Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sops not work with GCP, I got timeout. #1570

Open
spidemen2 opened this issue Jul 31, 2024 · 2 comments
Open

Sops not work with GCP, I got timeout. #1570

spidemen2 opened this issue Jul 31, 2024 · 2 comments

Comments

@spidemen2
Copy link

| failed to decrypt sops data key with GCP KMS key: context
| deadline exceeded

I did login GCP and still cannot make it work

It always timeout with vpn or without vpn.

@joshbrand
Copy link

joshbrand commented Nov 6, 2024

seeing this as well, on sops 3.9.1 with GCP KMS curiously in our case, disabling VPN (tailscale) makes sops succeed. 3.9.0 works in both cases.

example output:

➜ sops --verbose -d test.enc.yaml   
[GCPKMS]         INFO[0060] Decryption failed                             resourceID=[redacted]
Failed to get the data key required to decrypt the SOPS file.

Group 0: FAILED
  [redacted]: FAILED
    - | failed to decrypt sops data key with GCP KMS key: context
      | deadline exceeded

Recovery failed because no master key was able to decrypt the file. In
order for SOPS to recover the file, at least one key has to be successful,
but none were.

@smelchior
Copy link

I also ran into the same behavior with a GCP KMS key. Seems a bit odd that a VPN changes the way sops works?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants