fix & simplify edit-secrets

edit-secrets

@@ -32,19 +32,13 @@ if [ "x$1" != "x-l" ]; then
 
     trap "rm -f $TMPFILE $TMPFILE2" EXIT
 
-    ssh -t $host /var/cache/cosmos/repo/edit-secrets -l
+    ssh -t root@$host /var/cache/cosmos/repo/edit-secrets -l
-    scp -q $host:$LAST_OUTPUT_FILENAME $TMPFILE
+    scp -q root@$host:$LAST_OUTPUT_FILENAME $TMPFILE
 
     if grep ^"STATUS=UPDATED" $TMPFILE > /dev/null; then
 	# extract the path of the file that should be updated in the Cosmos repo
-        save_to=$(grep ^"SAVE_TO=" $TMPFILE | cut -d = -f 2-)
+        save_to="${host}/overlay/etc/hiera/data/secrets.yaml.asc"
-	if [ ! -f $save_to ]; then
+        mkdir -p "`dirname $save_to`"
-	    echo "$0: Output file $save_to doesn't exist"
-	    echo "    (leaving output in $TMPFILE)"
-	    rm $TMPFILE2
-	    trap EXIT  # clear trap command to preserve $TMPFILE
-	    exit 1
-	fi
 	# extract the GPG output
 	perl -e '$a = 0; while (<>) { $a = 1 if ($_ =~ /-+BEGIN PGP MESSAGE-+/);
                  print $_ if $a; $a = 0 if ($_ =~ /-+END PGP MESSAGE-+/); }' < $TMPFILE > $TMPFILE2
@@ -132,17 +126,10 @@ else
     # figure out this hosts gpg key id
     recipient=$($GPG --list-secret-key | grep ^sec | head -1 | awk '{print $2}' | cut -d / -f 2)
 
-    save_to="`hostname --fqdn`/overlay${SECRETFILE}"
     echo ""
     (
 	echo "STATUS=UPDATED"
-	echo "SAVE_TO=$save_to"
 	echo ""
     ) > $LAST_OUTPUT_FILENAME
     $GPG --output - --armor --recipient $recipient --sign --encrypt $TMPFILE >> $LAST_OUTPUT_FILENAME
-    echo ""
-    echo "GPG output saved in $LAST_OUTPUT_FILENAME - save it in Cosmos as"
-    echo ""
-    echo "  $save_to"
-    echo ""
 fi