mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-07 15:06:03 +02:00
misc/vault-keyring-client.sh: add flock workaround
Otherwise running terraform under tf-stage2 will often fail with: > ansible.errors.AnsibleError: Vault password client script > ../misc/vault-keyring-client.sh did not find a secret for > vault-id=default: b'gpg: decryption failed: No secret key\n'
This commit is contained in:
parent
fd411020ce
commit
511b6ca4e1
|
@ -1,2 +1,8 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
exec gpg --batch --decrypt --quiet "$(dirname $0)/vault-$2-password.gpg"
|
|
||||||
|
readonly vault_password_file_encrypted="$(dirname $0)/vault-$2-password.gpg"
|
||||||
|
|
||||||
|
# often getting "gpg: decryption failed: No secret key" in tf-stage2
|
||||||
|
# seems to work with flock (issue last reproduced with gnupg 2.2.35)
|
||||||
|
flock "$vault_password_file_encrypted" \
|
||||||
|
gpg --batch --decrypt --quiet "$vault_password_file_encrypted"
|
||||||
|
|
Loading…
Reference in New Issue