stores

package
v3.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2024 License: MPL-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package stores acts as a layer between the internal representation of encrypted files and the encrypted files themselves.

Subpackages implement serialization and deserialization to multiple formats.

This package defines the structure SOPS files should have and conversions to and from the internal representation. Part of the purpose of this package is to make it easy to change the SOPS file format while remaining backwards-compatible.

Index

Constants

View Source 
const (
	// SopsMetadataKey is the key used to store SOPS metadata at in SOPS encrypted files.
	SopsMetadataKey = "sops"
)

Variables

View Source 
var ExampleComplexTree = sops.Tree{
	Branches: sops.TreeBranches{
		sops.TreeBranch{
			sops.TreeItem{
				Key:   "hello",
				Value: `Welcome to SOPS! Edit this file as you please!`,
			},
			sops.TreeItem{
				Key:   "example_key",
				Value: "example_value",
			},
			sops.TreeItem{
				Key:   sops.Comment{Value: " Example comment"},
				Value: nil,
			},
			sops.TreeItem{
				Key: "example_array",
				Value: []interface{}{
					"example_value1",
					"example_value2",
				},
			},
			sops.TreeItem{
				Key:   "example_number",
				Value: 1234.56789,
			},
			sops.TreeItem{
				Key:   "example_booleans",
				Value: []interface{}{true, false},
			},
		},
	},
}

ExampleComplexTree is an example sops.Tree object exhibiting complex relationships

View Source 
var ExampleFlatTree = sops.Tree{
	Branches: sops.TreeBranches{
		sops.TreeBranch{
			sops.TreeItem{
				Key:   sops.Comment{Value: " This is an example file."},
				Value: nil,
			},
			sops.TreeItem{
				Key:   "hello",
				Value: "Welcome to SOPS! Edit this file as you please!",
			},
			sops.TreeItem{
				Key:   "example_key",
				Value: "example_value",
			},
			sops.TreeItem{
				Key:   "example_multiline",
				Value: "foo\nbar\nbaz",
			},
		},
	},
}

ExampleFlatTree is an example sops.Tree object exhibiting only simple relationships with no nested branches and only simple string values

View Source 
var ExampleSimpleTree = sops.Tree{
	Branches: sops.TreeBranches{
		sops.TreeBranch{
			sops.TreeItem{
				Key: "Welcome!",
				Value: sops.TreeBranch{
					sops.TreeItem{
						Key:   sops.Comment{Value: " This is an example file."},
						Value: nil,
					},
					sops.TreeItem{
						Key:   "hello",
						Value: "Welcome to SOPS! Edit this file as you please!",
					},
					sops.TreeItem{
						Key:   "example_key",
						Value: "example_value",
					},
				},
			},
		},
	},
}

ExampleSimpleTree is an example sops.Tree object exhibiting only simple relationships with only one nested branch and only simple string values

Functions

func DecodeNewLines 

func DecodeNewLines(m map[string]interface{})

DecodeNewLines replaces \\n with \n for all string values in the map. Used by config stores that do not handle multi-line values (ini, dotenv).

func DecodeNonStrings 

func DecodeNonStrings(m map[string]interface{}) error

DecodeNonStrings will look for known metadata keys that are not strings and decode to the appropriate type

func EncodeNewLines 

func EncodeNewLines(m map[string]interface{})

EncodeNewLines replaces \n with \\n for all string values in the map. Used by config stores that do not handle multi-line values (ini, dotenv).

func EncodeNonStrings 

func EncodeNonStrings(m map[string]interface{})

EncodeNonStrings will look for known metadata keys that are not strings and will encode it to strings

func Flatten 

func Flatten(in map[string]interface{}) map[string]interface{}

Flatten flattens a map with potentially nested maps into a flat map. Only string keys are allowed on both the top-level map and child maps.

func FlattenMetadata 

func FlattenMetadata(md Metadata) (map[string]interface{}, error)

FlattenMetadata flattens a Metadata struct into a flat map.

func HasSopsTopLevelKey 

func HasSopsTopLevelKey(branch sops.TreeBranch) bool

HasSopsTopLevelKey returns true if the given branch has a top-level key called "sops".

func Unflatten 

func Unflatten(in map[string]interface{}) map[string]interface{}

Unflatten unflattens a map flattened by Flatten

Types

type Metadata 

type Metadata struct {
	ShamirThreshold           int         `yaml:"shamir_threshold,omitempty" json:"shamir_threshold,omitempty"`
	KeyGroups                 []keygroup  `yaml:"key_groups,omitempty" json:"key_groups,omitempty"`
	KMSKeys                   []kmskey    `yaml:"kms" json:"kms"`
	GCPKMSKeys                []gcpkmskey `yaml:"gcp_kms" json:"gcp_kms"`
	AzureKeyVaultKeys         []azkvkey   `yaml:"azure_kv" json:"azure_kv"`
	VaultKeys                 []vaultkey  `yaml:"hc_vault" json:"hc_vault"`
	AgeKeys                   []agekey    `yaml:"age" json:"age"`
	LastModified              string      `yaml:"lastmodified" json:"lastmodified"`
	MessageAuthenticationCode string      `yaml:"mac" json:"mac"`
	PGPKeys                   []pgpkey    `yaml:"pgp" json:"pgp"`
	UnencryptedSuffix         string      `yaml:"unencrypted_suffix,omitempty" json:"unencrypted_suffix,omitempty"`
	EncryptedSuffix           string      `yaml:"encrypted_suffix,omitempty" json:"encrypted_suffix,omitempty"`
	UnencryptedRegex          string      `yaml:"unencrypted_regex,omitempty" json:"unencrypted_regex,omitempty"`
	EncryptedRegex            string      `yaml:"encrypted_regex,omitempty" json:"encrypted_regex,omitempty"`
	MACOnlyEncrypted          bool        `yaml:"mac_only_encrypted,omitempty" json:"mac_only_encrypted,omitempty"`
	Version                   string      `yaml:"version" json:"version"`
}

Metadata is stored in SOPS encrypted files, and it contains the information necessary to decrypt the file. This struct is just used for serialization, and SOPS uses another struct internally, sops.Metadata. It exists in order to allow the binary format to stay backwards compatible over time, but at the same time allow the internal representation SOPS uses to change over time.

func MetadataFromInternal 

func MetadataFromInternal(sopsMetadata sops.Metadata) Metadata

MetadataFromInternal converts an internal SOPS metadata representation to a representation appropriate for storage

func UnflattenMetadata 

func UnflattenMetadata(in map[string]interface{}) (Metadata, error)

UnflattenMetadata unflattens a map flattened by FlattenMetadata into Metadata

func (*Metadata) ToInternal 

func (m *Metadata) ToInternal() (sops.Metadata, error)

ToInternal converts a storage-appropriate Metadata struct to a SOPS internal representation

type SopsFile 

type SopsFile struct {
	// Metadata is a pointer so we can easily tell when the field is not present
	// in the SOPS file by checking for nil. This way we can show the user a
	// helpful error message indicating that the metadata wasn't found, instead
	// of showing a cryptic parsing error
	Metadata *Metadata `yaml:"sops" json:"sops" ini:"sops"`
}

SopsFile is a struct used by the stores as a helper to unmarshal the SOPS metadata

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.