(c *cli.Context, file string, optionalConfig *config.Config)
| 2426 | } |
| 2427 | |
| 2428 | func keyGroups(c *cli.Context, file string, optionalConfig *config.Config) ([]sops.KeyGroup, error) { |
| 2429 | var kmsKeys []keys.MasterKey |
| 2430 | var pgpKeys []keys.MasterKey |
| 2431 | var cloudKmsKeys []keys.MasterKey |
| 2432 | var azkvKeys []keys.MasterKey |
| 2433 | var hcVaultMkKeys []keys.MasterKey |
| 2434 | var hckmsMkKeys []keys.MasterKey |
| 2435 | var ageMasterKeys []keys.MasterKey |
| 2436 | kmsEncryptionContext := kms.ParseKMSContext(c.String("encryption-context")) |
| 2437 | if c.String("encryption-context") != "" && kmsEncryptionContext == nil { |
| 2438 | return nil, common.NewExitError("Invalid KMS encryption context format", codes.ErrorInvalidKMSEncryptionContextFormat) |
| 2439 | } |
| 2440 | if c.String("kms") != "" { |
| 2441 | for _, k := range kms.MasterKeysFromArnString(c.String("kms"), kmsEncryptionContext, c.String("aws-profile")) { |
| 2442 | kmsKeys = append(kmsKeys, k) |
| 2443 | } |
| 2444 | } |
| 2445 | if c.String("gcp-kms") != "" { |
| 2446 | for _, k := range gcpkms.MasterKeysFromResourceIDString(c.String("gcp-kms")) { |
| 2447 | cloudKmsKeys = append(cloudKmsKeys, k) |
| 2448 | } |
| 2449 | } |
| 2450 | if c.String("hckms") != "" { |
| 2451 | hckmsKeys, err := hckms.NewMasterKeyFromKeyIDString(c.String("hckms")) |
| 2452 | if err != nil { |
| 2453 | return nil, err |
| 2454 | } |
| 2455 | for _, k := range hckmsKeys { |
| 2456 | hckmsMkKeys = append(hckmsMkKeys, k) |
| 2457 | } |
| 2458 | } |
| 2459 | if c.String("azure-kv") != "" { |
| 2460 | azureKeys, err := azkv.MasterKeysFromURLs(c.String("azure-kv")) |
| 2461 | if err != nil { |
| 2462 | return nil, err |
| 2463 | } |
| 2464 | for _, k := range azureKeys { |
| 2465 | azkvKeys = append(azkvKeys, k) |
| 2466 | } |
| 2467 | } |
| 2468 | if c.String("hc-vault-transit") != "" { |
| 2469 | hcVaultKeys, err := hcvault.NewMasterKeysFromURIs(c.String("hc-vault-transit")) |
| 2470 | if err != nil { |
| 2471 | return nil, err |
| 2472 | } |
| 2473 | for _, k := range hcVaultKeys { |
| 2474 | hcVaultMkKeys = append(hcVaultMkKeys, k) |
| 2475 | } |
| 2476 | } |
| 2477 | if c.String("pgp") != "" { |
| 2478 | for _, k := range pgp.MasterKeysFromFingerprintString(c.String("pgp")) { |
| 2479 | pgpKeys = append(pgpKeys, k) |
| 2480 | } |
| 2481 | } |
| 2482 | if c.String("age") != "" { |
| 2483 | ageKeys, err := age.MasterKeysFromRecipients(c.String("age")) |
| 2484 | if err != nil { |
| 2485 | return nil, err |
no test coverage detected