Comments (8)
You mean support ini
for the .sops.yaml
configuration file documented at https://github.com/mozilla/sops#using-sops-yaml-conf-to-select-kms-pgp-for-new-files ?
I don't think that's a problem as long as the loaded configuration fits into the same dictionary. But, to be honest, that yaml
formal is so trivial I don't really see a benefit to supporting ini
as well.
from sops.
i meant ini as another option vs. json/yaml for encrypted files
from sops.
Ah, that's a different story then 😄
I'm not familiar enough with the ini
format to say that it's possible to do. Do you have a link to a formal specification? If ini
can be loaded as a key/value tree like yaml and json, then we should be able to encrypt the leaves.
Of course, you can always treat ini
files as binary, but you lose the readability of keeping the file structure in cleartext.
from sops.
i don't think there's a formal spec (not one i could easily find anyway). https://docs.python.org/3/library/configparser.html is probably all that's necessary here. i think key/value tree access works out of the box.
from sops.
How about supporting simple .env files first? This is literally the syntax:
VAR1=val1
VAR2=val2
I'm looking to use sops to decrypt secrets for Kustomize, and encrypting only values for .env files sounds like a nice quality of life feature.
I have very little experience with Go, though. @jvehent some pointers on how to add this file format?
from sops.
@jcassee you essentially need to write something that implements the Store
interface and then plug that in to the command line tool. Here's the YAML store which you can use as an example.
The main challenge here is that SOPS needs to store its metadata (a non-flat structure) with the file, so you'd have to figure out how to store that for .env files. For YAML and JSON, we just use a "sops"
top level map entry.
from sops.
@autrilla Thanks for the pointers. #391 implements the new store.
from sops.
Fixed with #400
from sops.
Related Issues (20)
- Support encryption with x.509 cert in win certmgr
- Allow to encrypt specific nodes in a file with specific keys (muliple matching creation_rules) HOT 3
- Different AWS profiles are ignored when using multiple KMS keys
- exec-env/exec-file: support "--" to separate command to run HOT 4
- Can't use docker compose and sops together HOT 3
- `sops execfile` filename should not have a random suffix appended in --no-fifo mode HOT 2
- diff shows entire file has changed HOT 1
- [question] Where is the documentation? HOT 2
- ForbiddenByRbac when using azure key vault backend with version 3.8+
- "$" in code examples in Readme prevents simple copy/paste HOT 1
- When we encrypt our values it updates all variables HOT 2
- Decrypt doesn't handle multiple files / bulk operations
- panic: runtime error: invalid memory address or nil pointer dereference when using updatekeys HOT 11
- SOPS mac_only_encrypted HOT 3
- Does sops edit exist? HOT 2
- Update Documentation for usage with ansible inventory. Parameter: _valid_extensions HOT 1
- Which winget ID can i trust to get sops ? HOT 4
- Management of `Harvest Now, Decrypt Later` ("HNDL") and `Post-Quantum Safety` ("PQS") HOT 1
- How to verify deb packages before installing ? HOT 2
- encrypt & decrypt command format conflict HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sops.