Replace the logging of failed encryption and decryption attempts from
error to info level.
This to address a regression in which an encryption or decryption
attempt with a series of keys would result in a list of failed attempts
logged to stderr even when the operation itself eventually succeeded.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This commit renames the Go module from `go.mozilla.org/sops/v3` to
`github.com/getsops/sops/v3` without a major version bump, to align
with new stewardship.
For more information around this change, refer to
https://github.com/getsops/sops/issues/1246.
For a one-liner to change the `go.mod` and any import paths in your
Go project making use of this module, run:
```
find /path/to/repo -type f \( -name "*.go" -o -name "go.mod" \) -exec sed -i 's|go.mozilla.org/sops/v3|github.com/getsops/sops/v3|g' {} \;
find /path/to/repo -type f \( -name "*.go" -o -name "go.mod" \) -exec sed -i '' 's|go.mozilla.org/sops/v3|github.com/getsops/sops/v3|g' {} \;
```
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Most of the rewritten key sources introduced `WithError` calls, which
does not appear to go well with the UX of the CLI. This reverts it to
be the semi equal to current `master`.
During the diff, I noticed the current age implementation in master
does make use of `WithError`. Which makes me wonder if errors are not
returned twice at present in the CLI.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This adds improvements to identity loading, extensive test coverage
and a general tidying of bits of code. The improvements are based on a
fork of the age key source in the Flux project's kustomize-controller,
which was built due to SOPS' limitations around identity management
without relying on runtime environment variables.
- It introduces a `ParsedIdentity` type which contains a slice of age
identities, and can be applied to the `MasterKey`. When applied,
further loading of identities from the runtime environment is skipped
for `Decrypt` operations. This is most useful when working with SOPS
as an SDK, in combination with e.g. a local key service server
implementation.
- The `Identity` field has been deprecated in the `MasterKey` struct.
Presence of the field was misleading, as it is not actually used.
- Any detected identity reference is now loaded, instead of it assuming
a priority order. This makes more sense, as age is able to work with
a set of loaded identities. If no environment variables are defined,
the existence of the keys.txt in the user's config directory is
required.
- Decrypt logs have been added to match other key sources.
- Extensive test coverage.
Signed-off-by: Hidde Beydals <hello@hidde.co>
In [this](https://github.com/mozilla/sops/pull/966#discussion_r830294838) comment
it was proposed to make `masterKeyFromRecipient` private to avoid
reintroducing this bug in the future.
Since I agree with the Idea, this change will make the mehtod private
and update all unit-tests to use the `MasterKeysFromRecipients` method
instead.
Signed-off-by: Cedric Kienzler <github@cedric-kienzler.de>
I encountered an issue when I tried so specify multiple age recipients
in the .sops.yaml config file of my repository.
I tried running `sops --age 'agePubKey1,agePubKey2' -e -i values.secret.yaml`
which produced an appropriate file with two entries in the `/sops/age/-`
part of the encrypted yaml file.
However, I then continued to set multiple recipients in my .sops.yaml
file to simplify handling:
```yaml
creation_rules:
- encrypted_regex: '^(data|stringData|spec)$'
age: 'agePubKey1,agePubKey2'
```
However, this resulted in encryption only being done for the first
specified agePubKey, not the second or third one.
After digging a bit trough the code, I think this should fix it.
I verified the fix locally on my machine and got it working. Also adding
some unit tests and extending the repository examples so they can be
decrypted using the age keys provided in `age/keys.txt`
Signed-off-by: Cedric Kienzler <github@cedric-kienzler.de>
This removes two pieces of code in the age keysource that are not
actually used.
The `parsedIdentity` is technically a candidate to stay, but should
then be changed to a `[]*age.X25519Identity` type and be lazy-loaded
by `Decrypt` (with the result of `age.ParseIdentities`).
Signed-off-by: Hidde Beydals <hello@hidde.co>
* Use age/armor for encrypted data key
Currently the encrypted data key is stored as a binary value, and this
results in SOPS encrypted DOTENV files having weird binary characters.
This changes the encrypt/decrypt methods to use the armor reader writer
provided by: filippo.io/age/armor
Signed-off-by: Andreas Amstutz <tullo@users.noreply.github.com>
* upgrade filippo.io/age to v1.0.0-beta7
Signed-off-by: Andreas Amstutz <tullo@users.noreply.github.com>
* add unit test
Signed-off-by: Andreas Amstutz <tullo@users.noreply.github.com>
Co-authored-by: Andreas Amstutz <tullo@users.noreply.github.com>
Boris Kreitchman
Felix Fontein
Hidde Beydals
Hidde Beydals
Cedric Kienzler
AJ Bahnken
Christian Hoffmeister
Johan Fleury
Andreas
Mikhail Katychev
Jimmy Cuadra
Cole Mickens