Update README.md

[573]

Add parameter to do the right thing, see getsops/sops#856 (comment)

Summary by CodeRabbit

• Documentation
  • Updated README usage example to demonstrate encrypting a secret with sops (via nix-shell) instead of decrypting.
  • Clarifies the expected side effects when running the example, reducing confusion for users following the guidance.
  • Improves alignment of instructions with the encryption workflow.

[coderabbitai]

Walkthrough

The README usage example was updated to show encrypting a secret with sops instead of decrypting. The nix-shell invocation now uses "sops --encrypt secrets/example.yaml" in place of "sops secrets/example.yaml".

Changes

Cohort / File(s)	Summary
Docs README.md	Revised usage example: replaced decryption-style command with encryption command using sops --encrypt secrets/example.yaml.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

I twitch my whiskers at README’s tweak,
Encrypt, don’t peek—security chic!
A hop, a bop, a sops-y rhyme,
Secrets sealed snug every time.
Carrot-typed keys, locked tight—how neat!
Thump of approval from my fuzzy feet.

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title Check	❓ Inconclusive	The title “Update README.md” is overly generic and merely indicates that the README was changed without conveying that the core update is altering the usage example to encrypt secrets with sops rather than decrypt them. This lack of detail makes it hard for reviewers and future readers to quickly grasp the purpose of the pull request from the title alone.	Please revise the title to clearly summarize the main change, for example “Update README usage example to encrypt secrets with sops,” so that its intent is immediately apparent.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6e5a38e and bd37242.

📒 Files selected for processing (1)

• README.md (1 hunks)

🧰 Additional context used

🪛 markdownlint-cli2 (0.18.1)

README.md

366-366: Dollar signs used before commands without showing output

(MD014, commands-show-output)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: tests

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

--encrypt breaks the “open editor” flow; revert or update text

sops --encrypt secrets/example.yaml won’t open an editor and will write encrypted output to stdout (and error if the file doesn’t exist). This contradicts the next line “This will start your configured editor…”. Revert to the interactive edit command.

Apply:

-$ nix-shell -p sops --run "sops --encrypt secrets/example.yaml"
+$ nix-shell -p sops --run "sops secrets/example.yaml"

If the intent was to encrypt an existing plaintext file instead, use sops --encrypt --in-place secrets/example.yaml and adjust the explanatory text accordingly.

Note: markdownlint MD014 also flags the $ prompt usage here; consider dropping $ or showing example output for compliance, for consistency across the doc.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	$ nix-shell -p sops --run "sops --encrypt secrets/example.yaml"
	$ nix-shell -p sops --run "sops secrets/example.yaml"

🧰 Tools

🪛 markdownlint-cli2 (0.18.1)

366-366: Dollar signs used before commands without showing output

(MD014, commands-show-output)

🤖 Prompt for AI Agents

In README.md around line 366, the command shown uses `sops --encrypt
secrets/example.yaml` which breaks the interactive “open editor” flow; replace
it with the interactive edit command (e.g., `sops secrets/example.yaml`) or, if
the intent is to encrypt an existing plaintext file in-place, use `sops
--encrypt --in-place secrets/example.yaml` and update the surrounding
explanatory text to match that behavior; also remove or standardize the `$`
prompt (or show example output) to satisfy markdownlint MD014 and keep
formatting consistent across the document.

[573]

The nix-shell -p sops --run "sops secrets/example.yaml" (see #844) does not need a change.
I should have rather checked that all sops files fullfilled correctness criteria, i.e. .sops.yaml was really working as it did not when I stumpled over that.