Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve README.rst #1339

Merged
merged 1 commit into from
Nov 3, 2023
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,7 @@ configuration directory. On Linux, this would be ``$XDG_CONFIG_HOME/sops/age/key
On macOS, this would be ``$HOME/Library/Application Support/sops/age/keys.txt``. On
Windows, this would be ``%AppData%\sops\age\keys.txt``. You can specify the location
of this file manually by setting the environment variable **SOPS_AGE_KEY_FILE**.
Alternatively you can provide the the key(s) directly by setting the **SOPS_AGE_KEY**
Alternatively, you can provide the key(s) directly by setting the **SOPS_AGE_KEY**
environment variable.

The contents of this key file should be a list of age X25519 identities, one
Expand Down Expand Up @@ -483,7 +483,7 @@ with the freshly added master keys. The removed entries are simply deleted from
the file.
When removing keys, it is recommended to rotate the data key using ``-r``,
otherwise owners of the removed key may have add access to the data key in the
otherwise, owners of the removed key may have add access to the data key in the
past.
KMS AWS Profiles
Expand Down Expand Up @@ -566,7 +566,7 @@ SOPS has the ability to use `AWS KMS key policy and encryption context
<http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html>`_
to refine the access control of a given KMS master key.
When creating a new file, you can specify encryption context in the
When creating a new file, you can specify the encryption context in the
``--encryption-context`` flag by comma separated list of key-value pairs:
.. code:: sh
Expand Down Expand Up @@ -977,7 +977,7 @@ written to disk.
If the command you want to run only operates on files, you can use ``exec-file``
instead. By default SOPS will use a FIFO to pass the contents of the
instead. By default, SOPS will use a FIFO to pass the contents of the
decrypted file to the new program. Using a FIFO, secrets are only passed in
memory which has two benefits: the plaintext secrets never touch the disk, and
the child process can only read the secrets once. In contexts where this won't
Expand Down Expand Up @@ -1094,8 +1094,8 @@ configuring the client.
``vault_kv_mount_name`` is used if your Vault KV is mounted somewhere other than ``secret/``.
``vault_kv_version`` supports ``1`` and ``2``, with ``2`` being the default.
If destination secret path already exists in Vault and contains same data as the source file, it
will be skipped.
If the destination secret path already exists in Vault and contains the same data as the source
file, it will be skipped.
Below is an example of publishing to Vault (using token auth with a local dev instance of Vault).
Expand Down Expand Up @@ -1445,7 +1445,7 @@ will encrypt the values under the ``data`` and ``stringData`` keys in a YAML fil
containing kubernetes secrets. It will not encrypt other values that help you to
navigate the file, like ``metadata`` which contains the secrets' names.
Conversely, you can opt in to only left certain keys without encrypting by using the
Conversely, you can opt in to only leave certain keys without encrypting by using the
``--unencrypted-regex`` option, which will leave the values unencrypted of those keys
that match the supplied regular expression. For example, this command:
Expand Down
Loading