secrets

package
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 29, 2025 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AgeRecipientsFromKeyFile 

func AgeRecipientsFromKeyFile(ageKeyFile string) ([]string, error)

AgeRecipientsFromKeyFile reads an age identity file and returns the corresponding recipient(s). It supports resolving ~/ in the path similarly to DecryptAndParse.

func DecryptAndParse 

func DecryptAndParse(ctx context.Context, path string, opts SopsOptions) ([]string, error)

DecryptAndParse returns key=value pairs from a SOPS-encrypted dotenv file. Only dotenv format is supported. If no SOPS backends are configured, the file is treated as plaintext.

func EncryptDotenvFileWithSops 

func EncryptDotenvFileWithSops(ctx context.Context, path string, ageRecipients []string, ageKeyFile string, pgpRecipients []string, pgpKeyringDir string, pgpUseAgent bool, pgpPinentryMode string, pgpPassphrase string) error

EncryptDotenvFileWithSops encrypts a plaintext dotenv file in-place using the system SOPS binary with provided recipients. Age recipients are passed with --age, PGP recipients are passed with --pgp

Types

type SopsOptions added in v0.5.0 

type SopsOptions struct {
	// Age
	AgeKeyFile    string
	AgeRecipients []string
	// PGP (GnuPG)
	PgpKeyringDir   string
	PgpUseAgent     bool
	PgpPinentryMode string // "default" | "loopback"
	PgpPassphrase   string // interpolated already; not logged
	PgpRecipients   []string
}

SopsOptions provides decryption/encryption settings for SOPS (age + pgp)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.