MCPcopy Index your code
hub / github.com/getsops/sops / ensureKeyHasVersion

Method ensureKeyHasVersion

azkv/keysource.go:173–201  ·  view source on GitHub ↗
(ctx context.Context)

Source from the content-addressed store, hash-verified

171}
172
173func (key *MasterKey) ensureKeyHasVersion(ctx context.Context) error {
174 if key.Version != "" {
175 // Nothing to do
176 return nil
177 }
178
179 token, err := key.getTokenCredential()
180
181 if err != nil {
182 log.WithFields(logrus.Fields{"key": key.Name, "version": key.Version}).Info("Encryption failed")
183 return fmt.Errorf("failed to get Azure token credential to retrieve key version: %w", err)
184 }
185
186 c, err := azkeys.NewClient(key.VaultURL, token, key.clientOptions)
187 if err != nil {
188 log.WithFields(logrus.Fields{"key": key.Name, "version": key.Version}).Info("Encryption failed")
189 return fmt.Errorf("failed to construct Azure Key Vault client to retrieve key version: %w", err)
190 }
191
192 kdetail, err := c.GetKey(ctx, key.Name, key.Version, nil)
193 if err != nil {
194 log.WithFields(logrus.Fields{"key": key.Name, "version": key.Version}).Info("Encryption failed")
195 return fmt.Errorf("failed to fetch Azure Key to retrieve key version: %w", err)
196 }
197 key.Version = kdetail.Key.KID.Version()
198
199 log.WithFields(logrus.Fields{"key": key.Name, "version": key.Version}).Info("Version fetch succeeded")
200 return nil
201}
202
203// EncryptContext takes a SOPS data key, encrypts it with Azure Key Vault, and stores
204// the result in the EncryptedKey field.

Callers 2

NewMasterKeyFromURLFunction · 0.95

Calls 2

getTokenCredentialMethod · 0.95
GetKeyMethod · 0.45

Tested by

no test coverage detected