(group keyGroup)
| 309 | } |
| 310 | |
| 311 | func extractMasterKeys(group keyGroup) (sops.KeyGroup, error) { |
| 312 | var keyGroup sops.KeyGroup |
| 313 | for _, k := range group.Merge { |
| 314 | subKeyGroup, err := extractMasterKeys(k) |
| 315 | if err != nil { |
| 316 | return nil, err |
| 317 | } |
| 318 | keyGroup = append(keyGroup, subKeyGroup...) |
| 319 | } |
| 320 | |
| 321 | for _, k := range group.Age { |
| 322 | keys, err := age.MasterKeysFromRecipients(k) |
| 323 | if err != nil { |
| 324 | return nil, err |
| 325 | } |
| 326 | for _, key := range keys { |
| 327 | keyGroup = append(keyGroup, key) |
| 328 | } |
| 329 | } |
| 330 | for _, k := range group.PGP { |
| 331 | keyGroup = append(keyGroup, pgp.NewMasterKeyFromFingerprint(k)) |
| 332 | } |
| 333 | for _, k := range group.KMS { |
| 334 | keyGroup = append(keyGroup, kms.NewMasterKeyWithProfile(k.Arn, k.Role, k.Context, k.AwsProfile)) |
| 335 | } |
| 336 | for _, k := range group.GCPKMS { |
| 337 | keyGroup = append(keyGroup, gcpkms.NewMasterKeyFromResourceID(k.ResourceID)) |
| 338 | } |
| 339 | for _, k := range group.HCKms { |
| 340 | key, err := hckms.NewMasterKey(k.KeyID) |
| 341 | if err != nil { |
| 342 | return nil, err |
| 343 | } |
| 344 | keyGroup = append(keyGroup, key) |
| 345 | } |
| 346 | for _, k := range group.AzureKV { |
| 347 | if key, err := azkv.NewMasterKeyWithOptionalVersion(k.VaultURL, k.Key, k.Version); err == nil { |
| 348 | keyGroup = append(keyGroup, key) |
| 349 | } else { |
| 350 | return nil, err |
| 351 | } |
| 352 | } |
| 353 | for _, k := range group.Vault { |
| 354 | if masterKey, err := hcvault.NewMasterKeyFromURI(k); err == nil { |
| 355 | keyGroup = append(keyGroup, masterKey) |
| 356 | } else { |
| 357 | return nil, err |
| 358 | } |
| 359 | } |
| 360 | return deduplicateKeygroup(keyGroup), nil |
| 361 | } |
| 362 | |
| 363 | func getKeysWithValidation(getKeysFunc func() ([]string, error), keyType string) ([]string, error) { |
| 364 | keys, err := getKeysFunc() |
no test coverage detected