Allow to override fileName with different value #1332
Conversation
felixfontein
force-pushed
the
filename-override
branch
from
f91d5ea to
b93d1dd
Compare
Yeah, documentation is definitely needed. I'll work on that next. |
felixfontein
force-pushed
the
filename-override
branch
from
db1afd7 to
3b973b6
Compare
README.rst
Outdated
| Encrypting and decrypting from other programs | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| When using ``sops`` in scripts or from other programs, there are often situations where you do not want to write encrypted or decrypted data to disk. The best way to avoid this is to pass data to SOPS via stdin, and to let SOPS write data to stdout. By default, the encrypt and decrypt operations write data to stdout already. To pass data via stdin, you need to pass ``/dev/stdin`` as the input filename. Please note that this only works on Unix-like operating systems such as macOS and Linux. On Windows, you have to use named pipes. |
There was a problem hiding this comment.
I'm not sure about Windows here. Is it true that you need named pipes for this? Or is there another mechanism?
There was a problem hiding this comment.
With #1104, it would simply be a -. I would need to revise this to incorporate my own feedback, as it appears the contributor gave up.
There was a problem hiding this comment.
I'll update this section once I have recreated the above.
felixfontein
force-pushed
the
filename-override
branch
from
3b973b6 to
8964088
Compare
| $ sops --decrypt test.enc.yaml | ||
|
|
||
|
|
||
| Encrypting and decrypting from other programs |
There was a problem hiding this comment.
In think we need to line wrap the documentation, as that seems to be the case for the majority of the sections in the README and eases reading in e.g. a terminal.
There was a problem hiding this comment.
I'd actually argue that explicitly wrapping lines is bad, since terminals by default wrap lines and thus you use the full terminal width, as opposed to explicit line wrapping, which looks mostly bad except if it is applied consistently and your terminal is wider than the limit used in the file. But that's something we should look at at another point in time :)
I've wrapped lines to a similar length as other parts of this file for now.
There was a problem hiding this comment.
Besides my comment around linewraping, this looks good to me. Thanks @felixfontein 🙇
felixfontein
force-pushed
the
filename-override
branch
2 times, most recently
from
26c77c7 to
4aac57a
Compare
Signed-off-by: Felix Fontein <felix@fontein.de>
Signed-off-by: Felix Fontein <felix@fontein.de>
Signed-off-by: Felix Fontein <felix@fontein.de>
felixfontein
force-pushed
the
filename-override
branch
from
4aac57a to
2678f2d
Compare
|
@hiddeco thanks a lot for reviewing this! |
This adds a
--filename-overrideparameter which can be used when providing data to encrypt (or decrypt) from/dev/stdin.For example:
echo 'foo: bar' | ~/go/bin/sops --encrypt --filename-override foobar.yaml /dev/stdinwill take the data to encrypt from theechocommand's output, and act as iffoobar.yamlhas been supplied instead of/dev/stdin. This is relevant for finding creation rules in the SOPS configuration, and for determining the input and output type if these are not explicitly specified via--input-typeand--output-type.Fixes #594.