MCPcopy
hub / github.com/getsops/sops / shouldBeEncrypted

Method shouldBeEncrypted

sops.go:437–509  ·  view source on GitHub ↗
(path []string, commentsStack [][]string, isComment bool)

Source from the content-addressed store, hash-verified

435}
436
437func (tree Tree) shouldBeEncrypted(path []string, commentsStack [][]string, isComment bool) bool {
438 encrypted := true
439 if tree.Metadata.UnencryptedSuffix != "" {
440 for _, v := range path {
441 if strings.HasSuffix(v, tree.Metadata.UnencryptedSuffix) {
442 encrypted = false
443 break
444 }
445 }
446 }
447 if tree.Metadata.EncryptedSuffix != "" {
448 encrypted = false
449 for _, v := range path {
450 if strings.HasSuffix(v, tree.Metadata.EncryptedSuffix) {
451 encrypted = true
452 break
453 }
454 }
455 }
456 if tree.Metadata.UnencryptedRegex != "" {
457 for _, p := range path {
458 matched, _ := regexp.Match(tree.Metadata.UnencryptedRegex, []byte(p))
459 if matched {
460 encrypted = false
461 break
462 }
463 }
464 }
465 if tree.Metadata.EncryptedRegex != "" {
466 encrypted = false
467 for _, p := range path {
468 matched, _ := regexp.Match(tree.Metadata.EncryptedRegex, []byte(p))
469 if matched {
470 encrypted = true
471 break
472 }
473 }
474 }
475 if tree.Metadata.UnencryptedCommentRegex != "" {
476 unencryptedComments:
477 for _, cs := range commentsStack {
478 for _, c := range cs {
479 matched, _ := regexp.Match(tree.Metadata.UnencryptedCommentRegex, []byte(c))
480 if matched {
481 encrypted = false
482 break unencryptedComments
483 }
484 }
485 }
486 }
487 if tree.Metadata.EncryptedCommentRegex != "" {
488 lenCommentsStack := len(commentsStack)
489 lenLastCommentsStack := len(commentsStack[lenCommentsStack-1])
490 encrypted = false
491 encryptedComments:
492 for i, cs := range commentsStack {
493 for j, c := range cs {
494 // A special case. We do not encrypt the comment line itself which matches the regex.

Callers 2

EncryptMethod · 0.95
DecryptMethod · 0.95

Calls

no outgoing calls

Tested by

no test coverage detected