MCPcopy
hub / github.com/getsops/sops / getEncryptConfig

Function getEncryptConfig

cmd/sops/main.go:2112–2236  ·  view source on GitHub ↗
(c *cli.Context, fileName string, inputStore common.Store, optionalConfig *config.Config)

Source from the content-addressed store, hash-verified

2110}
2111
2112func getEncryptConfig(c *cli.Context, fileName string, inputStore common.Store, optionalConfig *config.Config) (encryptConfig, error) {
2113 unencryptedSuffix := c.String("unencrypted-suffix")
2114 encryptedSuffix := c.String("encrypted-suffix")
2115 encryptedRegex := c.String("encrypted-regex")
2116 unencryptedRegex := c.String("unencrypted-regex")
2117 encryptedCommentRegex := c.String("encrypted-comment-regex")
2118 unencryptedCommentRegex := c.String("unencrypted-comment-regex")
2119 macOnlyEncrypted := c.GlobalBool("mac-only-encrypted")
2120 var err error
2121 if optionalConfig == nil {
2122 optionalConfig, err = loadConfig(c, fileName, nil)
2123 if err != nil {
2124 return encryptConfig{}, toExitError(err)
2125 }
2126 }
2127 if optionalConfig != nil {
2128 // command line options have precedence
2129 if unencryptedSuffix == "" {
2130 unencryptedSuffix = optionalConfig.UnencryptedSuffix
2131 }
2132 if encryptedSuffix == "" {
2133 encryptedSuffix = optionalConfig.EncryptedSuffix
2134 }
2135 if encryptedRegex == "" {
2136 encryptedRegex = optionalConfig.EncryptedRegex
2137 }
2138 if unencryptedRegex == "" {
2139 unencryptedRegex = optionalConfig.UnencryptedRegex
2140 }
2141 if encryptedCommentRegex == "" {
2142 encryptedCommentRegex = optionalConfig.EncryptedCommentRegex
2143 }
2144 if unencryptedCommentRegex == "" {
2145 unencryptedCommentRegex = optionalConfig.UnencryptedCommentRegex
2146 }
2147 if !macOnlyEncrypted {
2148 macOnlyEncrypted = optionalConfig.MACOnlyEncrypted
2149 }
2150 }
2151
2152 isSingleValueStore := false
2153 if svs, ok := inputStore.(sops.SingleValueStore); ok {
2154 isSingleValueStore = svs.IsSingleValueStore()
2155 }
2156
2157 if isSingleValueStore {
2158 // Warn about settings that potentially disable encryption of the single key.
2159 if unencryptedSuffix != "" {
2160 log.Warn(fmt.Sprintf("Using an unencrypted suffix does not make sense with the input store (the %s store produces one key that should always be encrypted) and will be ignored.", inputStore.Name()))
2161 }
2162 if encryptedSuffix != "" {
2163 log.Warn(fmt.Sprintf("Using an encrypted suffix does not make sense with the input store (the %s store produces one key that should always be encrypted) and will be ignored.", inputStore.Name()))
2164 }
2165 if encryptedRegex != "" {
2166 log.Warn(fmt.Sprintf("Using an encrypted regex does not make sense with the input store (the %s store produces one key that should always be encrypted) and will be ignored.", inputStore.Name()))
2167 }
2168 if unencryptedRegex != "" {
2169 log.Warn(fmt.Sprintf("Using an unencrypted regex does not make sense with the input store (the %s store produces one key that should always be encrypted) and will be ignored.", inputStore.Name()))

Callers 1

mainFunction · 0.85

Calls 8

NewExitErrorFunction · 0.92
loadConfigFunction · 0.85
toExitErrorFunction · 0.85
keyGroupsFunction · 0.85
shamirThresholdFunction · 0.85
IsSingleValueStoreMethod · 0.65
NameMethod · 0.65
StringMethod · 0.45

Tested by

no test coverage detected