* Add vault/api to vendor/
* Adds support for sops publish-ing to Vault
* Adds support for publishing secrets (unencrypted) to Vault
* Adds a new EmitAsMap for TreeBanches
* Adds documentation about sops publish-ing to Vault
* Initial integration/functional test for publishing to vault
* Implement `sops publish` command
Publishes a file to a pre-configured destination (this lives in the sops
config file). Additionally, support re-encryption rules that work
just like the creation rules. Initial support for S3/GCS.
This is a part of the sops-workspace v2.0 project
Includes the addition of a new dependency:
github.com/googleapis/gax-go/v2
* code review changes; support global --verbose flag
* Switch to recreation_rule with full support
Reencryption rule is now recreation rule and supports everything that a
creation rule does. Now, when you load a config for a file, you load
either the creation rule or the destination rule. I'm not sure about
this style long term, but it allows for support to be added for the
recreation rules without a bigger refactor of how the config file works.
* split loadForFileFromBytes into two functions
remove branching based on destination rule or not, create one for
creation rules and one for destination rules
* pretty diff for keygroup updates in sops publish
It's been around 9 months since our last vendor update. This is also
needed for some new features being worked on for sops workspace.
Additionally, this PR regenerates the kms mocks.
* Allow set "json value" to be a string.
Adds back support for string values in --set, while retaining support
for yaml multidoc that caused this bug.
Fixes #461
* Add functional test for --set'ing strings
* Fixes integration tests in travis to not run on PR's (they will now
run on merges into `develop` and `master`)
* Change README.rst and CONTRIBUTING.md to reflect the use of `develop`
as the primary development branch
* kms encryption ctx auto fix
Code to do the migration is still rough and needs clean up and further
testing.
* Added some further polish to enc ctx fix code path
* Attempt to decrypt using other keys before trying enc ctx variations
* just re-encrypt datakey instead of all of the values
* Move KMS enc ctx fix code to new function
* Fix RetrieveLatestVersionFromUpstream with pkg move
* Fixes from code review
* Include err in message displayed to user
* Remove duplicate file.Close() calls in Fix kms func
* move file.Close() to defer
* Fix KMS encryption context handling
The code copying encryption context value strings to a map
containing string pointers was incorrectly getting a pointer to a
string variable which is being re-used by the for loop, causing
all keys to point to the same value string.
* Extract helper method for KmsKey to KMS MasterKey conversion
* Add test for kmsKeyToMasterKey helper function
