Create a constant for the 'sops' metadata key.

Signed-off-by: Felix Fontein <felix@fontein.de>

stores/dotenv/store.go

@@ -12,7 +12,7 @@ import (
 )
 
 // SopsPrefix is the prefix for all metadatada entry keys
-const SopsPrefix = "sops_"
+const SopsPrefix = stores.SopsMetadataKey + "_"
 
 // Store handles storage of dotenv data
 type Store struct {

stores/ini/store.go

@@ -148,7 +148,7 @@ func (store *Store) LoadEncryptedFile(in []byte) (sops.Tree, error) {
 		return sops.Tree{}, err
 	}
 
-	sopsSection, err := iniFileOuter.GetSection("sops")
+	sopsSection, err := iniFileOuter.GetSection(stores.SopsMetadataKey)
 	if err != nil {
 		return sops.Tree{}, sops.MetadataNotFound
 	}
@@ -170,7 +170,7 @@ func (store *Store) LoadEncryptedFile(in []byte) (sops.Tree, error) {
 	// Discard metadata, as we already loaded it.
 	for bi, branch := range branches {
 		for s, sectionBranch := range branch {
-			if sectionBranch.Key == "sops" {
+			if sectionBranch.Key == stores.SopsMetadataKey {
 				branch = append(branch[:s], branch[s+1:]...)
 				branches[bi] = branch
 			}
@@ -213,7 +213,7 @@ func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	sectionItem := sops.TreeItem{Key: "sops", Value: newBranch}
+	sectionItem := sops.TreeItem{Key: stores.SopsMetadataKey, Value: newBranch}
 	branch := sops.TreeBranch{sectionItem}
 
 	in.Branches = append(in.Branches, branch)

stores/json/store.go

@@ -295,7 +295,7 @@ func (store *Store) LoadEncryptedFile(in []byte) (sops.Tree, error) {
 	}
 	// Discard metadata, as we already loaded it.
 	for i, item := range branch {
-		if item.Key == "sops" {
+		if item.Key == stores.SopsMetadataKey {
 			branch = append(branch[:i], branch[i+1:]...)
 		}
 	}
@@ -321,7 +321,7 @@ func (store *Store) LoadPlainFile(in []byte) (sops.TreeBranches, error) {
 // EmitEncryptedFile returns the encrypted bytes of the json file corresponding to a
 // sops.Tree runtime object
 func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) {
-	tree := append(in.Branches[0], sops.TreeItem{Key: "sops", Value: stores.MetadataFromInternal(in.Metadata)})
+	tree := append(in.Branches[0], sops.TreeItem{Key: stores.SopsMetadataKey, Value: stores.MetadataFromInternal(in.Metadata)})
 	out, err := store.jsonFromTreeBranch(tree)
 	if err != nil {
 		return nil, fmt.Errorf("Error marshaling to json: %s", err)

stores/stores.go

@@ -23,6 +23,11 @@ import (
 	"github.com/getsops/sops/v3/pgp"
 )
 
+const (
+	// The key used to store SOPS metadata at in SOPS encrypted files.
+	SopsMetadataKey = "sops"
+)
+
 // SopsFile is a struct used by the stores as a helper to unmarshal the SOPS metadata
 type SopsFile struct {
 	// Metadata is a pointer so we can easily tell when the field is not present
@@ -510,7 +515,7 @@ var ExampleFlatTree = sops.Tree{
 // HasSopsTopLevelKey returns true if the given branch has a top-level key called "sops".
 func HasSopsTopLevelKey(branch sops.TreeBranch) bool {
 	for _, b := range branch {
-		if b.Key == "sops" {
+		if b.Key == SopsMetadataKey {
 			return true
 		}
 	}

stores/yaml/store.go

@@ -291,7 +291,7 @@ func (store *Store) LoadEncryptedFile(in []byte) (sops.Tree, error) {
 		}
 
 		for i, elt := range branch {
-			if elt.Key == "sops" { // Erase
+			if elt.Key == stores.SopsMetadataKey { // Erase
 				branch = append(branch[:i], branch[i+1:]...)
 			}
 		}
@@ -357,7 +357,7 @@ func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) {
 		// Create copy of branch with metadata appended
 		branch = append(sops.TreeBranch(nil), branch...)
 		branch = append(branch, sops.TreeItem{
-			Key:   "sops",
+			Key:   stores.SopsMetadataKey,
 			Value: stores.MetadataFromInternal(in.Metadata),
 		})
 		// Marshal branch to global mapping node