k8s-deployment/scripts/sops_check.sh

#!/usr/bin/env bash
set -e

# -- Default exit status, that should be thrown
# -- when all the secrets are encrypted
EXIT_STATUS=0

for secrets in $(find . -type 'f' -name 'secrets.*'); do
    echo "Checking ${secrets}"
    STATUS=$(sops filestatus $secrets)
    if [[ "${STATUS}" == *"false"* ]]; then
        echo "ERROR: Found an unencrypted secret: $secrets"
        EXIT_STATUS=1
        sops encrypt -i $secrets;
    fi;
done

exit "${EXIT_STATUS}"
Refactor everything a bit 2024-09-11 21:19:35 +00:00			`#!/usr/bin/env bash`
			`set -e`

More pre-commit logic and fixes 2024-10-30 12:35:38 +00:00			`# -- Default exit status, that should be thrown`
			`# -- when all the secrets are encrypted`
			`EXIT_STATUS=0`

			`for secrets in $(find . -type 'f' -name 'secrets.*'); do`
			`echo "Checking ${secrets}"`
			`STATUS=$(sops filestatus $secrets)`
			`if [[ "${STATUS}" == "false" ]]; then`
			`echo "ERROR: Found an unencrypted secret: $secrets"`
			`EXIT_STATUS=1`
			`sops encrypt -i $secrets;`
			`fi;`
			`done`

			`exit "${EXIT_STATUS}"`