-
Notifications
You must be signed in to change notification settings - Fork 833
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add specific status code for sops errors #1245
Open
kaedwen
wants to merge
136
commits into
getsops:main
Choose a base branch
from
kaedwen:main
base: main
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 1 commit
Commits
Show all changes
136 commits
Select commit
Hold shift + click to select a range
430d327
add specific sops error handling with status code
kaedwen 4125f2d
Delete obsolete `validation/` artifact
hiddeco 2267fdd
gcpkms: allow use of Google default credentials
hiddeco 565cf52
Revert intro of `WithError` for most key sources
hiddeco 2957fe9
Rename Go module to `github.com/getsops/sops/v3`
hiddeco 1d8e164
Remove "download page" generator
hiddeco bbb2139
kms: update dependencies
hiddeco f10b437
gcpkms: update GCP related dependencies
hiddeco f1d8a45
azkv: update dependencies
hiddeco 1ba02bd
docs: update Azure default credential chain info
hiddeco 0311827
release: outline release logic using GoReleaser
hiddeco 45121cf
release: configure build of Docker images
hiddeco 3faed48
release: sign checksum file and images with cosign
hiddeco 553e1ee
release: enable GitHub native note generation
hiddeco 156c6ce
release: add release configuration
hiddeco aac7fae
release: publish container images to GHCR and Quay
hiddeco 1033516
release: download modules and check dirty state
hiddeco 7de7a6e
build: outline new release workflow
hiddeco 4403a77
release: remove stale Make target utilities
hiddeco 8289263
release: small nits
hiddeco f59dd8e
release: refactor backwards compatible artifacts
hiddeco 212c95d
release: extend timeout
hiddeco a98c47e
release: further improve build flags
hiddeco f5ce84e
release: pin GoReleaser version
hiddeco d52cc76
release: artifact, SBOM and container provenance
hiddeco 1eed2ed
release: backwards compatible tag fmt, changelog
hiddeco 09f96e8
release: further solve backwards compatible names
hiddeco 16ac13b
build: remove obsolete Dockerfiles
hiddeco 47669ef
release: tweak signature and certificate filenames
hiddeco 20d50c3
release: disable Go cache for workflow
hiddeco 9aeb417
release: improve release notes
hiddeco ba1e883
release: remove DockerHub release util script
hiddeco 07f74b6
build: add `release-snapshot` Make target
hiddeco 2dc75d9
docs: briefly outline release procedure
hiddeco 82f4163
release: update GoReleaser to 1.20.0
hiddeco 24ccda0
release: further improvements based on feedback
hiddeco 0f669f4
docs: rename `mozilla/sops` -> `getsops/sops`
hiddeco 5631d1e
docs: update contributing guidelines
hiddeco 19cf49e
docs: update authors section in README
hiddeco 29619db
docs: update security section
hiddeco dd200ce
docs: add CNCF footer
hiddeco 9a58697
docs: add note to motivation section
hiddeco be49ee0
Only report version check when it can be
stoned a4fef71
Add missing --encrypt flag from Vault example
hrobertson 4f8267a
fix: `set` feature when adding a new root hierarchy
vbehar 1099803
Sort sops parameters in dotenv file
Jdban ea5502b
Add a test for dotenv output ordering
edofic 4f71b76
Add documentation on how to use age in.sops.yaml
hramberger d6579e8
Clean up more Mozilla references
Gobd a46df07
build: actually run `go vet` for whole project
hiddeco 0b495cb
*: solve `go vet` errors
hiddeco 496705c
build: replace `golint` with `staticcheck`
hiddeco a356b37
*: address various simple `staticcheck` warnings
hiddeco 751c1f7
build: remove `test.sh` wrapper
hiddeco 5a8d6d2
build: ignore `functional-tests/sops`
hiddeco 6cf3ab5
build: ensure Syft is installed
hiddeco da9b9aa
build: add `clean` and delete `tag`
hiddeco 31eb43c
Update dependencies
hiddeco 1c8f44c
release: properly enquote version ldflag
hiddeco 56df701
version: rewrite command to use GitHub endpoints
hiddeco 00b2e77
gcpkms: further deal with Google SDK deprecations
hiddeco 2df6223
*: deal with various gRPC deprecations
hiddeco 46d3f5f
kms: use `BaseEndpoint` for testing
hiddeco 0634019
*: `strings.Title` deprecation
hiddeco 212e0ab
cmd/edit: close temp file before invoking editor
hiddeco efacb09
cmd/edit: switch from MD5 to SHA-256 for checksum
hiddeco e429336
build: ensure clean working tree
hiddeco d389b32
build: address out-of-sync `go.mod`
hiddeco 6bb00f9
build: remove obsolete step & improve readability
hiddeco e9946be
Fix formatting
felixfontein bd965c0
Prepare v3.8.0-rc.1
hiddeco b9a8076
chore: update dependencies
hiddeco 72b41a6
build: pin actions to full length commit SHA
hiddeco d977df3
build: add CodeQL workflow
hiddeco 083239c
Enable Dependabot for Docker, GH Actions and Go
hiddeco 59bf2f1
build(deps): Bump the go group with 2 updates
dependabot[bot] 6f054da
build(deps): Bump the ci group with 6 updates
dependabot[bot] c26580d
release: generate versioned `.intoto.jsonl`
hiddeco d9dcd44
build: fix indentation Dependabot file
hiddeco da64d83
pgp: remove `DisableAgent` option
hiddeco 51a4b4c
keyservices: address logging regression
hiddeco c26b4c9
chore: update dependencies
hiddeco 2a3bfe3
Prepare v3.8.0
hiddeco 00100ab
build(deps): Bump the ci group with 3 updates
dependabot[bot] 7e454de
pgp: improve handling of GnuPG home dir
hiddeco bc89a1d
pgp: remove `--no-default-keyring` argument
hiddeco 757ac25
Delete sops encrypted file we don't have keys for.
felixfontein c7001db
Improve handling of errors when binary store handles bad data
felixfontein 591498d
On macOS, prefer XDG_CONFIG_HOME over os.UserConfigDir()
felixfontein 49298c3
Reject completely empty documents.
felixfontein 6fd47e2
Fix descriptions of unencrypted-regex and encrypted-regex flags.
mitar 82e482f
build(deps): Bump the go group with 4 updates
dependabot[bot] c8d644e
build(deps): Bump the ci group with 1 update
dependabot[bot] 539d541
Fix versions in comments
felixfontein 2cce4a6
Handle return values of dec.Token() to improve error messages.
felixfontein ce2ec69
Make error the last return value
felixfontein de6e1d5
pgp: do not require abs path for SopsGpgExecEnv
holiman be40257
decrypt: fix dropped error
alrs 4b65127
Ignore irrelevant return value (it is always nil).
felixfontein 3fc121d
Handle unhandled errors.
felixfontein c9cc5f8
Defer only after checking err.
felixfontein f298b80
Check err for nil in tests.
felixfontein a9848ba
Report key rotation errors.
felixfontein 6cd3d67
Make sure to wrap raw errors with toExitError().
felixfontein ffcacf0
build(deps): Bump the go group with 7 updates
dependabot[bot] 26d922d
docs: document AWS environment variables
nsantiago2719 1d96c0c
pgp: better error reporting for missing GPG binary
408c9d6
pgp: further improve import error format
hiddeco 8e21a88
Improve RST files (with rstcheck feedback).
felixfontein 28eb25e
Improve MD files (with mdl feedback).
felixfontein 70dc521
Normalize indentation for code blocks and YAML files.
felixfontein 292cde5
Normalize SOPS usages.
felixfontein ee4cdbd
Change some SOPSs back to sops.
felixfontein 3071274
Add workflow for rstcheck and mdl.
felixfontein 6c75c3b
Add checkdocs, checkrst, and checkmd make targets.
felixfontein d55ba79
Add section in CONTRIBUTING.md on docs changes.
felixfontein 59d85b8
Update dependencies
hiddeco 4135d8b
Release v3.8.1
hiddeco d9a12ce
config: respect `aws_profile` from group config
Kouzukii c9352b3
docs: add aws_profile to creation_rules examples
Kouzukii 3262d55
kms: add minimal test for `NewMasterKeyWithProfile`
hiddeco 2dc648f
build(deps): Bump the go group with 6 updates
dependabot[bot] faec355
kms: improve AWS profile test
hiddeco 385d6f5
build(deps): Bump the go group with 3 updates
dependabot[bot] dc2a752
build(deps): Bump the go group with 1 update
dependabot[bot] 0a2a58b
build(deps): Bump github.com/docker/docker
dependabot[bot] 13e567e
build(deps): Bump the go group with 3 updates
dependabot[bot] 02c6597
Improve README.rst
Ph0tonic 68ae61b
Fix typos.
felixfontein 5934484
build(deps): Bump the go group with 7 updates
dependabot[bot] d040aae
Support computing MAC only over values which end up encrypted
mitar 00a0272
build(deps): Bump the ci group with 1 update
dependabot[bot] 43d0674
build(deps): Bump the go group with 7 updates
dependabot[bot] 8b04fd7
Correctly tag code as yaml-stream
felixfontein 3f7b7ff
use defined codes
kaedwen 121a331
Merge branch 'main' into main
kaedwen File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -58,17 +58,24 @@ import ( | |
// DefaultUnencryptedSuffix is the default suffix a TreeItem key has to end with for sops to leave its Value unencrypted | ||
const DefaultUnencryptedSuffix = "_unencrypted" | ||
|
||
type sopsError string | ||
type SopsError struct { | ||
exitCode int | ||
message string | ||
} | ||
|
||
func (e SopsError) ExitCode() int { | ||
return e.exitCode | ||
} | ||
|
||
func (e sopsError) Error() string { | ||
return string(e) | ||
func (e SopsError) Error() string { | ||
return e.message | ||
} | ||
|
||
// MacMismatch occurs when the computed MAC does not match the expected ones | ||
const MacMismatch = sopsError("MAC mismatch") | ||
var MacMismatch = &SopsError{10, "MAC mismatch"} | ||
|
||
// MetadataNotFound occurs when the input file is malformed and doesn't have sops metadata in it | ||
const MetadataNotFound = sopsError("sops metadata not found") | ||
var MetadataNotFound = &SopsError{11, "sops metadata not found"} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. There is no code yet for that, a new constant should be added to cmd/sops/codes/codes.go and used here. |
||
|
||
var log *logrus.Logger | ||
|
||
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please note that there is already another exit code defined in cmd/sops/codes/codes.go. Please use the constants from there.