search

stuttgart-things / kaeffken

gitops cluster management cli
Other
0 stars 0 forks source link

[FEATURE] - ADD INLINE SOPS ENCRYPTION #11

Closed patrick-hermann-sva closed 5 months ago

patrick-hermann-sva commented 6 months ago

EXAMPLE ENCRYPTION

package main

import (
    "fmt"

    "filippo.io/age"
    "github.com/getsops/sops/v3"
    "github.com/getsops/sops/v3/aes"
    keysource "github.com/getsops/sops/v3/age"
    "github.com/getsops/sops/v3/cmd/sops/common"
    "github.com/getsops/sops/v3/keys"
    "github.com/getsops/sops/v3/keyservice"
    "github.com/getsops/sops/v3/stores/json"
)

func main() {
    identity, err := age.GenerateX25519Identity()
    if err != nil {
        panic(err)
    }
    fmt.Println(identity.String())
    fmt.Println(identity.Recipient().String())

    if err != nil {
        panic(err)
    }
    store := json.Store{}
    branches, err := store.LoadPlainFile([]byte(`{"foo": "bar"}`))
    if err != nil {
        panic(err)
    }
    fmt.Println(branches)

    masterKey, err := keysource.MasterKeyFromRecipient(identity.Recipient().String())
    if err != nil {
        panic(err)
    }
    tree := sops.Tree{
        Branches: branches,
        Metadata: sops.Metadata{
            KeyGroups: []sops.KeyGroup{
                []keys.MasterKey{masterKey},
            },
            UnencryptedSuffix: "_unencrypted",
        },
    }

    dataKey, errs := tree.GenerateDataKeyWithKeyServices(
        []keyservice.KeyServiceClient{keyservice.NewLocalClient()},
    )
    if errs != nil {
        panic(errs)
    }
    common.EncryptTree(common.EncryptTreeOpts{
        DataKey: dataKey,
        Tree:    &tree,
        Cipher:  aes.NewCipher(),
    })
    result, err := store.EmitEncryptedFile(tree)
    if err != nil {
        panic(err)
    }
    fmt.Print(string(result))
}
patrick-hermann-sva commented 5 months ago

implemented - sops encrypt