/
sops.py
30 lines (24 loc) · 1.1 KB
/
sops.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
import os
import subprocess
import sys
def key_check():
if not os.getenv('SOPS_KMS_ARN'):
sys.exit("You must obtain the master key and export it in the 'SOPS_KMS_ARN' environment variable")
def decrypt(secret_file_dir, secret_file_name):
key_check()
secret_file_path = os.path.join(secret_file_dir, secret_file_name)
temp_secret_file_path = os.path.join(secret_file_dir, "tmp-" + secret_file_name)
os.rename(secret_file_path, temp_secret_file_path)
with open(secret_file_path, "w") as decrypted_file:
subprocess.call(["sops", "-d", temp_secret_file_path], stdout=decrypted_file)
def decrypt_cleanup(secret_file_dir, secret_file_name):
secret_file_path = os.path.join(secret_file_dir, secret_file_name)
temp_secret_file_path = os.path.join(secret_file_dir, "tmp-" + secret_file_name)
os.remove(secret_file_path)
os.rename(temp_secret_file_path, secret_file_path)
def edit_secret(secret_file_path):
key_check()
subprocess.call(["sops", secret_file_path])
def view_secret(secret_file_path):
key_check()
subprocess.call(["sops", "-d", secret_file_path])