From ab8bd7699598703ef2d5031fb2aa18eea2855ca3 Mon Sep 17 00:00:00 2001 From: Matthew Trew Date: Thu, 17 Oct 2024 15:48:32 +0100 Subject: [PATCH] Don't ask for GPG key passphrase --- deploy.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/deploy.py b/deploy.py index 4a74ef5568..5726918bda 100644 --- a/deploy.py +++ b/deploy.py @@ -169,10 +169,7 @@ def update_config(ctx): print(f"# Update configuration files") ask_to_run_command(f"cd /local/data && ./fetch-isaac-sops-config.sh") print(f"# Decrypt configuration files") - # GPG would normally prompt us for the key password, but it's not possible to answer that prompt through subprocess.run(). - # Instead, we ask for it here and pass it in to the subprocess as an environment variable. - gpg_password = getpass.getpass("Enter password for SOPS GPG key: ") - ask_to_run_command(f"cd /local/src/isaac-sops-config && ./deploy_in_docker.sh /local/data/keys/$(hostname)_gpg.ppk /local/src/isaac-sops-config /local/data/isaac-sops-config-decrypted {ctx['env']} {ctx['site']}", env_vars={"GPG_KEY_PASSWORD": gpg_password}) + ask_to_run_command(f"cd /local/src/isaac-sops-config && ./deploy_in_docker.sh /local/data/keys/$(hostname)_gpg.ppk /local/src/isaac-sops-config /local/data/isaac-sops-config-decrypted {ctx['env']} {ctx['site']}") def run_db_migrations(ctx):