Error decrypting data

[fabricesemti80]

Hey @onedr0p

Trying to bootstrap cluster with this but hit a bit of a slag.

• I ran task sops:age-keygen and got the key / sops set up

fabrice in 🌐 devops0 in homecluster on  main [!] via 🐍 v3.11.2 (.venv) on ☁️  (eu-west-2)
❯ pwd
/home/fabrice/projects/kubernetes/homecluster

fabrice in 🌐 devops0 in homecluster on  main [!] via 🐍 v3.11.2 (.venv) on ☁️  (eu-west-2)
❯ cat age.key
# created: 2024-08-06T16:32:56+01:00
# public key: age1quueva6q8p7dd2pcxqv8nsr5q6pe52n403y7gx43paqxpx9clesqp60qf0
AGE-SECRET-KEY-_< key removed >_

fabrice in 🌐 devops0 in homecluster on  main [!] via 🐍 v3.11.2 (.venv) on ☁️  (eu-west-2)
❯ cat .sops.yaml
---
creation_rules:
  - # IMPORTANT: This rule MUST be above the others
    path_regex: talos/.*\.sops\.ya?ml
    key_groups:
      - age:
          - "age1quueva6q8p7dd2pcxqv8nsr5q6pe52n403y7gx43paqxpx9clesqp60qf0"
  - path_regex: kubernetes/.*\.sops\.ya?ml
    encrypted_regex: "^(data|stringData)$"
    key_groups:
      - age:
          - "age1quueva6q8p7dd2pcxqv8nsr5q6pe52n403y7gx43paqxpx9clesqp60qf0"

Seems like it is a-OK, got the publi/private key where I would want / need it.

• added pub key into the config, and run task configure; encryption seemed to work

fabrice in 🌐 devops0 in homecluster on  main [!] via 🐍 v3.11.2 (.venv) on ☁️  (eu-west-2)
❯ cat config.yaml | grep age
# (Required) Age Public Key (e.g. age1...)
#    > task sops:age-keygen
bootstrap_sops_age_pubkey: age1quueva6q8p7dd2pcxqv8nsr5q6pe52n403y7gx43paqxpx9clesqp60qf0
# 2. (Required) Flux details - Flux is used to manage the cluster configuration.

• alas bootstrap fails

  
  fabrice in 🌐 devops0 in homecluster on  main [!] via 🐍 v3.11.2 (.venv) on ☁️  (eu-west-2) took 8s
  ❯ task talos:bootstrap
  task: [talos:bootstrap] if [ ! -f "/home/fabrice/projects/kubernetes/homecluster/kubernetes/bootstrap/talos/talsecret.sops.yaml" ]; then
  talhelper gensecret > /home/fabrice/projects/kubernetes/homecluster/kubernetes/bootstrap/talos/talsecret.sops.yaml
  sops --encrypt --in-place /home/fabrice/projects/kubernetes/homecluster/kubernetes/bootstrap/talos/talsecret.sops.yaml
  fi

task: [talos:bootstrap] talhelper genconfig --config-file /home/fabrice/projects/kubernetes/homecluster/kubernetes/bootstrap/talos/talconfig.yaml --secret-file /home/fabrice/projects/kubernetes/homecluster/kubernetes/bootstrap/talos/talsecret.sops.yaml --out-dir /home/fabrice/projects/kubernetes/homecluster/kubernetes/bootstrap/talos/clusterconfig 2024/08/06 16:34:37 failed to generate talos config: Error getting data key: 0 successful groups required, got 0 task: Failed to run task "talos:bootstrap": exit status 1

What did I miss? 

[fabricesemti80]

Possibly my mistake - I think at some point config.yml was changed to config.yaml causing some mischief