daputzy / intellij-sops-plugin Goto Github PK
View Code? Open in Web Editor NEWSimple Sops Edit
Home Page: https://plugins.jetbrains.com/plugin/21317-simple-sops-edit
License: MIT License
Simple Sops Edit
Home Page: https://plugins.jetbrains.com/plugin/21317-simple-sops-edit
License: MIT License
Hello, first of all thank you for creating this useful tool!
I've noticed that whenever a file is modified, all encrypted values are re-generated. This is an issue as it makes it very difficult to read diffs - in larger files it looks like a lot of values have changed when potentially only one has.
Here's an example:
.sops.yaml
with the following contents:creation_rules:
# ...
encrypted_regex: (secret)
my-sops-file.yaml
containing the following, then commitsecret_1: I am a secret
secret_2: I am another secret
secret_1: I am a modified secret
secret_2: I am another secret
Running git diff
shows both values have changed:
$ git diff
--- a/my-sops-file.yaml
+++ b/my-sops-file.yaml
-secret_1: ENC[AES256_GCM,data:IYTZHhoAPR1j(...)
-secret_2: ENC[AES256_GCM,data:DMavDgjPhCT9(...)
+secret_1: ENC[AES256_GCM,data:rvvSNsNN8r4a(...)
+secret_2: ENC[AES256_GCM,data:bDEzI/57Jh5u(...)
(...)
If I do the same with sops
directly, I only see secret_1
's value updated as I would expect. I don't think SOPS is intended to be used in a non-interactive way (sops -d
-> edit -> sops -e
), which causes the problem here.
I'm learning SOPS with Age and while your extension is great, I have a hard time setting the SOPS_AGE_KEY_FILE
env var to point SOPS to a different Age key file. It would be nice if this was configurable in the extension. Since SOPS_AGE_KEY_FILE
is specific to Age, general support for env vars would be awesome!
Note: Currently I have to set the env var on the command line when I start Idea (and others) using their script. Starting it from the JetBrains Toolbox does not work (unless the env var is set in ~/.bashrc
). I'm using Linux with Kde.
It would be nice if there was support for SOPS using Age :)
https://github.com/getsops/sops#encrypting-using-age
Edit: I'm using SOPS_AGE_KEY_FILE
and SOPS_AGE_RECIPIENTS
.
Hi there!
After updating to 2.0 from 1.6 we have problems because the edit function adds a binary NUL to between all characters in the editors view.
On a Mac everything works flawless, could the v2.0 please be reviewed?
Thanks
This is a very helpful little plugin, thanks for that.
I was wondering if it would be possible to assign a short cut key to the "Edit" link in the notification bar? It's easier to press a few keys than hitting a small link in the upper right of the IDE (at least for me).
We are doing a lot of secrets work right now and we have more than once forgotten to press Edit before changing the file which sops doesn't like.
Can the plugin mark the file as read/only so the only way to change it is to press Edit?
When using --encrypted-suffix
or --encrypted-regex
for the initial encryption, the settings are not used after editing a file.
Example file:
replicaCount: 1
image:
repository: mergermarket/404
pullPolicy: Always
tag: latest
secrets:
PASSWORD: ENC[AES256_GCM,data:0h0+5UiKjNqIHqGR7Xno2R3l9bIxLPtxAaQiJwlUIYzXum9Wf+WD+W8LyU2nQbKLDjFOvprVt+H0Gh01heiE5tawkojAnWWqRyQLgizyttsX/ToeP4ETFTTs5zo7zDjVb0J3YRIhAGIgvc0hUqbX7tHVi+TaQfQZPqjPAp2TtJ3HL4UPo3AKIUFzI/QflsDEvmYJc7CrOV4X66jNWwHSCaJg3fNvOYXV4e5g1ZCgsIMu4jjcDhQaSEPxAHsMyc7RvDF5o/ASQU7jdlAkLQdZV1023M3OLlBkLjC9c7SM5xVyXJRA6X3QRiPBcbuexYEPOgL2A2/7TEvTwF56dA0heCntvkYC6to0z34z4iF+BjOBIiXJJy2Xaz88h05dKBb66SfN3PtNV1PQcq3mNW7ewWOvw0I4Ndm9xtGpOYjEvW4qEeXqTTUF7TudNBWMN95f68teaCKJ6N95bwOfI6NmpLMGKIbPIWdOB6LqPqN/ILfxyLQQa2zwFh8eT3aLITdybGZXRZjk1DOt+fh2DuenqV5Yd/k8tC8FZRIEi/HwDlI/xuBYNsgKboPVVcKoGRqegYz8SZnZaGtyShbSevU9EleznnHKt0oiMBXMBAq0DjdK/Nyf/uUhaY/SJBVcvNJ4JIJ7hKAotDsOJulWJMFiO2Y/zKTxb16PeIaiEAAvEtXq2zUO+HMrjDib7Tvb7EfPXKEffHF5PhtZnBokKLUJ1OERrEc7ht1aKPRMVfebXwt0a/8gDH76V1qMoKdEzK69gt4iBD95CL9VXYpgWZ6M9GE3Oq1wXxFQiU6QihE+Xfzqr6cA+KCWmP73nvZILeXoMfYu2l0z20VEyhHToy0Ez+CDqOCXybWZW/k3heJykMnkxG/zzUmjhtTZ1pPt9diHz8Zf4uQkiDEXf/3KclBso151lBg0N60Tsg3icDPUlNfrASNl9wByZGjr7u+8CYdRcotalL8cVkqd3UnfIuLFjO/CY6IMJYIhJKJGpHqnbqYSt4kAyfwTQMFS8L6VgkHkn/zyckPVn9zWzkj9bTNUX+pC1MLQwda3yJGRj+/1dz0ywKrB2T+3Q/3+MUFkozg37xgW8yNt/k0CH72eyXw35TyN9YsfRaed73wEQO+W9HHhZCtHELkv3R4Q4rxJPYoRpDiGPpG/D4Bk/QcAYXZGZyn0RvjRcrQjQFC0JAOVGurWX3nmOxeYc8TtwbzUgu5G+xxjCqv1xm2zgh6aH4T4pi2Fbc8o1DxOcdCNTZW4l4uma9ig6Rt5EJ3BIVgjfnZFNHozt6jl+vU4HlRm7cymfh9YLmgeu6G81qZ/IftZrtePeVhoc3dwKOWt2nGb+M46Mc81VvmhYzh4rtVf5IuhmYz8qN6iYXRiOq/2yBnYECUMaaqCmru6TbMDpHQDNf5mYLOwc1+OW3C3I1E5Z3t0lCaI7XjscLptv3pDMqva3f7Stf6uuFxAJNSRS6YRJw2u/TlTfvfVRHjF2PEjFE2hGQMhVritau8DrkCAUq08u//7qQ4HWzW0eeNJ6d7JY+C+4t5/VrLdwwKb7zdcwaBE834pD/S1TKzWaN3qB73pfZan8czS0Nh9Il/lLgeRCcCT,iv:adWp0vpcTbasPy05KwtrsYbLSm4HAFUZ2Tb2ChfG4h0=,tag:yxOtSVBS8kiVviTUN/Butg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1r2ruadc42qz2ar82ytsfxudd7c06aq5qk75dhxsy0l56jkr79pzs2wpna3
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVdDNIbVNQWHhiaEVKU1J0
bkhkMmcwNE9GMWlQejBvRTNMZDhwQlJtRnlZCjQ0QUM0NUtVZE43alVyU0x0aEpa
alZkZGJRcU1pSW9tVi8vcENsb0l1Q0UKLS0tIHRicG82dTE3ZS9LSFY3SXdkZlNr
dktSWkFncXRXekd1UzBYcHV5SjE5dDAKd7tbNmPCVGc+ou4m3CI3d5lzfi66RUar
nIKvXrascvuJOMpXWGn1k/eyP4zCQSC9l9Y9HUsYytu0bqhFTX7ZzQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zrmmyxzmuu97fdax3yf2ntu7e8maj7mg4nm3ay43q23d0mh7pfjsgdj029
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjSlpFRldDc1owUm0zczhz
QU9ZOFpPWFJsR2FpTjQ1YWo5b2RnOXBtblg0CjFiSm1oeTJqYXRNRXl4ZmdvdjEy
Y3Zkb0srM0F6QXZqQ2twL2hUbTg4MU0KLS0tIFBHWlNBclVmWlo5U1o3NnQ4THp5
QnArSWR4UWZ1MWdsSTFxUFpvRTk5VUEK7wMovbnklm99Uv8olqSGNi7UGREj02So
UyBPJN7VNITreo3Fh5cLtoYpUq3kjdVn5dTMtZ82VCyBy1L8XJ9tAA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-20T09:22:02Z"
mac: ENC[AES256_GCM,data:qm7E4EoizKZuBUQo8Ibva5fayb97wK2/4FnZJyaxbqAeemMSZiLheE46YrkzwcGcijexiTJH7kA0rSfde/JcgtojM7XuFOFk0oURfEIkkvcIe4hRub6IH2ZMWnh/MJ4UgQNB1igLOPYMWQ2jon1pW1AmKkjJdwXP7rNrD4lN0iE=,iv:wv/duAHduB84HSl1gnClQobgK292hVbL96LIt/T1ZGw=,tag:NQMA/RiZRrEe7m1RPG6msg==,type:str]
pgp: []
encrypted_suffix: secrets
version: 3.7.3
When I edit any value this is changed to:
replicaCount: ENC[AES256_GCM,data:Lw==,iv:xyL1/SQNcdu0d3OPXSjw0IBOTsd8QSUB12Yya8BwSPU=,tag:WOQIKKUb589ZYKer2bq96A==,type:int]
image:
repository: ENC[AES256_GCM,data:R17b0NK2HIOOgiVx6ol04w==,iv:xSHMocGyoS/t93mc4iQA1e6KOSNIQfedj7gLYuPmIZY=,tag:ACcaVd+NZQXuJ0AuSim7JQ==,type:str]
pullPolicy: ENC[AES256_GCM,data:C7NYn7hK,iv:TzRG/d7EeXLqLNE8x8w04u6rjX+Damjrt949fkjKoyM=,tag:rq5EysOW8FZQsY8wFDJXxA==,type:str]
tag: ENC[AES256_GCM,data:505KlX1B,iv:AjTAsKnRce2LeBfrlo4Mn0Tmk3L0NSD7scUFvwWtQKU=,tag:Rd9N56uC0fzZYDe8IDC0Vg==,type:str]
secrets:
JWT_PRIVATE_KEY: ENC[AES256_GCM,data:y0SzfsC3hXc/eoCRbsd9dNFw5FoD/HaERfJka1c2KwoRRwMWyxnFHaP5azjDdGYzWEGHH8flK40Efhjbe+PMkxSt9qYxSKstsT5iOFClKcIpjHLhHY39FLy5pnHWFp/S3bzMgtjceVq/in8FdgfuSWhaitdGIqJx0RCa1A2w2LJ1gWhVcRgk0ofOhZFgonGowzbJXbWs2doyA/4MelKqLMEW/C1AfXpEIdF7Eh4cTvSpBRpmN+7mVmSTY7+wqP38TQ/5OQcqPeT/1mTNG5uvvsfOscHuQNTOJOs7KcyaFj8GwPcVBCPsfUz0LzhVJJQzVW953mUAcxxWoAhrsUANgiIpJc0IVq//VgDsEf1vdVAZCjhKWEPc5RKopBt8DsWP1Cm8JZIxN6MCBX4ujA+U64FWQ9mzy7dAluUxHD22hqeToSrMrl8vyDcbB8Qs89bx3yxOasPlSOujo3krViOjqPaFS02a4eZ3tD5NX8Y+wdAoatHAC772R5Ead09tK6hy+7KyFhKxnTxWybgNWFg2RSlzTdMAK1yBTxSGN17qMiY5HBZw5wbR8QMNJiYA/YQduhahuLtSQhrJvAVehAAKHc4jSkXobnj2q7Cbqj3Dciki74/sl60V7pgtWVEP276FRRYsVsu49uu2ggXU2mgWq2c5Sgo2XC9CGmmyPds+gmRr35NxU251sItoC/t3tkgzSxOBTQgsg1Y+29b3ZM0n/R/+eM2qkZHhTFCiv0y6+B84XUX6wdw50eJHzIazAubzH19+fVNHhuexbAlEwzcUkls32r7OWuLmb6k/XnjBhkXxHq9bDtlE2jdcd/cJiSRHgUkwXB8SQzuMToEOjsYTqBJrI/AHhkUFkkojIlJ0wZYMTwulZiKMDwxa/HAQenjvxowzqMPqwOiowabK4WCmUsVNF/r3stFBadLG/0977IGf+apSkXh9DUMtsGkSj4REo5jBeLd5rkyK3OGwV+OLBPQtf8jrpHskdvnaJzMiElxmyUCyMwqLgl+vmhYrv0zESA0kJJVI3lnF6u1chiw22CMo2m2hsl3oMgLXQBtSgTVEMHyjg9+splsFMsfvaPTWnzR5/Zm7TFEjv633H8VV+ndrzNGjh4lZnjGnPwQ91uQd8Qim3zD4c2u7gKc+4Xkoq1nlcZDKhcps3vwXqjXscqPcs1XwucFX4TueMtwj1irVkSdbt3RkwczpDS8/No8niDMh6Vc+jb0MLTm0Xj6PJKf/NJyaH9ewUdov++59HOet9ZiJ4bzR7H5D5tUThhD35SLfaLtEpSQCMWEvm7u4miAN3NkTye41C/o22B2CmElpR+dg21ZEyJJE1+NdLJc+xCGjYtDK2MBwt3HUQUV3o6e4EOvRjKcC48MGDAljJhJTaU7/yP8Xfi8AUJfrJAPd0Lj5A0IH6GA3Rp8eB6Vi4eWqY/HWXkfYJCUP8PnR8x1dcH9VFwlpnCxnOKK5HoAJ1rTNA7UoJQaqmd7icLMGLc9lvaBL/7v3l8DZdSvKyhOHo/7Q5OkmIHg26U5aqq4ruUA4gTGRtQ/wdRpK+2MHRiHX6H2tEwKRpyh7ikLYoJzVTFzN3fMDpY8kpn0rG7dK,iv:0mbac9e2rRrQ8fxrXiZcFcSjokSNJuiqBv6E/VsIo3g=,tag:Ycdbe4lX4n5iiYC0GkCnAA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1r2ruadc42qz2ar82ytsfxudd7c06aq5qk75dhxsy0l56jkr79pzs2wpna3
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxZ0VvaDJOSkdaM2ZRMUdJ
dDJJbE03UUk0cndsaURybDRxbzdDR2tnaUZzCndkUzhnZzhmMXVONEt1WVpqNXlt
Nkt3TXM1OTJkR0w5NzAva1VKR3I0YjQKLS0tIEZQQ3phZGUzOXdBcm1EWkEvSmtF
KzZVOUFsaElFSmxUQk1UT1ROSUNDbmcKYEDXobiDzyFzC6dz4lBhIC3jSU64kueC
n5jdElEn6IGkBFHqtI4DetFX0vXPBhvqaLhZ8KdsAlMf/KXx79ea3g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1zrmmyxzmuu97fdax3yf2ntu7e8maj7mg4nm3ay43q23d0mh7pfjsgdj029
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVejVkQm1UYjVROFNzZ29W
a21VNHpBZm1jajhvb2FNcENWeVBSbDd0N3hvCmwvU0VsejhzMjJDZ21uc3JFMkxF
Q0NLdTQ0L01IeVJYOE9hZWFJNDZCejAKLS0tIFB6ZU9Ma3pqVlc3bmlrejMrK2hJ
dUdzcWMrNkJtZUhuYmJEaTRqNVFsNEUKRhBYUp1s0kAnulomGE/L0DHdnA0cTuUo
hRvUzSosZ3/CMISTjqF6AcTMvvlw004RszfatfZ3KURcG/lwHd44pQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-20T09:29:37Z"
mac: ENC[AES256_GCM,data:6Zwah/K5ovNBnmyJopVFwR2hH+exj4n2iOk2JMATJ8zMADSGFrB1Jrt+bq9XMLWLWhOemx5NbTgMZu25hSIWhgYXhm0pgXDaVazXrUhLrH3IEaXjJdhPamUN2cMfyD9Empm3jMMayqqLSI1ZrJt9dI0gBIfT5XgYu7lm4Q5P2Bc=,iv:cY7Hzlsn60EABsRf6i4yINIEBxRRdKz2my3U1Xv1YZA=,tag:gE50tlvg+EVB1b6k8LW87g==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3
Expected is that only secrets
are encrypted, but not the line above.
Using:
Currently on 1.5.0, PhpStorm EAP 2024.1 refuses to load the plugin: "requires IDE build 233.* or earlier"
PhpStorm 2024.1 EAP
Build #PS-241.12662.49, built on February 14, 2024
Problem
As sops fails to handle AWS profiles correctly and we're using KMS keys from different AWS accounts, some sops files can't be opened because of the incorrect profile being selected. There's an upstream sops issue that hasn't been fixed in years.
Request
If the SOPS plugin would allow to customise the path to the sops
executable, one could write a little wrapper script that invokes sops
with the given arguments and picks the right AWS_PROFILE
based on file name or alike.
Hey i have the same issue as https://plugins.jetbrains.com/plugin/21317-simple-sops-edit/reviews#review=83441 mentioned.
I already created a new Project with .sops.yaml on top level and a test/secrets.yaml file.
Thanks
java.lang.RuntimeException: Could not execute sops command
at com.github.daputzy.intellijsopsplugin.sops.ExecutionUtil.run(ExecutionUtil.java:122)
at com.github.daputzy.intellijsopsplugin.sops.ExecutionUtil.decrypt(ExecutionUtil.java:46)
at com.github.daputzy.intellijsopsplugin.handler.EditActionHandler.handle(EditActionHandler.java:23)
at com.intellij.ui.EditorNotificationPanel$6.handlePanelActionClick(EditorNotificationPanel.java:442)
at com.intellij.ui.EditorNotificationPanel$ActionHyperlinkLabel$1.hyperlinkActivated(EditorNotificationPanel.java:487)
at com.intellij.ui.HyperlinkAdapter.hyperlinkUpdate(HyperlinkAdapter.java:14)
at com.intellij.ui.HyperlinkLabel.fireHyperlinkEvent(HyperlinkLabel.java:242)
at com.intellij.ui.HyperlinkLabel.processMouseEvent(HyperlinkLabel.java:164)
at java.desktop/java.awt.Component.processEvent(Component.java:6422)
at java.desktop/java.awt.Container.processEvent(Container.java:2266)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5027)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2324)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4855)
at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4954)
at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4581)
at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4522)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2310)
at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2808)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4855)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:794)
at java.desktop/java.awt.EventQueue$3.run(EventQueue.java:739)
at java.desktop/java.awt.EventQueue$3.run(EventQueue.java:733)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:97)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:766)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:764)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:763)
at com.intellij.ide.IdeEventQueue.defaultDispatchEvent(IdeEventQueue.kt:690)
at com.intellij.ide.IdeEventQueue.dispatchMouseEvent(IdeEventQueue.kt:638)
at com.intellij.ide.IdeEventQueue._dispatchEvent(IdeEventQueue.kt:592)
at com.intellij.ide.IdeEventQueue.access$_dispatchEvent(IdeEventQueue.kt:67)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1$1.compute(IdeEventQueue.kt:369)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1$1.compute(IdeEventQueue.kt:368)
at com.intellij.openapi.progress.impl.CoreProgressManager.computePrioritized(CoreProgressManager.java:787)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1.invoke(IdeEventQueue.kt:368)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1.invoke(IdeEventQueue.kt:363)
at com.intellij.ide.IdeEventQueueKt.performActivity$lambda$1(IdeEventQueue.kt:997)
at com.intellij.openapi.application.TransactionGuardImpl.performActivity(TransactionGuardImpl.java:113)
at com.intellij.ide.IdeEventQueueKt.performActivity(IdeEventQueue.kt:997)
at com.intellij.ide.IdeEventQueue.dispatchEvent$lambda$7(IdeEventQueue.kt:363)
at com.intellij.openapi.application.impl.ApplicationImpl.runIntendedWriteActionOnCurrentThread(ApplicationImpl.java:861)
at com.intellij.ide.IdeEventQueue.dispatchEvent(IdeEventQueue.kt:405)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:207)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:128)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:117)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:105)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:92)
Caused by: com.intellij.execution.process.ProcessNotCreatedException: Cannot run program "sops" (in directory "/home/work/Develop/fleet-infra-k3s/services/overlays/codeinside-k3s/runix-pgadmin4"): error=2, Нет такого файла или каталога
at com.intellij.execution.configurations.GeneralCommandLine.createProcess(GeneralCommandLine.java:356)
at com.intellij.execution.process.OSProcessHandler.startProcess(OSProcessHandler.java:84)
at com.intellij.execution.process.OSProcessHandler.(OSProcessHandler.java:44)
at com.github.daputzy.intellijsopsplugin.sops.ExecutionUtil.run(ExecutionUtil.java:120)
... 50 more
Caused by: java.io.IOException: Cannot run program "sops" (in directory "/home/work/Develop/fleet-infra-k3s/services/overlays/codeinside-k3s/runix-pgadmin4"): error=2, Нет такого файла или каталога
at java.base/java.lang.ProcessBuilder.start(ProcessBuilder.java:1143)
at java.base/java.lang.ProcessBuilder.start(ProcessBuilder.java:1073)
at com.intellij.execution.configurations.GeneralCommandLine.startProcess(GeneralCommandLine.java:432)
at com.intellij.execution.configurations.GeneralCommandLine.createProcess(GeneralCommandLine.java:346)
... 53 more
Caused by: java.io.IOException: error=2, Нет такого файла или каталога
at java.base/java.lang.ProcessImpl.forkAndExec(Native Method)
at java.base/java.lang.ProcessImpl.(ProcessImpl.java:314)
at java.base/java.lang.ProcessImpl.start(ProcessImpl.java:244)
at java.base/java.lang.ProcessBuilder.start(ProcessBuilder.java:1110)
... 56 more
IntelliJ IDEA 2023.3.6 (Ultimate Edition)
Build #IU-233.15026.9, built on March 21, 2024
Licensed to Onepoint developpement Canada / Gabriel Oshiro
Subscription is active until May 23, 2024.
Runtime version: 17.0.10+1-b1087.23 amd64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.
Windows 11.0
GC: G1 Young Generation, G1 Old Generation
Memory: 4096M
Cores: 20
Registry:
debugger.new.tool.window.layout=true
ide.experimental.ui=true
Non-Bundled Plugins:
com.github.daputzy.intellij-sops-plugin (2.0.0)
org.intellij.plugins.hcl (233.13135.65)
com.petriuk.sops-intellij-plugin (1.2.0-alpha)
com.jetbrains.space (233.15026.16)
monokai-pro (1.10)
dev.aid.delombok (1.18.4.5)
dev.meanmail.plugin.nginx-intellij-plugin (2022.1.1)
com.ivanovych666.intellij.plugin.jsonsorter (1.0.0-beta.3.4)
google-java-format (1.22.0.0)
com.jetbrains.jax.ws (233.13135.65)
com.intellij.spring.shell (233.11799.196)
com.intellij.plugin.adernov.powershell (2.6.1)
com.intellij.javaee.ejb (233.11799.196)
com.intellij.ml.llm (233.15026.24)
dev.turingcomplete.intellijdevelopertoolsplugins (4.2.0)
com.jetbrains.packagesearch.intellij-plugin (233.11800.8)
com.haulmont.jpab (2023.4.1-233)
MavenRunHelper (4.28.0-IJ2022.2)
Pythonid (233.15026.9)
com.github.copilot (1.5.3.5510)
ru.adelf.idea.dotenv (2024.1)
org.sonarlint.idea (10.5.0.78339)
zielu.gittoolbox (500.2.7+233)
dev.nx.console (1.23.1)
Kotlin: 233.15026.9-IJ
sops --version
sops 3.7.3
Simple Sops Edit version 2.0.0
Sops error
Out-File : The process cannot access the file 'C:\Users\g.oshiro\AppData\Local\Temp\1942865019\secrets.json' because it is being used by another process. At C:\Users\g.oshiro\AppData\Local\Temp\simple-sops-edit17945077680687193703\10630914340165521956.ps1:5 char:12 + $content | Out-File "$file" + ~~~~~~~~~~~~~~~~ + CategoryInfo : OpenError: (:) [Out-File], IOException + FullyQualifiedErrorId : FileOpenFailure,Microsoft.PowerShell.Commands.OutFileCommand File has not changed, exiting.
com.intellij.diagnostic.PluginException: Attempt to load text for binary file which doesn't have a decompiler plugged in: /Diff for Pull Request. File type: DIFF [Plugin: com.github.daputzy.intellij-sops-plugin]
at com.intellij.ui.EditorNotificationsImpl$updateEditors$job$1.invokeSuspend(EditorNotificationsImpl.kt:251)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:108)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:793)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:697)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:684)
Caused by: java.lang.IllegalArgumentException: Attempt to load text for binary file which doesn't have a decompiler plugged in: /Diff for Pull Request. File type: DIFF
at com.intellij.openapi.fileEditor.impl.LoadTextUtil.loadText(LoadTextUtil.java:489)
at com.github.daputzy.intellijsopsplugin.file.FileUtil.lambda$getContent$1(FileUtil.java:35)
at com.intellij.openapi.application.impl.ApplicationImpl.runReadAction(ApplicationImpl.java:909)
at com.intellij.openapi.application.ReadAction.compute(ReadAction.java:65)
at com.github.daputzy.intellijsopsplugin.file.FileUtil.getContent(FileUtil.java:35)
at com.github.daputzy.intellijsopsplugin.sops.DetectionUtil.sopsFileDetected(DetectionUtil.java:35)
at com.github.daputzy.intellijsopsplugin.SopsNotificationProvider.collectNotificationData(SopsNotificationProvider.java:30)
at com.intellij.ui.EditorNotificationsImpl$updateEditors$job$1$result$1.invoke(EditorNotificationsImpl.kt:229)
at com.intellij.ui.EditorNotificationsImpl$updateEditors$job$1$result$1.invoke(EditorNotificationsImpl.kt:226)
at com.intellij.openapi.application.rw.InternalReadAction.insideReadAction(InternalReadAction.kt:108)
at com.intellij.openapi.application.rw.InternalReadAction.access$insideReadAction(InternalReadAction.kt:16)
at com.intellij.openapi.application.rw.InternalReadAction$tryReadCancellable$2.invoke(InternalReadAction.kt:95)
at com.intellij.openapi.application.rw.InternalReadAction$tryReadCancellable$2.invoke(InternalReadAction.kt:94)
at com.intellij.openapi.application.rw.CancellableReadActionKt$cancellableReadActionInternal$1.invoke$lambda$1$lambda$0(cancellableReadAction.kt:38)
at com.intellij.openapi.application.impl.ApplicationImpl.tryRunReadAction(ApplicationImpl.java:1075)
at com.intellij.openapi.application.rw.CancellableReadActionKt$cancellableReadActionInternal$1.invoke$lambda$1(cancellableReadAction.kt:36)
at com.intellij.openapi.progress.util.ProgressIndicatorUtilService.runActionAndCancelBeforeWrite(ProgressIndicatorUtilService.java:73)
at com.intellij.openapi.progress.util.ProgressIndicatorUtils.runActionAndCancelBeforeWrite(ProgressIndicatorUtils.java:128)
at com.intellij.openapi.application.rw.CancellableReadActionKt$cancellableReadActionInternal$1.invoke(cancellableReadAction.kt:34)
at com.intellij.openapi.progress.CoroutinesKt.blockingContextInner(coroutines.kt:321)
at com.intellij.openapi.progress.CoroutinesKt.blockingContext(coroutines.kt:310)
at com.intellij.openapi.application.rw.CancellableReadActionKt.cancellableReadActionInternal(cancellableReadAction.kt:31)
at com.intellij.openapi.application.rw.InternalReadAction.tryReadCancellable(InternalReadAction.kt:94)
at com.intellij.openapi.application.rw.InternalReadAction.tryReadAction(InternalReadAction.kt:78)
at com.intellij.openapi.application.rw.InternalReadAction.readLoop(InternalReadAction.kt:65)
at com.intellij.openapi.application.rw.InternalReadAction.access$readLoop(InternalReadAction.kt:16)
at com.intellij.openapi.application.rw.InternalReadAction$runReadAction$4.invokeSuspend(InternalReadAction.kt:44)
at com.intellij.openapi.application.rw.InternalReadAction$runReadAction$4.invoke(InternalReadAction.kt)
at com.intellij.openapi.application.rw.InternalReadAction$runReadAction$4.invoke(InternalReadAction.kt)
at kotlinx.coroutines.intrinsics.UndispatchedKt.startUndispatchedOrReturn(Undispatched.kt:78)
at kotlinx.coroutines.BuildersKt__Builders_commonKt.withContext(Builders.common.kt:167)
at kotlinx.coroutines.BuildersKt.withContext(Unknown Source)
at com.intellij.openapi.application.rw.InternalReadAction.runReadAction(InternalReadAction.kt:40)
at com.intellij.openapi.application.rw.PlatformReadWriteActionSupport.executeReadAction(PlatformReadWriteActionSupport.kt:38)
at com.intellij.openapi.application.ReadWriteActionSupport.executeReadAction$default(ReadWriteActionSupport.kt:15)
at com.intellij.openapi.application.CoroutinesKt.constrainedReadAction(coroutines.kt:58)
at com.intellij.openapi.application.CoroutinesKt.readAction(coroutines.kt:25)
at com.intellij.ui.EditorNotificationsImpl$updateEditors$job$1.invokeSuspend(EditorNotificationsImpl.kt:226)
... 6 more
I've instructed sops don't encrypt metadata fields in my Kubernetes Secret with the following config .sops.yaml
:
creation_rules:
- path_regex: ".*-secret.yaml|.*-secret.patch.yaml"
encrypted_regex: ^(data|stringData)$
azure_keyvault: https://xxx
- path_regex: ""
azure_keyvault: https://xxx
But as a result I get encrypted both metada and data in my Secret datasource-secret.enc.yaml:
apiVersion: ENC[AES256_GCM,data:EUE=,iv:HTIqw0lOoUzwxMR5t7PihyP3wqBw4jkLjOUdX0Qq/Ms=,tag:wUfy5isnV1CYCDek5UEnHA==,type:str]
kind: ENC[AES256_GCM,data:zzYYjAkj,iv:SWmwGdqwAfo/9yBrBLkvPt12zoVhYlBjJoBbyVg9F1E=,tag:X9o9byzQ2vUJh7hnEtuYVw==,type:str]
metadata:
name: ENC[AES256_GCM,data:YDi1NH/10KjCqdeNxe8b19L3Jw==,iv:F2JTPS1xDJiWt9S1ZA4sK3sQ9GIlaZJ0CMx7uf+kGUs=,tag:VW2WOvQNf9pBE1hSeqq7+A==,type:str]
labels:
grafana_datasource: ENC[AES256_GCM,data:hQ==,iv:qfZL9xZehxFtAAPZdyAnXgssq8YJgPTi4K5lj/IqFyM=,tag:FpsgH9j9LZr8zezWrOWScQ==,type:str]
type: ENC[AES256_GCM,data:Ke1N21eD,iv:R72nJnkhhJrfh9pMWhTKaOhhGD8k8HtX4ww2wuwWycU=,tag:EZ5KBhnc1RfG7xa2VEooog==,type:str]
stringData:
datasource.yaml: ENC[XXX]
Running the original sops binary it works as expected and metadata is not encrypted:
sops -e datasource-secret.yaml > datasource-secret.enc.yaml
apiVersion: v1
kind: Secret
metadata:
name: grafana-datasources
labels:
grafana_datasource: "1"
type: Opaque
stringData:
datasource.yaml: ENC[XXX]
I am having some issues to make it work as well, i got a sops encrypted file called aws_credentials
(no extension). I am using AWS KMS
The content of aws_credentials
looks like this:
{
"data": "ENC[AES256_GCM,data:DATA_IN_BASE64_HERE,type:str]",
"sops": {
"kms": [
{
"arn": "arn:aws:kms:eu-central-1:MY_AWS_ACCOUNT_ID:key/MY_KEY_ID",
"created_at": "2023-10-09T14:18:03Z",
"enc": "ANOTHER_BASE64_ENC",
"aws_profile": ""
}
],
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": null,
"lastmodified": "2023-10-09T14:18:26Z",
"mac": "ENC[AES256_GCM,data:BASE_64_MAC,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.7.3"
}
}
Running sops -d aws_credentials
decrypts the file successfully!
$ sops --version
sops 3.7.3
JetBrains Rider 2023.3.3
Build #RD-233.14015.60, built on January 19, 2024
Licensed to me
Subscription is active until October 25, 2024.
Runtime version: 17.0.9+7-b1087.11 amd64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.
Linux 6.5.0-25-generic
.NET Core v7.0.10 x64 (Server GC)
GC: G1 Young Generation, G1 Old Generation
Memory: 2956M
Cores: 12
Registry:
editor.config.csharp.support=true
Non-Bundled Plugins:
com.github.daputzy.intellij-sops-plugin (1.5.1)
com.intellij.ml.llm (233.14015.147)
Current Desktop: ubuntu:GNOME
I got this internal error in intellij. I have the make-readonly attribute set and the file cannot be written to on disk (not sure if that is related to this but I had to edit manually outside of intellij). This is on Ubuntu 23.10.
java.lang.RuntimeException: Cannot invoke (class=, method=fileClosed, topic=FileEditorManagerListener)
at com.intellij.util.messages.impl.MessageBusImplKt.invokeListener(MessageBusImpl.kt:676)
at com.intellij.util.messages.impl.MessageBusImplKt.deliverMessage(MessageBusImpl.kt:422)
at com.intellij.util.messages.impl.MessageBusImplKt.pumpWaiting(MessageBusImpl.kt:401)
at com.intellij.util.messages.impl.MessageBusImplKt.access$pumpWaiting(MessageBusImpl.kt:1)
at com.intellij.util.messages.impl.MessagePublisher.invoke(MessageBusImpl.kt:460)
at jdk.proxy2/jdk.proxy2.$Proxy60.fileClosed(Unknown Source)
at com.intellij.openapi.fileEditor.impl.EditorWindow.closeFile$lambda$8$lambda$7(EditorWindow.kt:595)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.notifyPublisher(FileEditorManagerImpl.kt:1221)
at com.intellij.openapi.fileEditor.impl.EditorWindow.closeFile$intellij_platform_ide_impl(EditorWindow.kt:592)
at com.intellij.openapi.fileEditor.impl.EditorWindow.closeFile$intellij_platform_ide_impl$default(EditorWindow.kt:553)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.closeFile$intellij_platform_ide_impl(FileEditorManagerImpl.kt:699)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.closeFile(FileEditorManagerImpl.kt:720)
at com.intellij.openapi.fileEditor.impl.tabActions.CloseTab.actionPerformed(CloseTab.kt:101)
at com.intellij.openapi.actionSystem.ex.ActionUtil.doPerformActionOrShowPopup(ActionUtil.java:339)
at com.intellij.openapi.keymap.impl.ActionProcessor.performAction(ActionProcessor.java:47)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcher$myActionProcessor$1.performAction(IdeKeyEventDispatcher.kt:502)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcherKt.doPerformActionInner$lambda$5$lambda$4(IdeKeyEventDispatcher.kt:865)
at com.intellij.openapi.application.TransactionGuardImpl.performActivity(TransactionGuardImpl.java:105)
at com.intellij.openapi.application.TransactionGuardImpl.performUserActivity(TransactionGuardImpl.java:94)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcherKt.doPerformActionInner$lambda$5(IdeKeyEventDispatcher.kt:865)
at com.intellij.openapi.actionSystem.ex.ActionUtil.performDumbAwareWithCallbacks(ActionUtil.java:362)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcherKt.doPerformActionInner(IdeKeyEventDispatcher.kt:863)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcherKt.access$doPerformActionInner(IdeKeyEventDispatcher.kt:1)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcher.processAction$intellij_platform_ide_impl(IdeKeyEventDispatcher.kt:587)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcher.processAction(IdeKeyEventDispatcher.kt:513)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcher.processActionOrWaitSecondStroke(IdeKeyEventDispatcher.kt:454)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcher.inInitState(IdeKeyEventDispatcher.kt:447)
at com.intellij.openapi.keymap.impl.IdeKeyEventDispatcher.dispatchKeyEvent(IdeKeyEventDispatcher.kt:309)
at com.intellij.ide.IdeEventQueue.dispatchKeyEvent(IdeEventQueue.kt:622)
at com.intellij.ide.IdeEventQueue._dispatchEvent(IdeEventQueue.kt:591)
at com.intellij.ide.IdeEventQueue.access$_dispatchEvent(IdeEventQueue.kt:67)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1$1.compute(IdeEventQueue.kt:369)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1$1.compute(IdeEventQueue.kt:368)
at com.intellij.openapi.progress.impl.CoreProgressManager.computePrioritized(CoreProgressManager.java:787)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1.invoke(IdeEventQueue.kt:368)
at com.intellij.ide.IdeEventQueue$dispatchEvent$processEventRunnable$1$1.invoke(IdeEventQueue.kt:363)
at com.intellij.ide.IdeEventQueueKt.performActivity$lambda$1(IdeEventQueue.kt:997)
at com.intellij.openapi.application.TransactionGuardImpl.performActivity(TransactionGuardImpl.java:113)
at com.intellij.ide.IdeEventQueueKt.performActivity(IdeEventQueue.kt:997)
at com.intellij.ide.IdeEventQueue.dispatchEvent$lambda$7(IdeEventQueue.kt:363)
at com.intellij.openapi.application.impl.ApplicationImpl.runIntendedWriteActionOnCurrentThread(ApplicationImpl.java:861)
at com.intellij.ide.IdeEventQueue.dispatchEvent(IdeEventQueue.kt:405)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:207)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:128)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:117)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:105)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:92)
Caused by: java.lang.RuntimeException: Could not write content to file
at com.github.daputzy.intellijsopsplugin.file.FileUtil.lambda$writeContentBlocking$3(FileUtil.java:49)
at com.intellij.openapi.application.impl.ApplicationImpl.invokeAndWait(ApplicationImpl.java:458)
at com.intellij.openapi.application.impl.ApplicationImpl.invokeAndWait(ApplicationImpl.java:490)
at com.github.daputzy.intellijsopsplugin.file.FileUtil.writeContentBlocking(FileUtil.java:45)
at com.github.daputzy.intellijsopsplugin.handler.EditActionHandler$1.fileClosed(EditActionHandler.java:46)
at com.intellij.util.messages.impl.MessageBusImplKt.invokeMethod(MessageBusImpl.kt:699)
at com.intellij.util.messages.impl.MessageBusImplKt.invokeListener(MessageBusImpl.kt:659)
... 47 more
Caused by: java.nio.file.AccessDeniedException: /home/REDACTED-secrets.enc.yaml
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:218)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:484)
at java.base/java.nio.file.Files.newOutputStream(Files.java:228)
at com.intellij.openapi.vfs.impl.local.LocalFileSystemBase.getOutputStream(LocalFileSystemBase.java:523)
at com.intellij.openapi.vfs.newvfs.persistent.PersistentFSImpl$3.close(PersistentFSImpl.java:859)
at com.intellij.openapi.vfs.newvfs.impl.VirtualFileImpl.setBinaryContent(VirtualFileImpl.java:157)
at com.intellij.openapi.vfs.VirtualFile.setBinaryContent(VirtualFile.java:561)
at com.intellij.openapi.vfs.VirtualFile.setBinaryContent(VirtualFile.java:557)
at com.github.daputzy.intellijsopsplugin.file.FileUtil.lambda$writeContentBlocking$2(FileUtil.java:43)
at com.intellij.openapi.application.WriteAction.lambda$runAndWait$2(WriteAction.java:116)
at com.intellij.openapi.application.impl.ApplicationImpl.runWriteActionWithClass(ApplicationImpl.java:980)
at com.intellij.openapi.application.impl.ApplicationImpl.runWriteAction(ApplicationImpl.java:1006)
at com.intellij.openapi.application.WriteAction.computeAndWait(WriteAction.java:135)
at com.intellij.openapi.application.WriteAction.computeAndWait(WriteAction.java:129)
at com.intellij.openapi.application.WriteAction.runAndWait(WriteAction.java:115)
at com.github.daputzy.intellijsopsplugin.file.FileUtil.lambda$writeContentBlocking$3(FileUtil.java:47)
... 53 more
Hey there!
Thank you for this neat tool. I'm facing an issue with our current AWS SSO setup and saving an encrypted file back with Simple SOPS. It then says:
Could not generate data key: [failed to encrypt new data key with master key "arn:aws:kms:xxx:xxx:key/xxx": Failed to call KMS encryption service: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors]
I'm storing the AWS_PROFILE within the encrypted file under
sops:
kms:
- arn: xxx
created_at: xxx
enc: xxx
aws_profile: "PROFILE_NAME"
Maybe it's because the aws_profile gets lost on the way of re-encrypting the encrypted file? Or maybe I am missing something here? When using SOPS in the IntelliJ's terminal window, it all works.
Any help is appreciated!
Widura
java.lang.RuntimeException: Cannot invoke (class=, method=fileClosed, topic=FileEditorManagerListener)
at com.intellij.util.messages.impl.MessageBusImplKt.invokeListener(MessageBusImpl.kt:639)
at com.intellij.util.messages.impl.MessageBusImplKt.deliverMessage(MessageBusImpl.kt:395)
at com.intellij.util.messages.impl.MessageBusImplKt.pumpWaiting(MessageBusImpl.kt:374)
at com.intellij.util.messages.impl.MessageBusImplKt.access$pumpWaiting(MessageBusImpl.kt:1)
at com.intellij.util.messages.impl.MessagePublisher.invoke(MessageBusImpl.kt:433)
at jdk.proxy1/jdk.proxy1.$Proxy123.fileClosed(Unknown Source)
at com.intellij.openapi.fileEditor.impl.EditorWindow.closeFile$lambda$11$lambda$10(EditorWindow.kt:582)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl$7.lambda$run$0(FileEditorManagerImpl.java:1252)
at com.intellij.openapi.util.ExpirableRunnable$1.run(ExpirableRunnable.java:17)
at com.intellij.openapi.wm.impl.FocusManagerImpl.lambda$doWhenFocusSettlesDown$3(FocusManagerImpl.java:173)
at com.intellij.util.ui.EdtInvocationManager.invokeLaterIfNeeded(EdtInvocationManager.java:33)
at com.intellij.ide.IdeEventQueue.ifFocusEventsInTheQueue(IdeEventQueue.java:176)
at com.intellij.ide.IdeEventQueue.executeWhenAllFocusEventsLeftTheQueue(IdeEventQueue.java:129)
at com.intellij.openapi.wm.impl.FocusManagerImpl.doWhenFocusSettlesDown(FocusManagerImpl.java:169)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl$7.run(FileEditorManagerImpl.java:1251)
at com.intellij.openapi.util.BusyObject$Impl$Simple.execute(BusyObject.java:105)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.notifyPublisher(FileEditorManagerImpl.java:1248)
at com.intellij.openapi.fileEditor.impl.EditorWindow.closeFile$lambda$11(EditorWindow.kt:578)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.runBulkTabChange(FileEditorManagerImpl.java:1904)
at com.intellij.openapi.fileEditor.impl.EditorWindow.closeFile(EditorWindow.kt:538)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.lambda$closeFile$5(FileEditorManagerImpl.java:706)
at com.intellij.openapi.command.impl.CoreCommandProcessor.executeCommand(CoreCommandProcessor.java:219)
at com.intellij.openapi.command.impl.CoreCommandProcessor.executeCommand(CoreCommandProcessor.java:174)
at com.intellij.openapi.command.impl.CoreCommandProcessor.executeCommand(CoreCommandProcessor.java:164)
at com.intellij.openapi.command.impl.CoreCommandProcessor.executeCommand(CoreCommandProcessor.java:150)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.closeFile(FileEditorManagerImpl.java:704)
at com.intellij.openapi.fileEditor.impl.FileEditorManagerImpl.closeFile(FileEditorManagerImpl.java:714)
at com.intellij.openapi.fileEditor.impl.EditorTabbedContainer$TabMouseListener.mouseReleased(EditorTabbedContainer.java:372)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:298)
at java.desktop/java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:297)
at java.desktop/java.awt.Component.processMouseEvent(Component.java:6648)
at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3392)
at java.desktop/java.awt.Component.processEvent(Component.java:6413)
at java.desktop/java.awt.Container.processEvent(Container.java:2266)
at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5022)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2324)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4854)
at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4948)
at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4575)
at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4516)
at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2310)
at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2802)
at java.desktop/java.awt.Component.dispatchEvent(Component.java:4854)
at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:781)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:730)
at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:724)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:97)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:754)
at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:752)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:751)
at com.intellij.ide.IdeEventQueue.defaultDispatchEvent(IdeEventQueue.java:909)
at com.intellij.ide.IdeEventQueue.dispatchMouseEvent(IdeEventQueue.java:831)
at com.intellij.ide.IdeEventQueue._dispatchEvent(IdeEventQueue.java:753)
at com.intellij.ide.IdeEventQueue.lambda$dispatchEvent$5(IdeEventQueue.java:437)
at com.intellij.openapi.progress.impl.CoreProgressManager.computePrioritized(CoreProgressManager.java:787)
at com.intellij.ide.IdeEventQueue.lambda$dispatchEvent$6(IdeEventQueue.java:436)
at com.intellij.openapi.application.TransactionGuardImpl.performActivity(TransactionGuardImpl.java:113)
at com.intellij.ide.IdeEventQueue.performActivity(IdeEventQueue.java:615)
at com.intellij.ide.IdeEventQueue.lambda$dispatchEvent$7(IdeEventQueue.java:434)
at com.intellij.openapi.application.impl.ApplicationImpl.runIntendedWriteActionOnCurrentThread(ApplicationImpl.java:838)
at com.intellij.ide.IdeEventQueue.dispatchEvent(IdeEventQueue.java:480)
at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:207)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:128)
at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:117)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:113)
at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:105)
at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:92)
Caused by: java.lang.RuntimeException: Could not get document for file
at com.github.daputzy.intellijsopsplugin.FileUtil.getDocument(FileUtil.java:27)
at com.github.daputzy.intellijsopsplugin.EditActionHandler$1.fileClosed(EditActionHandler.java:35)
at com.intellij.util.messages.impl.MessageBusImplKt.invokeMethod(MessageBusImpl.kt:655)
at com.intellij.util.messages.impl.MessageBusImplKt.invokeListener(MessageBusImpl.kt:621)
... 70 more
Hello,
I'm using CLI package manager aqua.
This tool allows defining tools (and their associated versions) within a repository. Aqua then functions as a command proxy, so depending on the folder from which a command is launched, if aqua manages it, it uses the binary of the version specified in the configuration file.
However, if executed from a location (none of the parent folders have an aqua configuration file), it cannot find the command. The $PATH environment variable must also include the path to the proxified binaries:
export PATH="${AQUA_ROOT_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/aquaproj-aqua}/bin:$PATH"
Looking at the source code of this plugin, it seems that it navigates to the folder containing the file to decrypt, and it appears to pass the parent environment variables. These two elements should enable the plugin to work with aqua. However, I'm not sure if that's really the case, and I don't know how to debug the plugin.
To test it :
Install aqua :
# Aqua installation
curl -sSL -o /tmp/aqua.tar.gz https://github.com/aquaproj/aqua/releases/download/v2.21.3/aqua_linux_amd64.tar.gz && /bin/tar -xzf /tmp/aqua.tar.gz -C /tmp && chmod 0755 /tmp/aqua && sudo chown root:root /tmp/aqua && sudo mv /tmp/aqua ${aqua_install_path}/aqua && rm -f /tmp/aqua.tar.gz /tmp/aqua
# Env var (add it to bashrc if needed)
export PATH="${AQUA_ROOT_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/aquaproj-aqua}/bin:$PATH"
# Prepare Test Directory
mkdir $HOME/test-sops && cd $HOME/test-sops
# Generate and install aqua tools sops and age
aqua init && aqua g FiloSottile/age getsops/sops >> aqua.yaml && aqua i
# Show Version tools
sops --version
# Show sops 3.8.1 (latest)
age --version
# Show v1.1.1
cd ..
sops --version
# show : FATA[0000] aqua failed aqua_version=2.21.3 doc="https://aquaproj.github.io/docs/reference/codes/004" env=linux/amd64 error="command is not found" exe_name=sops program=aqua
age --version
# show: FATA[0000] aqua failed aqua_version=2.21.3 doc="https://aquaproj.github.io/docs/reference/codes/004" env=linux/amd64 error="command is not found" exe_name=age program=aqua
You just need to add your .sops.yaml to directory $HOME/test-sops and generate an age key if needed.
You can now encrypt a file with sops commande from $HOME/test-sops directory via command line.
But you can't with your plugin.
Please can you take a look at this ?
I'm trying to move back to pycharm but this isn't working at all. I have the age.key in my project root and I've set the age key env var in the settings. I get no error message at all. It does nothing when I click the buttons.
In vscode I use this plugin and it works perfectly with no configuration required. https://github.com/signageos/vscode-sops
Hi,
I'm using sops to encrypt secrets.yaml
file used when specifying values for helmfile releases. I'm using sops command line directly to edit encrypted files like this:
EDITOR=kwrite sops /path/to/secrets.yaml
...and this works. But since I'm using IDEA to edit other files, I wanted to try this plugin. It doesn't detect the secrets.yaml
file to be SOPS encrypted file and doesn't show the status line with a link to "Edit" it in decrypted form. The encrypted file structure does contain the following at the end:
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-07-07T14:22:35Z"
mac: ENC[...redacted...]
pgp:
- created_at: "2023-06-13T15:47:51Z"
enc: |-
-----BEGIN PGP MESSAGE-----
...redacted...
-----END PGP MESSAGE-----
fp: ...redacted...
unencrypted_suffix: _unencrypted
version: 3.7.3
Somewhere I read that users put a .sops.yaml
file in the project's root folder. I don't have such file. I added an empty .sops.yaml
file into project's root folder and the plugin then recognized the SOPS encrypted file and allowed me to start editing it in decrypted form. But when saving the modified decrypted tab and upon closing it, I get the following error and original file is left intact:
Sops error
config file not found and no keys provided through command line options
Should I put some content into .sops.yaml
file in the project's root and what? I didn't need that file for editing encrypted files using sops command line directly.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.