From 5b4b72d7ac547aa79f1dc6f314da327527c321a9 Mon Sep 17 00:00:00 2001 From: cypr0 Date: Mon, 7 Oct 2024 18:00:57 +0200 Subject: [PATCH 1/4] Fix 'xargs: command line too long' error by limiting the number of arguments passed to xargs to avoid exceeding system limits. --- .taskfiles/Sops/Taskfile.yaml | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 5bb2885a32f..304f95d91bb 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -12,24 +12,13 @@ tasks: encrypt: desc: Encrypt all Kubernetes SOPS secrets cmds: - - for: { var: file } - task: .encrypt-file - vars: - file: "{{.ITEM}}" - vars: - file: - sh: find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" | xargs -I {} sh -c 'sops filestatus {} | jq --exit-status ".encrypted == false" > /dev/null && echo {}' - - .encrypt-file: - internal: true - cmd: sops --encrypt --in-place {{.file}} - requires: - vars: ["file"] - preconditions: - - msg: Missing Sops config file - sh: test -f {{.SOPS_CONFIG_FILE}} - - msg: Missing Sops Age key file - sh: test -f {{.AGE_FILE}} + - cmd: | + find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" | while read -r file; do + if sops filestatus "$file" | jq --exit-status ".encrypted == false" > /dev/null; then + sops --encrypt --in-place "$file" + echo "Encrypted $file" + fi + done .reset: internal: true From 208636096ca5f4a01b9c4621906967edcb9df07b Mon Sep 17 00:00:00 2001 From: cypr0 Date: Mon, 7 Oct 2024 20:07:59 +0200 Subject: [PATCH 2/4] Fix invalid key 'sh' in Taskfile: replaced with 'cmd' for shell commands execution. --- .taskfiles/Sops/Taskfile.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 304f95d91bb..48248a94902 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -13,6 +13,14 @@ tasks: desc: Encrypt all Kubernetes SOPS secrets cmds: - cmd: | + if [ ! -f {{.SOPS_CONFIG_FILE}} ]; then + echo "Missing Sops config file" + exit 1 + fi + if [ ! -f {{.AGE_FILE}} ]; then + echo "Missing Sops Age key file" + exit 1 + fi find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" | while read -r file; do if sops filestatus "$file" | jq --exit-status ".encrypted == false" > /dev/null; then sops --encrypt --in-place "$file" From 9dde9ebd4efc8586070062f463ae2185037c8bb2 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 7 Oct 2024 18:18:57 -0400 Subject: [PATCH 3/4] Update Taskfile.yaml --- .taskfiles/Sops/Taskfile.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 48248a94902..7b771e23e96 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -13,20 +13,17 @@ tasks: desc: Encrypt all Kubernetes SOPS secrets cmds: - cmd: | - if [ ! -f {{.SOPS_CONFIG_FILE}} ]; then - echo "Missing Sops config file" - exit 1 - fi - if [ ! -f {{.AGE_FILE}} ]; then - echo "Missing Sops Age key file" - exit 1 - fi find "{{.KUBERNETES_DIR}}" -type f -name "*.sops.*" | while read -r file; do if sops filestatus "$file" | jq --exit-status ".encrypted == false" > /dev/null; then sops --encrypt --in-place "$file" echo "Encrypted $file" fi done + preconditions: + - msg: Missing Sops config + sh: test -f {{.SOPS_CONFIG_FILE}} + - msg: Missing Sops Age key file + sh: test -f {{.AGE_FILE}} .reset: internal: true From 5fef7d769966e876b1aa2debfbd4d7186cc46b0b Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Mon, 7 Oct 2024 18:19:28 -0400 Subject: [PATCH 4/4] Update .taskfiles/Sops/Taskfile.yaml --- .taskfiles/Sops/Taskfile.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 7b771e23e96..ff9342c9d7c 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -20,7 +20,7 @@ tasks: fi done preconditions: - - msg: Missing Sops config + - msg: Missing Sops config file sh: test -f {{.SOPS_CONFIG_FILE}} - msg: Missing Sops Age key file sh: test -f {{.AGE_FILE}}