Request: Support recrypt with new keys

voxpupuli / hiera-eyaml

A backend for Hiera that provides per-value asymmetric encryption of sensitive data

MIT License

527 stars 130 forks source link

Request: Support recrypt with new keys #277

Open michalmiddleton opened 5 years ago

michalmiddleton commented 5 years ago

I'd like to be able easily re-encrypt EYAML in my hiera files with a new key pair. Current feature recrypt only re-encrypts with the same keys.

vStone commented 4 years ago

On a side note: I resolved this by converting to plaintext (hiera-eyaml-plaintext) first and then to the new encryption method.

dbk-rabel commented 2 years ago

Hi.

Could you elaborate a little more, how you did resolve this?

Also I would also love to this feature implemented.

Yours David

michalmiddleton commented 2 years ago

Hi @dbk-rabel , I can share my script that I used to re-encrypt my hiera. Please note, it's a quick hack put together and it only supports secrets encrypted on a single line (ie no heredoc / block). I uploaded it here https://github.com/michalmiddleton/hiera-re-encrypt

dbk-rabel commented 2 years ago

Thank you very much @michalmiddleton !