encryption

package

v0.89.0-rc.2 Latest Latest Go to latest Published: May 17, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kimdre/doco-cd

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DecryptContent(content []byte, format string) ([]byte, error)
func DecryptFile(path string) ([]byte, error)
func DecryptFileInPlace(path string) (bool, error)
func DecryptFilesInDirectory(repoPath, dirPath string) ([]string, error)
func GetFileFormat(path string) string
func IsEncryptedContent(content string) bool
func IsEncryptedFile(path string) (bool, error)
func SetupAgeKeyEnvVar(t *testing.T)
func SopsKeyIsSet() bool

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrSopsKeyNotSet = errors.New("SOPS secret key is not set")

View Source

var IgnoreDirs = []string{
	".git",
	".github",
	".vscode",
	".idea",
	"node_modules",
}

IgnoreDirs is a list of directories that will be ignored when checking for SOPS-encrypted files. These directories typically contain configuration or metadata files that are not relevant for encryption.

Functions ¶

func DecryptContent ¶ added in v0.42.0

func DecryptContent(content []byte, format string) ([]byte, error)

func DecryptFile ¶

func DecryptFile(path string) ([]byte, error)

DecryptFile decrypts a SOPS-encrypted file at the given path and returns its contents as a byte slice.

func DecryptFileInPlace ¶ added in v0.74.0

func DecryptFileInPlace(path string) (bool, error)

DecryptFileInPlace decrypts a SOPS-encrypted file at the given path and overwrites it with the decrypted content. If the file is encrypted and successfully decrypted, it returns true. If the file is not encrypted, it returns false without modifying the file. The repoPath parameter is used to ensure that the file being decrypted is within the trusted repository root, preventing potential security issues with symlinks or path traversal.

func DecryptFilesInDirectory ¶ added in v0.42.0

func DecryptFilesInDirectory(repoPath, dirPath string) ([]string, error)

DecryptFilesInDirectory walks through the specified directory and decrypts all SOPS-encrypted files.

func GetFileFormat ¶ added in v0.42.0

func GetFileFormat(path string) string

func IsEncryptedContent ¶ added in v0.42.0

func IsEncryptedContent(content string) bool

IsEncryptedContent checks the given content for SOPS-specific markers to determine if it is a SOPS-encrypted file.

func IsEncryptedFile ¶

func IsEncryptedFile(path string) (bool, error)

IsEncryptedFile checks if the file at the given path is a SOPS-encrypted file.

func SetupAgeKeyEnvVar ¶

func SetupAgeKeyEnvVar(t *testing.T)

SetupAgeKeyEnvVar sets the SOPS_AGE_KEY environment variable for testing purposes.

func SopsKeyIsSet ¶

func SopsKeyIsSet() bool

SopsKeyIsSet checks if an env var starting with SOPS_ is set. It runs only once and caches the result.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL