fix: improve error message when decryption fails and fix helm charts …

…imagePullPolicy (#25)

Makefile

@@ -1,6 +1,6 @@
 SHELL := /bin/bash
 GO := GO15VENDOREXPERIMENT=1 GO111MODULE=on GOPROXY=https://proxy.golang.org go
-SOPS_SEC_OPERATOR_VERSION := 0.1.2
+SOPS_SEC_OPERATOR_VERSION := 0.1.3
 
 # https://github.com/kubernetes-sigs/controller-tools/releases
 CONTROLLER_TOOLS_VERSION := "v0.2.5"
@@ -37,7 +37,7 @@ reindex-helm: package-helm
 	}
 
 ## test: Run tests
-test: package-helm generate fmt vet manifests
+test: generate fmt vet manifests
 	USE_EXISTING_CLUSTER=${USE_EXISTING_CLUSTER} go test ./... -coverprofile cover.out
 
 ## manager: Build manager binary

chart/helm2/sops-secrets-operator/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v1
-version: 0.3.2
-appVersion: 0.1.2
+version: 0.3.3
+appVersion: 0.1.3
 description: sops secrets operator
 name: sops-secrets-operator
 sources:

chart/helm2/sops-secrets-operator/templates/operator.yaml

@@ -29,6 +29,7 @@ spec:
       initContainers:
         - name: init-myservice
           image: debian:buster
+          imagePullPolicy: Always
           command: ['/bin/sh', '-c', 'cp -Lr /var/secrets/gpg-secrets/* /var/secrets/gpg/']
           volumeMounts:
           - mountPath: /var/secrets/gpg
@@ -62,7 +63,6 @@ spec:
           args:
           #- "--metrics-addr=127.0.0.1:8080"
           - "--enable-leader-election"
-          imagePullPolicy: Always
           env:
             - name: POD_NAME
               valueFrom:

chart/helm2/sops-secrets-operator/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1  # Deployment replica count  - should not be modified
 
 image:
   repository: isindir/sops-secrets-operator  # Operator image
-  tag: 0.1.2  # Operator image tag
+  tag: 0.1.3  # Operator image tag
   pullPolicy: Always  # Operator image pull policy
 
 imagePullSecrets: []  # Secrets to pull image from private docker repository

chart/helm3/sops-secrets-operator/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
-version: 0.4.3
-appVersion: 0.1.2
+version: 0.4.4
+appVersion: 0.1.3
 type: application
 description: sops secrets operator
 name: sops-secrets-operator

chart/helm3/sops-secrets-operator/templates/operator.yaml

@@ -29,6 +29,7 @@ spec:
       initContainers:
         - name: init-myservice
           image: debian:buster
+          imagePullPolicy: Always
           command: ['/bin/sh', '-c', 'cp -Lr /var/secrets/gpg-secrets/* /var/secrets/gpg/']
           volumeMounts:
           - mountPath: /var/secrets/gpg
@@ -62,7 +63,6 @@ spec:
           args:
           #- "--metrics-addr=127.0.0.1:8080"
           - "--enable-leader-election"
-          imagePullPolicy: Always
           env:
             - name: POD_NAME
               valueFrom:

chart/helm3/sops-secrets-operator/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1  # Deployment replica count  - should not be modified
 
 image:
   repository: isindir/sops-secrets-operator  # Operator image
-  tag: 0.1.2  # Operator image tag
+  tag: 0.1.3  # Operator image tag
   pullPolicy: Always  # Operator image pull policy
 
 imagePullSecrets: []  # Secrets to pull image from private docker repository

controllers/sopssecret_controller.go

@@ -317,6 +317,9 @@ func customDecryptData(data []byte, format string) (cleartext []byte, err error)
 		return nil, err
 	}
 	key, err := tree.Metadata.GetDataKey()
+	if userErr, ok := err.(sops.UserError); ok {
+		err = fmt.Errorf(userErr.UserError())
+	}
 	if err != nil {
 		return nil, err
 	}

docs/index.yaml

@@ -1,9 +1,24 @@
 apiVersion: v1
 entries:
   sops-secrets-operator:
+  - apiVersion: v2
+    appVersion: 0.1.3
+    created: "2020-09-27T21:08:08.259353+01:00"
+    description: sops secrets operator
+    digest: c6f5179aed0914a2129ca3d64dc082fceaa09ea65b08eb725b9532defa749e52
+    maintainers:
+    - email: [email protected]
+      name: isindir
+    name: sops-secrets-operator
+    sources:
+    - https://github.com/isindir/sops-secrets-operator.git
+    type: application
+    urls:
+    - https://isindir.github.io/sops-secrets-operator/sops-secrets-operator-0.4.4.tgz
+    version: 0.4.4
   - apiVersion: v2
     appVersion: 0.1.2
-    created: "2020-09-21T11:45:24.08455+01:00"
+    created: "2020-09-27T21:08:08.258046+01:00"
     description: sops secrets operator
     digest: 4cd536dcadc61ae6d66324aa9ba4a5aebb73ac719068be0675094a65c1f0d551
     maintainers:
@@ -18,7 +33,7 @@ entries:
     version: 0.4.3
   - apiVersion: v2
     appVersion: 0.1.2
-    created: "2020-09-21T11:45:24.083836+01:00"
+    created: "2020-09-27T21:08:08.256379+01:00"
     description: sops secrets operator
     digest: 043c4ddcfcae1adbd50e98eaa66a917e59044071efc858bed50fcc716d7df2c0
     maintainers:
@@ -33,7 +48,7 @@ entries:
     version: 0.4.2
   - apiVersion: v2
     appVersion: 0.1.1
-    created: "2020-09-21T11:45:24.083085+01:00"
+    created: "2020-09-27T21:08:08.254776+01:00"
     description: sops secrets operator
     digest: 7067eee2ab76e1274f58031707fc422969b6d3d5f771bd76ad43e532496439e0
     maintainers:
@@ -48,7 +63,7 @@ entries:
     version: 0.4.1
   - apiVersion: v2
     appVersion: 0.1.0
-    created: "2020-09-21T11:45:24.081435+01:00"
+    created: "2020-09-27T21:08:08.253433+01:00"
     description: sops secrets operator
     digest: f4d9ba94db37d679af817d759bb64aebb7605530b0ba412e264b051440ff3765
     maintainers:
@@ -61,9 +76,23 @@ entries:
     urls:
     - https://isindir.github.io/sops-secrets-operator/sops-secrets-operator-0.4.0.tgz
     version: 0.4.0
+  - apiVersion: v1
+    appVersion: 0.1.3
+    created: "2020-09-27T21:08:08.252425+01:00"
+    description: sops secrets operator
+    digest: f61b070b640169439cf4ab500047c1e356748a85871f7aeefde46d63d87d453a
+    maintainers:
+    - email: [email protected]
+      name: isindir
+    name: sops-secrets-operator
+    sources:
+    - https://github.com/isindir/sops-secrets-operator.git
+    urls:
+    - https://isindir.github.io/sops-secrets-operator/sops-secrets-operator-0.3.3.tgz
+    version: 0.3.3
   - apiVersion: v1
     appVersion: 0.1.2
-    created: "2020-09-21T11:45:24.080166+01:00"
+    created: "2020-09-27T21:08:08.251772+01:00"
     description: sops secrets operator
     digest: 2b37dc4e545e8a9540f6b7693079b98bf161ec5a68899defcfc9420bdcbb33e3
     maintainers:
@@ -77,7 +106,7 @@ entries:
     version: 0.3.2
   - apiVersion: v1
     appVersion: 0.1.1
-    created: "2020-09-21T11:45:24.079511+01:00"
+    created: "2020-09-27T21:08:08.250509+01:00"
     description: sops secrets operator
     digest: 2e2762b8f9d66aab0caacde225955fec8bfd5a4cc10dc6943a1de3809dda4091
     maintainers:
@@ -91,7 +120,7 @@ entries:
     version: 0.3.1
   - apiVersion: v1
     appVersion: 0.1.0
-    created: "2020-09-21T11:45:24.078477+01:00"
+    created: "2020-09-27T21:08:08.249265+01:00"
     description: sops secrets operator
     digest: ce84f5b64402a582c7689cb842ba03fb10f968c38b57dc9e05f588493128019a
     maintainers:
@@ -105,7 +134,7 @@ entries:
     version: 0.3.0
   - apiVersion: v2
     appVersion: 0.0.10
-    created: "2020-09-21T11:45:24.077093+01:00"
+    created: "2020-09-27T21:08:08.24795+01:00"
     description: sops secrets operator
     digest: 504fd74af156d7287e52844c5bcd6acff9b43fc67ad960c13272468de22c7807
     maintainers:
@@ -120,7 +149,7 @@ entries:
     version: 0.2.1
   - apiVersion: v1
     appVersion: 0.0.10
-    created: "2020-09-21T11:45:24.074971+01:00"
+    created: "2020-09-27T21:08:08.246848+01:00"
     description: sops secrets operator
     digest: 50b8ebab19008dfc43de1eaee8b0f6287f7a55134585dc6ae88df2520d779f8f
     maintainers:
@@ -132,4 +161,4 @@ entries:
     urls:
     - https://isindir.github.io/sops-secrets-operator/sops-secrets-operator-0.1.10.tgz
     version: 0.1.10
-generated: "2020-09-21T11:45:24.073618+01:00"
+generated: "2020-09-27T21:08:08.245403+01:00"