Comments (9)
I am also seeing this. I assumed it was my packaging of the gems as RPMs, but this issue seems to indicate not.
OS: CentOS 6.4 x86_64
# rpm -qa|grep hiera|sort
hiera-1.2.0-1.el6.noarch
hiera-eyaml-1.3.4-1.el6.re.noarch
hiera-eyaml-gpg-0.1-1.el6.re.noarch
hiera-yamlgpg-0.1.7-1.el6.re.noarch
# eyaml -v
Hiera-eyaml version 1.3.4
from hiera-eyaml-gpg.
Hmmm... running the command without the --gpg-recipients flag gives:
$ eyaml -n gpg -e -s 'admin'
[eyaml_gpg]: GNUPGHOME is
[eyaml_gpg]: Searching for any hiera-eyaml-gpg.recipents files in path
[eyaml_gpg]: Recipents are
/usr/lib/ruby/gems/1.8/gems/hiera-eyaml-gpg-0.1/lib/hiera/backend/eyaml/encryptors/gpg.rb:97:in encrypt': No recipients provided, don't know who to encrypt to (ArgumentError) from /usr/lib/ruby/gems/1.8/gems/hiera-eyaml-1.3.4/lib/hiera/backend/eyaml/actions/encrypt_action.rb:38:in
execute'
from /usr/lib/ruby/gems/1.8/gems/hiera-eyaml-1.3.4/lib/hiera/backend/eyaml/CLI.rb:101:in execute' from /usr/lib/ruby/gems/1.8/gems/hiera-eyaml-1.3.4/bin/eyaml:13 from /usr/bin/eyaml:19:in
load'
from /usr/bin/eyaml:19
This seems to suggest that the gem is registered, but for some reason the options provided in the README aren't registered/present.
from hiera-eyaml-gpg.
I was also noticing that the help output did not have the --gpg-* options listed.
# eyaml -h
Hiera-eyaml is a backend for Hiera which provides OpenSSL encryption/decryption for Hiera properties
[snip]
--label, -l <s>: Apply a label to the encrypted result
--pkcs7-private-key, -k <s>: Private key directory (default: ./keys/private_key.pkcs7.pem)
--pkcs7-public-key, -u <s>: Public key directory (default: ./keys/public_key.pkcs7.pem)
--version, -v: Print version and exit
--help, -h: Show this message
from hiera-eyaml-gpg.
Hmm... I'm on CentOS 6.4 as well, with ruby 1.8.7.
from hiera-eyaml-gpg.
Thanks for all the information guys - from what @Javins posted, it seems that the module is being discovered but the command line options are missing. I'll create a CentOS environment and see if I can reproduce what you've got.
from hiera-eyaml-gpg.
I've reproduced this now and it is connected with voxpupuli/hiera-eyaml#35 (gem on CentOS 6.4 is 1.3.4). The reason that it half works (the error message about no recipients comes from hiera-eyaml-gpg) is that the mechanisms for finding all the plugins and finding a named plugin are different.
If you build your own gem for hiera-eyaml then you should find this problem goes away (I'm afraid that hiera-eyaml is a little behind for gem cutting, you might want to pop a +1 on the issue above to encourage the repo owner). On my CentOS VM I did the following (using the repo from telstra-digital containing the fix):
gem install rake bundler
git clone https://github.com/telstra-digital/hiera-eyaml.git
cd hiera-eyaml
rake build
gem uninstall hiera-eyaml --executables
gem install pkg/hiera-eyaml-1.3.4.gem
This uses the same version number but allows successful lookup of the plugin gems.
from hiera-eyaml-gpg.
Thanks for taking the time to look at this @sihil!
Your workaround helped me understand what is going on. I'll keep an eye on that pull request.
from hiera-eyaml-gpg.
Alternative workaround that doesn't include building telestra-digital's head code: Make sure rubygems is > 1.8:
$ gem --version
1.3.7
$ gem update --system
$ gem --version
2.1.10
// any gem cleanup you need to do
$ gem install hiera-eyaml-gpg
$ eyaml -n gpg -e -s 'admin' --gpg-recipients "[email protected]"
Alas, it doesn't look like the standard CentOS repos have anything more current than rubygems 1.3.7 available.
See https://github.com/puppetlabs/puppetlabs-ruby/blob/master/manifests/init.pp for ideas about codifying a more current rubygems requirement in a puppet manifest.
from hiera-eyaml-gpg.
Just a heads up that this, and a bunch of other issues have been fixed in more recent versions of hiera-eyaml - update to 1.3.8 and you should be set.
from hiera-eyaml-gpg.
Related Issues (20)
- Cannot edit files if you don't have a private key HOT 7
- Checking that we trust recipients breaks GPG's web of trust model HOT 1
- default recipient file not looked for in cwd hierarchy HOT 3
- missing git tags HOT 1
- wrong version in version.rb HOT 2
- Editing encrypted credentials fails on GPG v1
- eyaml incorrectly errors when it cannot decrypt a key HOT 6
- undefined method `value' for nil:NilClass
- blank lines in a recipients file results in the first key in the being used to encrypt the secrets
- hiera5 support HOT 8
- Using gpg 2.1 and long gpghome paths fails without meaningful error
- Output eyaml filepath and key when decryption fails HOT 1
- Cannot decrypt !
- Does not work with Puppet 5.5.3 HOT 5
- 0.7.0 Release Summary
- Output is Garbled if contention occurs on GPG random_seed.
- new release for GPG error output fix HOT 2
- Also use default gpg recipients file with `eyaml encrypt`
- not usable for encryption on windows due gpgme problem HOT 1
- gpg invocation discards stderr and leaves tempfiles behind
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hiera-eyaml-gpg.