search

cole-h / agenix-cli

Companion tool to https://github.com/ryantm/agenix
Apache License 2.0
31 stars 3 forks source link

--rekey should accept list of files or only change files that need to be updated #10

Open Gerschtli opened 2 years ago

Gerschtli commented 2 years ago

Hey,

I will shortly explain a use case: I have two systems, each of them has two secrets. If I change the key for system A, I want to run rekey and only update the secrets that are affected by the change of the key of system A. Currently, all four secrets will be updated.

├── system-a/
│   ├── secret-1
│   └── secret-2
└── system-b/
    ├── secret-1
    └── secret-2
  1. Is it possible for agenix to recognize that only two of the four secrets should be updated?
  2. If not, could you add a possibility that the CLI accepts multiple files instead of only one? (like agenix -r secrets/a secrets/b)
cole-h commented 2 years ago

"Smartly" detecting which secrets should be updated is not something I want to (attempt to) support.

Is for secret in system-a/**; do agenix -r "$secret"; done not a good solution for you? I'm hesitant to allow working with multiple paths (and by extension, rekeying them) because agenix only supports working on one path at a time at the moment.

Gerschtli commented 2 years ago

I am fine with the for loop, just thought it would be a good improvement for the CLI to be more user friendly and flexible.