test.sh: Could not load secring

[KIVagant]

Hello.

The test doesn't work. Maybe I'm doing something wrong?

➔ ./test.sh
+++ Installing helm-secrets plugin
[OK] helm-ecrets plugin installed

+++ Importing private pgp key for projectx
gpg: key AF1D073646ED4927: "helm-secrets-example-projectx <helm-secrets-projectx@example.com>" not changed
gpg: key AF1D073646ED4927: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:  secret keys unchanged: 1

+++ Importing private pgp key for projectx
gpg: key 19F6A67BB1B8DDBE: "helm-secrets-example-projecty <helm-secrets-projecty@example.com>" not changed
gpg: key 19F6A67BB1B8DDBE: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:  secret keys unchanged: 1

+++ Show helm_vars tree from example
example/helm_vars/
├── .sops.yaml
├── projectX
│   ├── .sops.yaml
│   ├── production
│   │   └── us-east-1
│   │       └── java-app
│   │           ├── secrets.yaml
│   │           ├── secrets.yaml.dec
│   │           └── value.yaml
│   └── sandbox
│       └── us-east-1
│           └── java-app
│               ├── secrets.yaml
│               └── value.yaml
├── projectY
│   ├── .sops.yaml
│   ├── production
│   │   └── us-east-1
│   │       └── java-app
│   │           ├── secrets.yaml
│   │           └── value.yaml
│   └── sandbox
│       └── us-east-1
│           └── java-app
│               ├── secrets.yaml
│               └── value.yaml
├── secrets.yaml
└── values.yaml

14 directories, 14 files

+++ Testing ./example/helm_vars/projectX/production/us-east-1/java-app/secrets.yaml
+++ Encrypt and Test
[OK] File properly encrypted
+++ Test if 'Already Encrypted' feature works
[OK] Already Encrypted
+++ View encrypted Test
Could not decrypt the data key with any of the master keys:
	[GPG]: 4434EA5D05F10F59D0DF7399AF1D073646ED4927:	Could not load secring: open /Users/kivagant/.gnupg/secring.gpg: no such file or directory

Error: plugin "secrets" exited with error
[OK] File decrypted and viewable
+++ Decrypt
Could not decrypt the data key with any of the master keys:
	[GPG]: 4434EA5D05F10F59D0DF7399AF1D073646ED4927:	Could not load secring: open /Users/kivagant/.gnupg/secring.gpg: no such file or directory

Error: plugin "secrets" exited with error
General error

Update:

➔ gpg --version
gpg (GnuPG) 2.1.22
libgcrypt 1.8.0
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/kivagant/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2


➔ gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2019-07-31
/Users/kivagant/.gnupg/pubring.kbx
----------------------------------
pub   rsa4096 2017-05-04 [SC]
      4434EA5D05F10F59D0DF7399AF1D073646ED4927
uid         [ unknown] helm-secrets-example-projectx <helm-secrets-projectx@example.com>
sub   rsa4096 2017-05-04 [E]

pub   rsa4096 2017-05-04 [SC]
      40B6FAEC80FD467E3FE9421019F6A67BB1B8DDBE
uid         [ unknown] helm-secrets-example-projecty <helm-secrets-projecty@example.com>
sub   rsa4096 2017-05-04 [E]

[KIVagant]

Related to the getsops/sops#189

Workaround (for OSX):

brew uninstall gpg
brew install gpg1
ln -s /usr/local/bin/gpg1 /usr/local/bin/gpg

[szibis]

Yes, we use flow specified in SOPS for full compatibility.

https://github.com/mozilla/sops#11test-with-the-dev-pgp-key

I use the same version of gpg on Mac and all is working.

gpg (GnuPG) 2.1.22
libgcrypt 1.8.0
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/slawomirskowron/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

and gpg-agent with same version

gpg-agent (GnuPG) 2.1.22
libgcrypt 1.8.0
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Syntax: gpg-agent [options] [command [args]]
Secret key management for GnuPG

Please reopen if still there is something wrong.