feat: SOPS decryption support for YAML/JSON/.env

[lukasmrtvy]

Would be nice to support sops ( https://github.com/mozilla/sops ) as datasource Thanks

[hairyhenderson]

Hi @lukasmrtvy - thanks for filing this!

I wasn't familiar with sops, so thank you for the link - it looks very interesting!

From what I can tell this wouldn't so much be a datasource as a parsing extension for YAML/JSON/env media types, similar to the EJSON support already present. Does that sound correct, or am I missing something?

It looks like what would make sense would be supporting the JSON, YAML, and env formats (which gomplate already supports). I'm not sure how gomplate could support the binary format, and it doesn't (yet) support INI files, so that wouldn't work either.

It'll take some time to get this implemented, but this definitely looks interesting!

[github-actions[bot]]

This issue is stale because it has been open for 60 days with no activity. Remove stale label or comment or this will be automatically closed in a few days.

[Gowiem]

@hairyhenderson thoughts on reopening this? We'd love to see support in Gomplate for this as we could use it downstream in https://github.com/cloudposse/atmos/issues/592.

To address your original comment: The integration with the binary would to use it to actually decrypt the YAML file so that the secret values were available to the config unencrypted.

[hairyhenderson]

@Gowiem sure - I'd be happy to review a PR adding this in. I probably won't have time to work on this directly however.