From 614a12443ab14a4a84e6697d8bc251803498b2ac Mon Sep 17 00:00:00 2001
From: Christian Boltz <cboltz@opensuse.org>
Date: Apr 08 2021 19:44:08 +0000
Subject: Merge branch 'oreinert/encrypt-pillar-fixes' into 'production'


encrypt_pillar.sh: prompt for secret on stderr

See merge request infra/salt!480
---

diff --git a/bin/encrypt_pillar.sh b/bin/encrypt_pillar.sh
index f9066f3..164be06 100755
--- a/bin/encrypt_pillar.sh
+++ b/bin/encrypt_pillar.sh
@@ -20,14 +20,14 @@ while getopts mh arg; do
 done
 
 if [[ -n $MULTILINE ]]; then
-    echo "Please type the lines that you want to encrypt, and press CTRL+D when done"
+    echo "Please type the lines that you want to encrypt, and press CTRL+D when done:" >/dev/stderr
     STRING=$(cat)
 else
-    echo "Please type the string that you want to encrypt"
+    echo "Please type the string that you want to encrypt:" >/dev/stderr
     read STRING
 fi
 
-[[ -z $STRING ]] && echo "ERROR: Input was empty" && exit 1
+[[ -z $STRING ]] && echo "ERROR: Input was empty" >/dev/stderr && exit 1
 
 RECIPIENTS=$(egrep '^\s*0x' encrypted_pillar_recipients | while read i; do echo "-r $i"; done | xargs)
 echo -n "${STRING}" | gpg --armor --batch --trust-model always --encrypt ${RECIPIENTS}
diff --git a/encrypted_pillar_recipients b/encrypted_pillar_recipients
index 87b149d..5c45b8e 100644
--- a/encrypted_pillar_recipients
+++ b/encrypted_pillar_recipients
@@ -6,8 +6,6 @@
 0xCE054B2AF62B7584
 # Martin Caj <mcaj@suse.com>
 0x2E77A13011F5D3C2
-# Karol Babioch <kbabioch@suse.de>
-0xDF49418F6267267B
 # Ricardo Klein <rklein@suse.com>
 0xC1B58F3E048F6BC7