └── us-east-1
│ │ └── java-app
│ │ ├── secrets.yaml
│ │ └── value.yaml
│ └── sandbox
│ └── us-east-1
│ └── java-app
│ ├── secrets.yaml
│ └── value.yaml
├── secrets.yaml
└── values.yaml
14 directories, 13 files
+++ Testing ./example/helm_vars/projectX/production/us-east-1/java-app/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[OK] Already Encrypted
+++ View encrypted Test
[OK] File decrypted and viewable
+++ Decrypt
[OK] File decrypted
+++ Cleanup Test
[OK] Cleanup specified directory
[OK] Cleanup specified .dec file
+++ Once again Encrypt and Test
[OK] File properly encrypted
+++ Testing ./example/helm_vars/projectX/sandbox/us-east-1/java-app/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[OK] Already Encrypted
+++ View encrypted Test
[OK] File decrypted and viewable
+++ Decrypt
[OK] File decrypted
+++ Cleanup Test
[OK] Cleanup specified directory
[OK] Cleanup specified .dec file
+++ Once again Encrypt and Test
[OK] File properly encrypted
+++ Testing ./example/helm_vars/projectY/production/us-east-1/java-app/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[OK] Already Encrypted
+++ View encrypted Test
[OK] File decrypted and viewable
+++ Decrypt
[OK] File decrypted
+++ Cleanup Test
[OK] Cleanup specified directory
[OK] Cleanup specified .dec file
+++ Once again Encrypt and Test
[OK] File properly encrypted
+++ Testing ./example/helm_vars/projectY/sandbox/us-east-1/java-app/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[OK] Already Encrypted
+++ View encrypted Test
[OK] File decrypted and viewable
+++ Decrypt
[OK] File decrypted
+++ Cleanup Test
[OK] Cleanup specified directory
[OK] Cleanup specified .dec file
+++ Once again Encrypt and Test
[OK] File properly encrypted
+++ Testing ./example/helm_vars/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[OK] Already Encrypted
+++ View encrypted Test
[OK] File decrypted and viewable
+++ Decrypt
[OK] File decrypted
+++ Cleanup Test
[OK] Cleanup specified directory
[OK] Cleanup specified .dec file
+++ Once again Encrypt and Test
[OK] File properly encrypted
from helm-secrets.
Related Issues (20)
- helm secret "invalid option" issue with helm3 HOT 7
- helm secrets install not decrypting secrets.yaml HOT 1
- add support for Windows
- Automatically picking up secrets.yaml
- Keys management with helm secrets HOT 2
- Install SOPS without root HOT 1
- "Not encrypted" line causing trouble in Spinnaker pipeline
- helm-secrets does not migrate or install with latest helm3 HOT 5
- Helm3 --dry-run exposes secrets
- helm-secrets updatekeys when keys are added in .sops.yaml
- Encrypted secret values provided to helm HOT 2
- Decrypt secrets in a temporary folder HOT 2
- Question: How to debug helm-secrets HOT 1
- "helm secrets clean ." does not work HOT 1
- Secrets should be decrypted to tmpfs HOT 1
- helm secrets triggering increase in history over 1Meg etc limit HOT 4
- Upgrade SOPS version to 3.6.0
- Failed running helm secrets after installtion HOT 1
- Using 'rm -v' causes integration with argocd to fail.
- Add deprecation warning
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helm-secrets.