MCPcopy
hub / github.com/getsops/sops / MasterKey

Struct MasterKey

gcpkms/keysource.go:58–86  ·  view source on GitHub ↗

MasterKey is a GCP KMS key used to encrypt and decrypt the SOPS data key.

Source from the content-addressed store, hash-verified

56// MasterKey is a GCP KMS key used to encrypt and decrypt the SOPS
57// data key.
58type MasterKey struct {
59 // ResourceID is the resource id used to refer to the gcp kms key.
60 // It can be retrieved using the `gcloud` command.
61 ResourceID string
62 // EncryptedKey is the string returned after encrypting with GCP KMS.
63 EncryptedKey string
64 // CreationDate is the creation timestamp of the MasterKey. Used
65 // for NeedsRotation.
66 CreationDate time.Time
67
68 // tokenSource contains the oauth2.TokenSource used by the GCP client.
69 // It can be injected by a (local) keyservice.KeyServiceServer using
70 // TokenSource.ApplyToMasterKey.
71 // If nil, the remaining authentication methods are attempted.
72 tokenSource oauth2.TokenSource
73 // credentialJSON is the Service Account credentials JSON used for
74 // authenticating towards the GCP KMS service.
75 credentialJSON []byte
76 // grpcConn can be used to inject a custom GCP client connection.
77 // Mostly useful for testing at present, to wire the client to a mock
78 // server.
79 grpcConn *grpc.ClientConn
80 // grpcDialOpts are the gRPC dial options used to create the gRPC connection.
81 grpcDialOpts []grpc.DialOption
82 // useRESTClient indicates whether to use the REST client for GCP KMS.
83 useRESTClient bool
84 // clientOpts are the client options used to create the GCP KMS client.
85 clientOpts []option.ClientOption
86}
87
88// NewMasterKeyFromResourceID creates a new MasterKey with the provided resource
89// ID.

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected