Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsOfflineMethod ¶
IsOfflineMethod returns true for offline decrypt methods or false otherwise
func NewServer ¶
func NewServer(options ...ServerOption) keyservice.KeyServiceServer
NewServer constructs a new Server, configuring it with the provided options before returning the result. When WithDefaultServer() is not provided as an option, the SOPS server implementation is configured as default.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is a key service server that uses SOPS MasterKeys to fulfill requests. It intercepts Encrypt and Decrypt requests made for key types that need to run in a contained environment, instead of the default implementation which heavily utilizes environment variables or the runtime environment. Any request not handled by the Server is forwarded to the embedded default server.
func (Server) Decrypt ¶
func (ks Server) Decrypt(ctx context.Context, req *keyservice.DecryptRequest) (*keyservice.DecryptResponse, error)
Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result.
func (Server) Encrypt ¶
func (ks Server) Encrypt(ctx context.Context, req *keyservice.EncryptRequest) (*keyservice.EncryptResponse, error)
Encrypt takes an encrypt request and encrypts the provided plaintext with the provided key, returning the encrypted result.
type ServerOption ¶
type ServerOption interface {
// ApplyToServer applies this configuration to the given Server.
ApplyToServer(s *Server)
}
ServerOption is some configuration that modifies the Server.
type WithAWSKeys ¶
type WithAWSKeys struct {
CredsProvider *kms.CredentialsProvider
}
WithAWSKeys configures the AWS credentials on the Server
func (WithAWSKeys) ApplyToServer ¶
func (o WithAWSKeys) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithAgeIdentities ¶
WithAgeIdentities configures the parsed age identities on the Server.
func (WithAgeIdentities) ApplyToServer ¶
func (o WithAgeIdentities) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithAzureToken ¶
type WithAzureToken struct {
Token *azkv.TokenCredential
}
WithAzureToken configures the Azure credential token on the Server.
func (WithAzureToken) ApplyToServer ¶
func (o WithAzureToken) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithDefaultServer ¶
type WithDefaultServer struct {
Server keyservice.KeyServiceServer
}
WithDefaultServer configures the fallback default server on the Server.
func (WithDefaultServer) ApplyToServer ¶
func (o WithDefaultServer) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithGCPCredsJSON ¶
type WithGCPCredsJSON []byte
WithGCPCredsJSON configures the GCP service account credentials JSON on the Server.
func (WithGCPCredsJSON) ApplyToServer ¶
func (o WithGCPCredsJSON) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithGnuPGHome ¶
type WithGnuPGHome string
WithGnuPGHome configures the GnuPG home directory on the Server.
func (WithGnuPGHome) ApplyToServer ¶
func (o WithGnuPGHome) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
type WithVaultToken ¶
type WithVaultToken string
WithVaultToken configures the Hashicorp Vault token on the Server.
func (WithVaultToken) ApplyToServer ¶
func (o WithVaultToken) ApplyToServer(s *Server)
ApplyToServer applies this configuration to the given Server.
Source Files