crash with 2 sops_dotenv and an extract

[teto]

I haven't linked the secrets file but in one of my .novops.yaml

    sops_dotenv:
      - file: deploysecrets.dev.yaml
      - file: nixos/secrets.dev.yaml
        extract: '["sshPrivateKey"]'   

novops load triggers:

❌130 ❯ RUST_BACKTRACE=1 novops load -e dev -s .envrc
thread 'main' panicked at src/modules/sops.rs:121:52:
called `Option::unwrap()` on a `None` value
stack backtrace:
   0: rust_begin_unwind
   1: core::panicking::panic_fmt
   2: core::panicking::panic
   3: <novops::modules::sops::SopsDotenvInput as novops::core::ResolveTo<alloc::vec::Vec<novops::modules::variables::VariableOutput>>>::resolve::{{closure}}
   4: novops::load_context_and_resolve::{{closure}}
   5: novops::main::{{closure}}
   6: tokio::runtime::park::CachedParkThread::block_on
   7: tokio::runtime::context::runtime::enter_runtime
   8: tokio::runtime::runtime::Runtime::block_on
   9: novops::main
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

if I remove the "extract" novops doesn't crash

    sops_dotenv:
      - file: deploysecrets.dev.yaml
      - file: nixos/secrets.dev.yaml

this happens with this version b8e9590

[PierreBeucher]

Oh. Will take a look asap

[PierreBeucher]

Can you share an example with encrypted and clear SOPS files please? And your sops --version. I can't reproduce as-is.

The problem comes from

novops/src/modules/sops.rs

Line 121 in b8e9590

let (name, value) = line.split_once('=').unwrap();

This module uses sops --output-type dotenv option which supposedly outputs lines to stdout like

KEY=VALUE
FOO=BAR

But for some reason SOPS returns a line on stdout which is not a key=value pair as expected (it does not contain = character), hence the issue.

Admittedly this naïve method is not good enough, we should either ignore or error safely on lines not containing = but I can't find the reason behind this SOPS behavior.

[PierreBeucher]

@teto ping :) can you provide the data you used please?