You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I understand that its whole purpose is managing encrypted values in yaml, but it comes so close to an overall sops replacement, and I wonder if this feature from sops might be considered in scope here, or not.
Sometimes a program will require a non-yaml file with sensitive details or credentials, and it would be very handy to use yage for this case as well.
I'll post the help output for sops exec-file below. In my cases I generally only use the --no-fifo flag to satisfy the consuming program's expectations, and depend on a .sops.yaml rules file to specify which keys to use, based on the encrypted file's filename.
NAME:
sops exec-file - execute a command with the decrypted contents as a temporary file
USAGE:
sops exec-file [command options] [file to decrypt] [command to run]
OPTIONS:
--background background the process and don't wait for it to complete (DEPRECATED)
--no-fifo use a regular file instead of a fifo to temporarily hold the decrypted contents
--user value the user to run the command as
--input-type value currently ini, json, yaml, dotenv and binary are supported. If not set, sops will use the file's extension to determine the type
--output-type value currently ini, json, yaml, dotenv and binary are supported. If not set, sops will use the input file's extension to determine the output format
--filename value filename for the temporarily file (default: tmp-file)
--enable-local-keyservice use local key service
--keyservice value Specify the key services to use in addition to the local one. Can be specified more than once. Syntax: protocol://address. Example: tcp://myserver.com:5000
I guess it's not explained there, but the way sops does it is it takes the command to run as a string, and replaces {} with the temporary file path. Maybe yage can improve on that design -- I'm just looking for any way to run a command with a temporary decrypted arbitrary-format/content file at a known path.
The text was updated successfully, but these errors were encountered:
Hi, and thanks for this project!
I understand that its whole purpose is managing encrypted values in yaml, but it comes so close to an overall sops replacement, and I wonder if this feature from sops might be considered in scope here, or not.
Sometimes a program will require a non-yaml file with sensitive details or credentials, and it would be very handy to use yage for this case as well.
I'll post the help output for sops exec-file below. In my cases I generally only use the
--no-fifoflag to satisfy the consuming program's expectations, and depend on a.sops.yamlrules file to specify which keys to use, based on the encrypted file's filename.I guess it's not explained there, but the way sops does it is it takes the command to run as a string, and replaces
{}with the temporary file path. Maybe yage can improve on that design -- I'm just looking for any way to run a command with a temporary decrypted arbitrary-format/content file at a known path.The text was updated successfully, but these errors were encountered: