From 1b593f6e74ba8806a56bf687a43d4293dcc94863 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Tue, 25 Oct 2022 09:55:14 +0200
Subject: [PATCH] add task to re-encrypt files

---
 tasks.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tasks.py b/tasks.py
index 6cb9218..c71b980 100644
--- a/tasks.py
+++ b/tasks.py
@@ -89,6 +89,26 @@ def _format_disks(host: DeployHost, devices: List[str]) -> None:
     host.run(f"mount -t ext4 /dev/md127 /mnt/boot")
 
 
+@task
+def update_sops_files(c):
+    """
+    Update all sops yaml and json files according to .sops.yaml rules
+    """
+
+    c.run(
+        """
+find . \
+        -not -path "./.github/*" \
+        -not -path "./.mergify.yml" \
+        -not -path "./_config.yml" \
+        -type f \
+        \( -iname '*.enc.json' -o -iname '*.yaml' \) \
+        -print0 | \
+        xargs -0 -n1 sops updatekeys --yes
+"""
+    )
+
+
 @task
 def format_disks(c, hosts="", disks=""):
     """