Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsOfflineMethod ¶ added in v0.28.0
IsOfflineMethod returns true for offline decrypt methods or false otherwise
func NewServer ¶
func NewServer(options ...ServerOption) keyservice.KeyServiceServer
NewServer constructs a new Server, configuring it with the provided options before returning the result. When WithDefaultServer() is not provided as an option, the SOPS server implementation is configured as default.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is a key service server that uses SOPS MasterKeys to fulfill requests. It intercepts Encrypt and Decrypt requests made for key types that need to run in a contained environment, instead of the default implementation which heavily utilizes environment variables or the runtime environment. Any request not handled by the Server is forwarded to the embedded default server.
func (Server) Decrypt ¶
func (ks Server) Decrypt(ctx context.Context, req *keyservice.DecryptRequest) (*keyservice.DecryptResponse, error)
Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result.
func (Server) Encrypt ¶
func (ks Server) Encrypt(ctx context.Context, req *keyservice.EncryptRequest) (*keyservice.EncryptResponse, error)
Encrypt takes an encrypt request and encrypts the provided plaintext with the provided key, returning the encrypted result.
type ServerOption ¶ added in v0.23.0
type ServerOption interface {
// ApplyToServer applies this configuration to the given Server.
ApplyToServer(s *Server)
}
ServerOption is some configuration that modifies the Server.
type WithAWSKeys ¶ added in v0.26.0
type WithAWSKeys struct {
CredsProvider *awskms.CredentialsProvider
}
WithAWSKeys configures the AWS credentials on the Server
func (WithAWSKeys) ApplyToServer ¶ added in v0.26.0
func (o WithAWSKeys) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithAgeIdentities ¶ added in v0.23.0
WithAgeIdentities configures the parsed age identities on the Server.
func (WithAgeIdentities) ApplyToServer ¶ added in v0.23.0
func (o WithAgeIdentities) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithAzureToken ¶ added in v0.23.0
type WithAzureToken struct {
Token *azkv.TokenCredential
}
WithAzureToken configures the Azure credential token on the Server.
func (WithAzureToken) ApplyToServer ¶ added in v0.23.0
func (o WithAzureToken) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithDefaultServer ¶ added in v0.23.0
type WithDefaultServer struct {
Server keyservice.KeyServiceServer
}
WithDefaultServer configures the fallback default server on the Server.
func (WithDefaultServer) ApplyToServer ¶ added in v0.23.0
func (o WithDefaultServer) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithGCPCredsJSON ¶ added in v0.26.0
type WithGCPCredsJSON []byte
WithGCPCredsJSON configures the GCP service account credentials JSON on the Server.
func (WithGCPCredsJSON) ApplyToServer ¶ added in v0.26.0
func (o WithGCPCredsJSON) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithGnuPGHome ¶ added in v0.23.0
type WithGnuPGHome string
WithGnuPGHome configures the GnuPG home directory on the Server.
func (WithGnuPGHome) ApplyToServer ¶ added in v0.23.0
func (o WithGnuPGHome) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithVaultToken ¶ added in v0.23.0
type WithVaultToken string
WithVaultToken configures the Hashicorp Vault token on the Server.
func (WithVaultToken) ApplyToServer ¶ added in v0.23.0
func (o WithVaultToken) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
Source Files