-
-
Notifications
You must be signed in to change notification settings - Fork 496
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement in place YAML encrypting/decrypting #162
Conversation
3ebf052
to
1d20ce7
Compare
Hi @FiloSottile 👋 I am wondering if I could get your feedback on this ? Thank you and happy holidays 🥳 |
862e895
to
e0a2c3e
Compare
All right, I'm pretty happy with the current state of this PR. I believe it could be really useful for gitops. |
Hi @FiloSottile, I'd like to know if you interested in merging this feature. Regards. |
I would be extremely surprised if Filippo was willing to merge this feature. age is so far a totally general purpose encryption tool, while this merge requests caters to a very specific and opinionated use and a single file format. Merging such additional features means additional work with maintaining them down the road, or perhaps even opens some unexpected holes. |
@wgslr Filippo seemed to like this feature.
Yes, but if you follow this line you get nothing done. I made sure to have a proper test coverage in both the YAML wrapper I made for this and in this PR so that the maintaining effort is lowered to an acceptable level.
I don't see how spreading maintaining efforts across multiple projects can be beneficial to anyone. Anyway, I must admit I'm counting on this being merged into the official project to have some leverage for getting the same kind of YAML support merged into https://github.com/kubernetes-sigs/kustomize/. I see it as a 2 way street:
|
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
Hi, Since I did not get feedback on this I've decided to maintain this in its own repo and close this. Regards. |
I think there is a great lack of a tooling which would allow in place encrypting/decrypting of YAML data.
Working the Ops side of DevOps I have a lot of YAML (mostly kubernetes manifests) with sensitive data I'd like to encrypt so that I can give access to the repos holding those manifests to my whole R&D.
Implemented in this PR: