Support sops updatekeys behavior when keys are modified in .sops.yaml

[mg-christian-axelsson]

Problem Statement

Originally reported in the old repository as zendesk/helm-secrets#147

When .sops.yaml have keys added/removed there should be a good way to re-encrypt files with the new keys, similar to sops updatekeys (https://github.com/mozilla/sops#updatekeys-command).

Proposed Solution

No response

Environment

• Helm Version:
• Helm Secrets Version:
• OS:
• Shell:

Additional information

No response

Acceptance Criteria

No response

[jkroepke]

whats is issue to use sops updatekeys directly?

[mg-christian-axelsson]

whats is issue to use sops updatekeys directly?

None really except for some ergonomics. sops doesn't like accept with non-standard filenames like cluster.rkestate without forcing the format while helm secret does (by assuming yaml I guess).

Please close this issue if the functionality is out of scope for the project :)

[jkroepke]

sops doesn't like accept with non-standard filenames like cluster.rkestate without forcing the format while helm secret does (by assuming yaml I guess).

helm secrets is not more than a wrapper around sops and alternatives. helm secrets forces YAML with sops --input-type yaml --output-type yaml.

Not sure, if sops updatekeys --input-type yaml --output-type yaml cluster.rkestate helps you.

I'm will close is, since I would say using sops directly here should fit more the most cases.