MCPcopy Index your code
hub / github.com/getsops/sops / loadIdentities

Method loadIdentities

age/keysource.go:411–485  ·  view source on GitHub ↗

loadIdentities attempts to load the age identities based on runtime environment configurations (e.g. SopsAgeKeyEnv, SopsAgeKeyFileEnv, SopsAgeSshPrivateKeyFileEnv, SopsAgeKeyUserConfigPath). It will load all found references, and expects at least one configuration to be present.

()

Source from the content-addressed store, hash-verified

409// SopsAgeSshPrivateKeyFileEnv, SopsAgeKeyUserConfigPath). It will load all
410// found references, and expects at least one configuration to be present.
411func (key *MasterKey) loadIdentities() (ParsedIdentities, []string, errSet) {
412 identities, unusedLocations, errs := key.loadAgeSSHIdentities()
413
414 var readers = make(map[string]identityReader, 0)
415
416 if ageKey, ok := os.LookupEnv(SopsAgeKeyEnv); ok {
417 readers[SopsAgeKeyEnv] = identityReader{
418 reader: strings.NewReader(ageKey),
419 allowMultipleKeysPerLine: true,
420 }
421 } else {
422 unusedLocations = append(unusedLocations, SopsAgeKeyEnv)
423 }
424
425 if ageKeyFile, ok := os.LookupEnv(SopsAgeKeyFileEnv); ok {
426 f, err := os.Open(ageKeyFile)
427 if err != nil {
428 errs = append(errs, fmt.Errorf("failed to open %s file: %w", SopsAgeKeyFileEnv, err))
429 } else {
430 defer f.Close()
431 readers[SopsAgeKeyFileEnv] = identityReader{
432 reader: f,
433 allowMultipleKeysPerLine: false,
434 }
435 }
436 } else {
437 unusedLocations = append(unusedLocations, SopsAgeKeyFileEnv)
438 }
439
440 if ageKeyCmd, ok := os.LookupEnv(SopsAgeKeyCmdEnv); ok {
441 out, err := getOutputFromCmd(ageKeyCmd, []string{fmt.Sprintf("%s=%s", SopsAgeRecipientEnv, key.Recipient)})
442 if err != nil {
443 errs = append(errs, err)
444 } else {
445 readers[SopsAgeKeyCmdEnv] = identityReader{
446 reader: bytes.NewReader(out),
447 allowMultipleKeysPerLine: false,
448 }
449 }
450 } else {
451 unusedLocations = append(unusedLocations, SopsAgeKeyCmdEnv)
452 }
453
454 userConfigDir, err := getUserConfigDir()
455 if err != nil && len(readers) == 0 && len(identities) == 0 {
456 errs = append(errs, fmt.Errorf("user config directory could not be determined: %w", err))
457 } else if userConfigDir != "" {
458 ageKeyFilePath := filepath.Join(userConfigDir, filepath.FromSlash(SopsAgeKeyUserConfigPath))
459 f, err := os.Open(ageKeyFilePath)
460 if err != nil && !errors.Is(err, os.ErrNotExist) {
461 errs = append(errs, fmt.Errorf("failed to open file: %w", err))
462 } else if errors.Is(err, os.ErrNotExist) && len(readers) == 0 && len(identities) == 0 {
463 unusedLocations = append(unusedLocations, ageKeyFilePath)
464 } else if err == nil {
465 defer f.Close()
466 readers[ageKeyFilePath] = identityReader{
467 reader: f,
468 allowMultipleKeysPerLine: false,

Callers 2

DecryptMethod · 0.95

Calls 4

loadAgeSSHIdentitiesMethod · 0.95
getOutputFromCmdFunction · 0.85
getUserConfigDirFunction · 0.85
unwrapIdentitiesFunction · 0.85

Tested by 1