MCPcopy Index your code
hub / github.com/getsops/sops / getKeyGroupsFromCreationRule

Function getKeyGroupsFromCreationRule

config/config.go:371–451  ·  view source on GitHub ↗
(cRule *creationRule, kmsEncryptionContext map[string]*string)

Source from the content-addressed store, hash-verified

369}
370
371func getKeyGroupsFromCreationRule(cRule *creationRule, kmsEncryptionContext map[string]*string) ([]sops.KeyGroup, error) {
372 var groups []sops.KeyGroup
373 if len(cRule.KeyGroups) > 0 {
374 for _, group := range cRule.KeyGroups {
375 keyGroup, err := extractMasterKeys(group)
376 if err != nil {
377 return nil, err
378 }
379 groups = append(groups, keyGroup)
380 }
381 } else {
382 var keyGroup sops.KeyGroup
383 ageKeys, err := getKeysWithValidation(cRule.GetAgeKeys, "age")
384 if err != nil {
385 return nil, err
386 }
387
388 if len(ageKeys) > 0 {
389 ageKeys, err := age.MasterKeysFromRecipients(strings.Join(ageKeys, ","))
390 if err != nil {
391 return nil, err
392 } else {
393 for _, ak := range ageKeys {
394 keyGroup = append(keyGroup, ak)
395 }
396 }
397 }
398 pgpKeys, err := getKeysWithValidation(cRule.GetPGPKeys, "pgp")
399 if err != nil {
400 return nil, err
401 }
402 for _, k := range pgp.MasterKeysFromFingerprintString(strings.Join(pgpKeys, ",")) {
403 keyGroup = append(keyGroup, k)
404 }
405 kmsKeys, err := getKeysWithValidation(cRule.GetKMSKeys, "kms")
406 if err != nil {
407 return nil, err
408 }
409 for _, k := range kms.MasterKeysFromArnString(strings.Join(kmsKeys, ","), kmsEncryptionContext, cRule.AwsProfile) {
410 keyGroup = append(keyGroup, k)
411 }
412 gcpkmsKeys, err := getKeysWithValidation(cRule.GetGCPKMSKeys, "gcpkms")
413 if err != nil {
414 return nil, err
415 }
416 for _, k := range gcpkms.MasterKeysFromResourceIDString(strings.Join(gcpkmsKeys, ",")) {
417 keyGroup = append(keyGroup, k)
418 }
419 hckmsMasterKeys, err := hckms.NewMasterKeyFromKeyIDString(strings.Join(cRule.HCKms, ","))
420 if err != nil {
421 return nil, err
422 }
423 for _, k := range hckmsMasterKeys {
424 keyGroup = append(keyGroup, k)
425 }
426 azKeys, err := getKeysWithValidation(cRule.GetAzureKeyVaultKeys, "azure_keyvault")
427 if err != nil {
428 return nil, err

Callers 1

configFromRuleFunction · 0.85

Calls 9

MasterKeysFromRecipientsFunction · 0.92
MasterKeysFromArnStringFunction · 0.92
MasterKeysFromURLsFunction · 0.92
NewMasterKeysFromURIsFunction · 0.92
extractMasterKeysFunction · 0.85
getKeysWithValidationFunction · 0.85

Tested by

no test coverage detected