MCPcopy Index your code
hub / github.com/getsops/sops / loadAgeSSHIdentities

Method loadAgeSSHIdentities

age/keysource.go:325–391  ·  view source on GitHub ↗

loadAgeSSHIdentity attempts to load age SSH identities in this order: 1. An SSH private key from the SopsAgeSshPrivateKeyFileEnv environment variable. 2. An SSH private key returned by executing the command from the SopsAgeSshPrivateKeyCmdEnv environment variable 3. `~/.ssh/id_ed25519` or `~/.ssh/id

()

Source from the content-addressed store, hash-verified

323// 3. `~/.ssh/id_ed25519` or `~/.ssh/id_rsa`.
324// If no age SSH identity is found, it will return nil.
325func (key *MasterKey) loadAgeSSHIdentities() ([]age.Identity, []string, errSet) {
326 var identities []age.Identity
327 var unusedLocations []string
328 var errs errSet
329
330 sshKeyFilePath, ok := os.LookupEnv(SopsAgeSshPrivateKeyFileEnv)
331 if ok {
332 identity, err := parseSSHIdentityFromPrivateKeyFile(sshKeyFilePath)
333 if err != nil {
334 errs = append(errs, err)
335 } else {
336 identities = append(identities, identity)
337 }
338 } else {
339 unusedLocations = append(unusedLocations, SopsAgeSshPrivateKeyFileEnv)
340 }
341
342 sshKeyCmd, ok := os.LookupEnv(SopsAgeSshPrivateKeyCmdEnv)
343 if ok {
344 out, err := getOutputFromCmd(sshKeyCmd, []string{fmt.Sprintf("%s=%s", SopsAgeRecipientEnv, key.Recipient)})
345 if err != nil {
346 errs = append(errs, err)
347 } else {
348 identity, err := parseSSHIdentityFromPrivateKeyCmdOutput(out)
349 if err != nil {
350 errs = append(errs, err)
351 } else {
352 identities = append(identities, identity)
353 }
354 }
355 } else {
356 unusedLocations = append(unusedLocations, SopsAgeSshPrivateKeyCmdEnv)
357 }
358
359 userHomeDir, err := os.UserHomeDir()
360 if err != nil {
361 errs = append(errs, err)
362 } else if userHomeDir == "" {
363 log.Warnf("could not determine the user home directory: %v", err)
364 } else {
365 sshEd25519PrivateKeyPath := filepath.Join(userHomeDir, ".ssh", "id_ed25519")
366 if _, err := os.Stat(sshEd25519PrivateKeyPath); err == nil {
367 identity, err := parseSSHIdentityFromPrivateKeyFile(sshEd25519PrivateKeyPath)
368 if err != nil {
369 errs = append(errs, err)
370 } else {
371 identities = append(identities, identity)
372 }
373 } else {
374 unusedLocations = append(unusedLocations, sshEd25519PrivateKeyPath)
375 }
376
377 sshRsaPrivateKeyPath := filepath.Join(userHomeDir, ".ssh", "id_rsa")
378 if _, err := os.Stat(sshRsaPrivateKeyPath); err == nil {
379 identity, err := parseSSHIdentityFromPrivateKeyFile(sshRsaPrivateKeyPath)
380 if err != nil {
381 errs = append(errs, err)
382 } else {

Callers 1

loadIdentitiesMethod · 0.95

Calls 4

getOutputFromCmdFunction · 0.85
StatMethod · 0.65

Tested by

no test coverage detected