diff --git a/pkgs/clan-cli/clan_cli/secrets/import_sops.py b/pkgs/clan-cli/clan_cli/secrets/import_sops.py
index 82ae7737..b0ee2756 100644
--- a/pkgs/clan-cli/clan_cli/secrets/import_sops.py
+++ b/pkgs/clan-cli/clan_cli/secrets/import_sops.py
@@ -1,9 +1,9 @@
 import argparse
 import json
-import subprocess
 import sys
 from pathlib import Path
 
+from ..cmd import run
 from ..errors import ClanError
 from ..nix import nix_shell
 from .secrets import encrypt_secret, sops_secrets_folder
@@ -23,10 +23,8 @@ def import_sops(args: argparse.Namespace) -> None:
             cmd += ["--input-type", args.input_type]
         cmd += ["--output-type", "json", "--decrypt", args.sops_file]
         cmd = nix_shell(["nixpkgs#sops"], cmd)
-        try:
-            res = subprocess.run(cmd, check=True, text=True, stdout=subprocess.PIPE)
-        except subprocess.CalledProcessError as e:
-            raise ClanError(f"Could not import sops file {file}: {e}") from e
+
+        res = run(cmd, error_msg=f"Could not import sops file {file}")
         secrets = json.loads(res.stdout)
         for k, v in secrets.items():
             k = args.prefix + k
diff --git a/pkgs/clan-cli/clan_cli/secrets/sops_generate.py b/pkgs/clan-cli/clan_cli/secrets/sops_generate.py
index 405ab994..b4aadb83 100644
--- a/pkgs/clan-cli/clan_cli/secrets/sops_generate.py
+++ b/pkgs/clan-cli/clan_cli/secrets/sops_generate.py
@@ -2,12 +2,12 @@ import logging
 import os
 import shlex
 import shutil
-import subprocess
 import sys
 from pathlib import Path
 from tempfile import TemporaryDirectory
 from typing import Any
 
+from clan_cli.cmd import run
 from clan_cli.nix import nix_shell
 
 from ..errors import ClanError
@@ -60,13 +60,9 @@ export facts={shlex.quote(str(facts_dir))}
 export secrets={shlex.quote(str(secrets_dir))}
 {generator}
         """
-        try:
-            cmd = nix_shell(["nixpkgs#bash"], ["bash", "-c", text])
-            subprocess.run(cmd, check=True)
-        except subprocess.CalledProcessError:
-            msg = "failed to the following command:\n"
-            msg += text
-            raise ClanError(msg)
+        cmd = nix_shell(["nixpkgs#bash"], ["bash", "-c", text])
+        run(cmd)
+
         for name in secrets:
             secret_file = secrets_dir / name
             if not secret_file.is_file():