getsops/sops
1
0
Fork 0
mirror of https://github.com/getsops/sops.git synced 2026-02-05 12:45:21 +01:00
Code Issues Activity
1,885 Commits 6 Branches 42 Tags
94d86c6313f062a62cef8f08e70cfe25d3fdbdfd
Commit Graph

55 Commits

Author SHA1 Message Date
dependabot[bot]
ac10dc7891 build(deps): Bump serde_json in /functional-tests in the rust group 
Bumps the rust group in /functional-tests with 1 update: [serde_json](https://github.com/serde-rs/json).


Updates `serde_json` from 1.0.134 to 1.0.135
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.134...v1.0.135)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-13 17:14:04 +01:00
dependabot[bot]
bd1d827e1a build(deps): Bump tempfile in /functional-tests in the rust group 
Bumps the rust group in /functional-tests with 1 update: [tempfile](https://github.com/Stebalien/tempfile).


Updates `tempfile` from 3.14.0 to 3.15.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stebalien/tempfile/compare/v3.14.0...v3.15.0)

---
updated-dependencies:
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-06 20:27:34 +01:00
dependabot[bot]
7c596ebc12 build(deps): Bump the rust group in /functional-tests with 2 updates 
Bumps the rust group in /functional-tests with 2 updates: [serde](https://github.com/serde-rs/serde) and [serde_derive](https://github.com/serde-rs/serde).


Updates `serde` from 1.0.216 to 1.0.217
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.216...v1.0.217)

Updates `serde_derive` from 1.0.216 to 1.0.217
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.216...v1.0.217)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-30 09:19:20 +00:00
dependabot[bot]
8021022ba4 build(deps): Bump serde_json in /functional-tests in the rust group 
Bumps the rust group in /functional-tests with 1 update: [serde_json](https://github.com/serde-rs/json).


Updates `serde_json` from 1.0.133 to 1.0.134
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.133...v1.0.134)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-23 09:07:03 +00:00
dependabot[bot]
d6a6dc6128 build(deps): Bump the rust group in /functional-tests with 2 updates 
Bumps the rust group in /functional-tests with 2 updates: [serde](https://github.com/serde-rs/serde) and [serde_derive](https://github.com/serde-rs/serde).


Updates `serde` from 1.0.215 to 1.0.216
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.215...v1.0.216)

Updates `serde_derive` from 1.0.215 to 1.0.216
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.215...v1.0.216)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 18:03:36 +01:00
Rene Leonhardt
981c21af15 chore(deps): Update Rust dependencies 
Signed-off-by: Rene Leonhardt <65483435+reneleonhardt@users.noreply.github.com>
 2024-12-01 10:52:55 +01:00
dependabot[bot]
a9caa7c174 build(deps): Bump the rust group in /functional-tests with 3 updates 
Bumps the rust group in /functional-tests with 3 updates: [serde](https://github.com/serde-rs/serde), [serde_json](https://github.com/serde-rs/json) and [serde_derive](https://github.com/serde-rs/serde).


Updates `serde` from 1.0.214 to 1.0.215
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.214...v1.0.215)

Updates `serde_json` from 1.0.132 to 1.0.133
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.132...v1.0.133)

Updates `serde_derive` from 1.0.214 to 1.0.215
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.214...v1.0.215)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-18 19:29:21 +01:00
dependabot[bot]
4a36404832 build(deps): Bump the rust group in /functional-tests with 2 updates 
Bumps the rust group in /functional-tests with 2 updates: [serde](https://github.com/serde-rs/serde) and [serde_derive](https://github.com/serde-rs/serde).


Updates `serde` from 1.0.213 to 1.0.214
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.213...v1.0.214)

Updates `serde_derive` from 1.0.213 to 1.0.214
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.213...v1.0.214)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-11 18:10:32 +01:00
dependabot[bot]
90b90ddae1 build(deps): Bump the rust group in /functional-tests with 2 updates 
Bumps the rust group in /functional-tests with 2 updates: [serde](https://github.com/serde-rs/serde) and [serde_derive](https://github.com/serde-rs/serde).


Updates `serde` from 1.0.210 to 1.0.213
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.210...v1.0.213)

Updates `serde_derive` from 1.0.210 to 1.0.213
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.210...v1.0.213)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-28 18:33:46 +01:00
dependabot[bot]
a722fb46dc build(deps): Bump serde_json in /functional-tests in the rust group 
Bumps the rust group in /functional-tests with 1 update: [serde_json](https://github.com/serde-rs/json).


Updates `serde_json` from 1.0.128 to 1.0.132
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/1.0.128...1.0.132)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-21 18:28:27 +02:00
dependabot[bot]
7fb0b991bd build(deps): Bump the rust group in /functional-tests with 5 updates 
Bumps the rust group in /functional-tests with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [serde](https://github.com/serde-rs/serde) | `1.0.193` | `1.0.210` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.108` | `1.0.128` |
| [serde_yaml](https://github.com/dtolnay/serde-yaml) | `0.9.29` | `0.9.34+deprecated` |
| [serde_derive](https://github.com/serde-rs/serde) | `1.0.193` | `1.0.210` |
| [lazy_static](https://github.com/rust-lang-nursery/lazy-static.rs) | `1.4.0` | `1.5.0` |


Updates `serde` from 1.0.193 to 1.0.210
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.193...v1.0.210)

Updates `serde_json` from 1.0.108 to 1.0.128
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.108...1.0.128)

Updates `serde_yaml` from 0.9.29 to 0.9.34+deprecated
- [Release notes](https://github.com/dtolnay/serde-yaml/releases)
- [Commits](https://github.com/dtolnay/serde-yaml/compare/0.9.29...0.9.34)

Updates `serde_derive` from 1.0.193 to 1.0.210
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.193...v1.0.210)

Updates `lazy_static` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/rust-lang-nursery/lazy-static.rs/releases)
- [Commits](https://github.com/rust-lang-nursery/lazy-static.rs/compare/1.4.0...1.5.0)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: serde_derive
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: lazy_static
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-30 18:07:18 +03:00
Felix Fontein
afbaf0e3b7 Add Cargo.lock for better reproducability of functional tests. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-09-26 22:20:11 +03:00
Felix Fontein
8c60d48513 Do not encrypt if a key group is empty, or there are no key groups. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-09-25 22:25:37 +03:00
Sebastien Duthil
e65e6fa74a functional tests: formatting lint 
Signed-off-by: Sebastien Duthil <duthils@duthils.net>
 2024-09-11 21:06:33 -04:00
Sebastien Duthil
2d914d2fb0 tests: show output if command fails 
Signed-off-by: Sebastien Duthil <duthils@duthils.net>
 2024-06-26 10:44:04 +02:00
Sebastien Duthil
3ab8a4fe95 unset: add --idempotent flag 
Signed-off-by: Sebastien Duthil <duthils@duthils.net>
 2024-06-26 10:44:04 +02:00
Sebastien Duthil
1c2714dc1a add command unset 
Signed-off-by: Sebastien Duthil <duthils@duthils.net>
 2024-06-26 10:44:04 +02:00
Edoardo Tenani
b8e65f9dd1 add filestatus subcommand 
Signed-off-by: Edoardo Tenani <edoardo.tenani@pm.me>
 2024-06-23 16:08:33 +02:00
Felix Fontein
daabd14700 Do not use DotEnv store for exec-env. 
This avoids quoting problems, fixes #784, and also better handles
various problems that can arise, like '=' in keys and non-string
keys and values.

Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-06-15 17:53:38 +02:00
Felix Fontein
417c20a21b If filename is provided for exec-file, use it without random suffix. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-06-11 06:56:11 +02:00
Felix Fontein
bd7ca0f0d7 Add basic functional tests for exec-file and exec-env. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-02-09 22:46:51 +01:00
Felix Fontein
c3abac2a1d Add and use rotate, edit, and set subcommands. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-02-06 15:00:33 +01:00
Felix Fontein
2ae16f5457 Add and use encrypt and decrypt subcommands. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2024-02-06 15:00:33 +01:00
Felix Fontein
2ca683141d Change double command (--encrypt --set) to single command (--set). 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2023-12-29 22:13:33 +01:00
Felix Fontein
2290395f87 Test more status codes. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2023-12-29 22:13:33 +01:00
Felix Fontein
d6804fe450 Run cargo fmt. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2023-12-29 22:13:33 +01:00
Felix Fontein
09e147f2fb Fix typos. 
Signed-off-by: Felix Fontein <felix@fontein.de>
 2023-11-03 12:32:52 +01:00
Hidde Beydals
1d7fc78a75 Update rustc functional tests to v1.70.0 
Bear minimum to get this going again, including an update of
dependencies.

It's worth noting that there is a detachment between the GitHub Action
workflow and running this locally. As there are assumptions around:

1. Having the `pgp/sops_functional_tests_key.asc` imported.
2. Having a Vault server running for two functional tests.

The `functional-tests` Make target does not facilitate this, and
putting something in place using a temporary `GNUPGHOME` and a
container image would likely be a welcome future improvement.

In addition, there is Rust code in `validation/` which appears to be an
artifact from an ancient Python library[1][2]. This should probably be
removed in the future.

[1]: https://github.com/getsops/sops/tree/python-sops
[2]: https://pypi.org/project/sops/

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-07-02 13:37:49 +02:00
Felix Fontein
b1d253e7b9 Do not discard comments at beginning of YAML documents (#757) 
* Allow to preserve comments at beginning of YAML document.

* Extend functional tests.

* Update changelog.
 2020-10-07 18:10:51 +02:00
AJ Bahnken
ebf0705182 vault kv version and mount names in publish config (#513) 
Adds support for publishing to vault using KV v1 and a different mount
name (or multiple).
 2019-08-30 13:44:04 -07:00
AJ Bahnken
e9b9f7aeef Replace old functional test gpg keys (#512) 
Two of the three old keys have expired, so create a new set with no
expiration.
 2019-08-30 09:07:00 -07:00
AJ Bahnken
6910225545 Adds support for sops publish-ing to Vault (#494) 
* Add vault/api to vendor/

* Adds support for sops publish-ing to Vault

* Adds support for publishing secrets (unencrypted) to Vault
* Adds a new EmitAsMap for TreeBanches
* Adds documentation about sops publish-ing to Vault
* Initial integration/functional test for publishing to vault
 2019-07-16 14:33:59 -07:00
AJ Bahnken
ebd153f540 Implement sops publish command (#473) 
* Implement `sops publish` command

Publishes a file to a pre-configured destination (this lives in the sops
config file). Additionally, support re-encryption rules that work
just like the creation rules. Initial support for S3/GCS.

This is a part of the sops-workspace v2.0 project

Includes the addition of a new dependency:
  github.com/googleapis/gax-go/v2

* code review changes; support global --verbose flag

* Switch to recreation_rule with full support

Reencryption rule is now recreation rule and supports everything that a
creation rule does. Now, when you load a config for a file, you load
either the creation rule or the destination rule. I'm not sure about
this style long term, but it allows for support to be added for the
recreation rules without a bigger refactor of how the config file works.

* split loadForFileFromBytes into two functions

remove branching based on destination rule or not, create one for
creation rules and one for destination rules

* pretty diff for keygroup updates in sops publish
 2019-06-27 16:48:54 +00:00
AJ Bahnken
f8e60a1db5 Allow set "json value" to be a string. (#468) 
* Allow set "json value" to be a string.

Adds back support for string values in --set, while retaining support
for yaml multidoc that caused this bug.

Fixes #461

* Add functional test for --set'ing strings
 2019-05-28 15:55:54 +00:00
AJ Bahnken
f000986f20 Only run kms functional tests within mozilla/sops 
Instead of exiting early, only run the kms tests within the context of
mozilla/sops (and not from forks).
 2019-03-29 10:42:01 -07:00
AJ Bahnken
51503b5177 Initial set of AWS KMS tests (#444) 
* Initial set of AWS KMS tests

* rename temp file in kms test

* Skip AWS KMS functional tests if env var is unset
 2019-03-21 09:43:36 -07:00
Adrian Utrilla
6ce0290791 Add functional test for --output flag 2018-11-07 08:09:44 -05:00
Adrian Utrilla
5e6aa7f3eb Fix double encryption prevention (#346) 
* Fix binary file bug double encryption prevention

The `ensureNoMetadata` function was incorrectly implemented and called
LoadEncryptedFile on the InputStore and checked whether the returned error was
MetadataNotFound or not. In the case where loading the input file as an encrypted
file would fail (e.g. due to syntax errors), it would incorrectly report the file as
having a "sops" branch. When using the binary mode, it would try to load the file as
an encrypted binary file (which is expected to be JSON), which would fail, thus
triggering this error.

* Add functional test for binary file roundtrip
 2018-05-14 19:59:07 +02:00
Adrian Utrilla
1a895c9004 Add functional test for extracting strings 2018-03-30 20:54:10 +02:00
Adrian Utrilla
7911bb1542 Merge branch 'master' into yaml-list-comments 2017-09-15 19:29:06 -07:00
Adrian Utrilla
e6f46513dd Merge branch 'master' into encrypt-comments 2017-09-15 10:28:26 -07:00
Adrian Utrilla
31cab09b18 Move test files outside of Rust source 2017-09-13 09:55:26 -07:00
Adrian Utrilla
00d7a5a1f8 Allow using lists in key groups in .sops.yaml 2017-09-12 11:38:03 -07:00
Adrian Utrilla
79a662e4ba Improve documentation with @jvehent's suggestions 2017-09-11 16:52:56 -07:00
Adrian Utrilla
8541e26f7a Fix data key retrieval bug with 1 key group 
This happened when there's multiple master keys inside a single key
group. SOPS would decrypt the data key with every single key in the
group, when only one is needed. This meant that multiple "parts" are
found, so because SOPS encountered != 1 part without using Shamir, it
errored out.
 2017-09-11 10:14:41 -07:00
Adrian Utrilla
be4a35e7f5 Fix shamir tests 2017-08-25 13:12:34 -07:00
Adrian Utrilla
4c9697874e Add functional tests for comment decryption 2017-08-15 20:43:21 -07:00
Adrian Utrilla
2c30afdc5a Added functional tests for shamir secret sharing 2017-05-26 22:29:57 +02:00
Adrian Utrilla
706888c2ac Added functional test checking decryption of files with no MAC 2017-03-13 15:27:32 +01:00
Adrian Utrilla
6e6068de16 Allow decrypting files with no MAC 
Fixes #195
 2017-02-04 17:01:40 +01:00