mirror of
https://github.com/getsops/sops.git
synced 2026-02-05 12:45:21 +01:00
f2a1d4c782
This commit renames the Go module from `go.mozilla.org/sops/v3` to `github.com/getsops/sops/v3` without a major version bump, to align with new stewardship. For more information around this change, refer to https://github.com/getsops/sops/issues/1246. For a one-liner to change the `go.mod` and any import paths in your Go project making use of this module, run: ``` find /path/to/repo -type f \( -name "*.go" -o -name "go.mod" \) -exec sed -i 's|go.mozilla.org/sops/v3|github.com/getsops/sops/v3|g' {} \; find /path/to/repo -type f \( -name "*.go" -o -name "go.mod" \) -exec sed -i '' 's|go.mozilla.org/sops/v3|github.com/getsops/sops/v3|g' {} \; ``` Signed-off-by: Hidde Beydals <hidde@hhh.computer>
85 lines
1.8 KiB
Go
85 lines
1.8 KiB
Go
/*
|
|
Package keyservice implements a gRPC API that can be used by SOPS to encrypt and decrypt the data key using remote
|
|
master keys.
|
|
*/
|
|
package keyservice
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/getsops/sops/v3/age"
|
|
"github.com/getsops/sops/v3/azkv"
|
|
"github.com/getsops/sops/v3/gcpkms"
|
|
"github.com/getsops/sops/v3/hcvault"
|
|
"github.com/getsops/sops/v3/keys"
|
|
"github.com/getsops/sops/v3/kms"
|
|
"github.com/getsops/sops/v3/pgp"
|
|
)
|
|
|
|
// KeyFromMasterKey converts a SOPS internal MasterKey to an RPC Key that can be serialized with Protocol Buffers
|
|
func KeyFromMasterKey(mk keys.MasterKey) Key {
|
|
switch mk := mk.(type) {
|
|
case *pgp.MasterKey:
|
|
return Key{
|
|
KeyType: &Key_PgpKey{
|
|
PgpKey: &PgpKey{
|
|
Fingerprint: mk.Fingerprint,
|
|
},
|
|
},
|
|
}
|
|
case *gcpkms.MasterKey:
|
|
return Key{
|
|
KeyType: &Key_GcpKmsKey{
|
|
GcpKmsKey: &GcpKmsKey{
|
|
ResourceId: mk.ResourceID,
|
|
},
|
|
},
|
|
}
|
|
case *hcvault.MasterKey:
|
|
return Key{
|
|
KeyType: &Key_VaultKey{
|
|
VaultKey: &VaultKey{
|
|
VaultAddress: mk.VaultAddress,
|
|
EnginePath: mk.EnginePath,
|
|
KeyName: mk.KeyName,
|
|
},
|
|
},
|
|
}
|
|
case *kms.MasterKey:
|
|
ctx := make(map[string]string)
|
|
for k, v := range mk.EncryptionContext {
|
|
ctx[k] = *v
|
|
}
|
|
return Key{
|
|
KeyType: &Key_KmsKey{
|
|
KmsKey: &KmsKey{
|
|
Arn: mk.Arn,
|
|
Role: mk.Role,
|
|
Context: ctx,
|
|
AwsProfile: mk.AwsProfile,
|
|
},
|
|
},
|
|
}
|
|
case *azkv.MasterKey:
|
|
return Key{
|
|
KeyType: &Key_AzureKeyvaultKey{
|
|
AzureKeyvaultKey: &AzureKeyVaultKey{
|
|
VaultUrl: mk.VaultURL,
|
|
Name: mk.Name,
|
|
Version: mk.Version,
|
|
},
|
|
},
|
|
}
|
|
case *age.MasterKey:
|
|
return Key{
|
|
KeyType: &Key_AgeKey{
|
|
AgeKey: &AgeKey{
|
|
Recipient: mk.Recipient,
|
|
},
|
|
},
|
|
}
|
|
default:
|
|
panic(fmt.Sprintf("Tried to convert unknown MasterKey type %T to keyservice.Key", mk))
|
|
}
|
|
}
|