-
Notifications
You must be signed in to change notification settings - Fork 877
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
age: improve identity loading, add tests, tidy #1064
Conversation
if err != nil { | ||
return nil, err | ||
return nil, fmt.Errorf("failed to open %s file: %w", SopsAgeKeyFileEnv, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The other option would be to log any loading failure, and only error if identities == 0
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this way is preferable. A bit more defense around user mistakes, especially in automation using sops.
This adds improvements to identity loading, extensive test coverage and a general tidying of bits of code. The improvements are based on a fork of the age key source in the Flux project's kustomize-controller, which was built due to SOPS' limitations around identity management without relying on runtime environment variables. - It introduces a `ParsedIdentity` type which contains a slice of age identities, and can be applied to the `MasterKey`. When applied, further loading of identities from the runtime environment is skipped for `Decrypt` operations. This is most useful when working with SOPS as an SDK, in combination with e.g. a local key service server implementation. - The `Identity` field has been deprecated in the `MasterKey` struct. Presence of the field was misleading, as it is not actually used. - Any detected identity reference is now loaded, instead of it assuming a priority order. This makes more sense, as age is able to work with a set of loaded identities. If no environment variables are defined, the existence of the keys.txt in the user's config directory is required. - Decrypt logs have been added to match other key sources. - Extensive test coverage. Signed-off-by: Hidde Beydals <hello@hidde.co>
if err != nil { | ||
return nil, err | ||
return nil, fmt.Errorf("failed to open %s file: %w", SopsAgeKeyFileEnv, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this way is preferable. A bit more defense around user mistakes, especially in automation using sops.
This is awesome, thank you @hiddeco! |
This adds improvements to identity loading, extensive test coverage
and a general tidying of bits of code. The improvements are based on a
fork of the age key source in the Flux project's kustomize-controller,
which was built due to SOPS' limitations around identity management
without relying on runtime environment variables.
ParsedIdentity
type which contains a slice of ageidentities, and can be applied to the
MasterKey
. When applied,further loading of identities from the runtime environment is skipped
for
Decrypt
operations. This is most useful when working with SOPSas an SDK, in combination with e.g. a local key service server
implementation.
Identity
field has been deprecated in theMasterKey
struct.Presence of the field was misleading, as it is not actually used.
a priority order. This makes more sense, as age is able to work with
a set of loaded identities. If no environment variables are defined,
the existence of the keys.txt in the user's config directory is
required.