Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewServer ¶
func NewServer(options ...ServerOption) keyservice.KeyServiceServer
NewServer constructs a new Server, configuring it with the provided options before returning the result. When WithDefaultServer() is not provided as an option, the SOPS server implementation is configured as default.
Types ¶
type LocalClient ¶
type LocalClient struct {
Server keyservice.KeyServiceServer
}
LocalClient is a key service client that performs all operations locally. The sole reason this exists is because the go.mozilla.org/sops/v3/keyservice.LocalClient does not implement the KeyServiceServer interface.
func NewLocalClient ¶
func NewLocalClient(server keyservice.KeyServiceServer) LocalClient
NewLocalClient creates a new local client that embeds the given KeyServiceServer.
func (LocalClient) Decrypt ¶
func (c LocalClient) Decrypt(ctx context.Context, req *keyservice.DecryptRequest, opts ...grpc.CallOption) (*keyservice.DecryptResponse, error)
Decrypt processes a decrypt request locally.
func (LocalClient) Encrypt ¶
func (c LocalClient) Encrypt(ctx context.Context, req *keyservice.EncryptRequest, opts ...grpc.CallOption) (*keyservice.EncryptResponse, error)
Encrypt processes an encrypt request locally.
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is a key service server that uses SOPS MasterKeys to fulfill requests. It intercepts Encrypt and Decrypt requests made for key types that need to run in a contained environment, instead of the default implementation which heavily utilizes environment variables or the runtime environment. Any request not handled by the Server is forwarded to the embedded default server.
func (Server) Decrypt ¶
func (ks Server) Decrypt(ctx context.Context, req *keyservice.DecryptRequest) (*keyservice.DecryptResponse, error)
Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result.
func (Server) Encrypt ¶
func (ks Server) Encrypt(ctx context.Context, req *keyservice.EncryptRequest) (*keyservice.EncryptResponse, error)
Encrypt takes an encrypt request and encrypts the provided plaintext with the provided key, returning the encrypted result.
type ServerOption ¶ added in v0.23.0
type ServerOption interface {
// ApplyToServer applies this configuration to the given Server.
ApplyToServer(s *Server)
}
ServerOption is some configuration that modifies the Server.
type WithAgeIdentities ¶ added in v0.23.0
WithAgeIdentities configures the parsed age identities on the Server.
func (WithAgeIdentities) ApplyToServer ¶ added in v0.23.0
func (o WithAgeIdentities) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithAzureToken ¶ added in v0.23.0
WithAzureToken configures the Azure credential token on the Server.
func (WithAzureToken) ApplyToServer ¶ added in v0.23.0
func (o WithAzureToken) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithDefaultServer ¶ added in v0.23.0
type WithDefaultServer struct {
Server keyservice.KeyServiceServer
}
WithDefaultServer configures the fallback default server on the Server.
func (WithDefaultServer) ApplyToServer ¶ added in v0.23.0
func (o WithDefaultServer) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithGnuPGHome ¶ added in v0.23.0
type WithGnuPGHome string
WithGnuPGHome configures the GnuPG home directory on the Server.
func (WithGnuPGHome) ApplyToServer ¶ added in v0.23.0
func (o WithGnuPGHome) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithVaultToken ¶ added in v0.23.0
type WithVaultToken string
WithVaultToken configures the Hashicorp Vault token on the Server.
func (WithVaultToken) ApplyToServer ¶ added in v0.23.0
func (o WithVaultToken) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
Source Files