Skip to content
This repository has been archived by the owner on Nov 23, 2024. It is now read-only.

Suppress decrypted file list from helm secrets template output #132

Open
yujunz opened this issue Aug 21, 2019 · 5 comments
Open

Suppress decrypted file list from helm secrets template output #132

yujunz opened this issue Aug 21, 2019 · 5 comments

Comments

@yujunz
Copy link

yujunz commented Aug 21, 2019

I want to pipe the output of helm secrets template to some yaml processor while an error occurred because an extra line in the output

...

files/secrets.yaml.dec

It seems helm secrets print the list of decrypted files to stdout. Is it possible to suppress this message?

@ilionblaze
Copy link

This is the same issue I described here: #126

jimeh added a commit to jimeh/helm-secrets that referenced this issue Sep 23, 2019
For all wrapped Helm commands the list of decrypted files is printed as
they get removed at the end of plugin execution. For the `template`
command this is undesired, as it means you cannot simply run `helm
secrets template` and get valid YAML output.

This change suppresses the output of deleted files for the `template`
only, meaning it does not alter the behavior of other commands, but just
fixes the `template` command to work as I imagine most people would
expect it to work.

[Fixes issues zendesk#126 and zendesk#132]
@lodotek
Copy link

lodotek commented Feb 17, 2020

Bump. 👀

@guice
Copy link

guice commented Mar 26, 2020

Came here for this. helm secrets needs a --quiet option, pressing all output, except desired (e.g. templates would output the template).

@guice
Copy link

guice commented Mar 27, 2020

I want to point out this fundamentally breaks a helm template's use case of allowing you to pipe into kubectl apply - e.g. helm template | kubectl apply -f -

When there's a newer .dec file, you're given a prefix line saying the .dec is newer, then the template. When there is not, you're given a suffix line outputting the decrypted file. This makes is horrible in developing automated systems to pipe out to kubectl. I actually had to manually decrypt the file first, just so I can predict the output being on the first line so I can remove it first, before sending to kubectl.

In my opinion, this needs to be moved up in priority. How do we get more sights on this issue?

@mosen
Copy link

mosen commented May 27, 2020

Just ran into this. Unfortunately will need to fork as this interferes with the helm template workflow. A good philosophy might be that helm secrets should produce stdout that is YAML compatible comments, a list of files preceded with # would have avoided this issue.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants