yaml-crypt
Advanced tools
Comparing version 0.3.1 to 0.3.2
@@ -198,2 +198,3 @@ #!/usr/bin/env node | ||
}); | ||
parser.epilog = 'For more information, visit https://github.com/autoapply/yaml-crypt'; | ||
} else { | ||
@@ -587,2 +588,6 @@ parser.epilog = 'For more details, specify --help'; | ||
function editFile(file, keys, encryptionKey, algorithm, args, config) { | ||
if (!encryptedFile(file)) { | ||
throw new UsageError(`unexpected extension, expecting .yaml-crypt or .yml-crypt: ${file}`); | ||
} | ||
let content; | ||
@@ -589,0 +594,0 @@ try { |
@@ -78,3 +78,3 @@ const yaml = require('js-yaml'); | ||
const knownText = new _KnownText(t, index++, t.algorithm); | ||
types.push(_knownTextType(key, knownText, reencrypt)); | ||
types.push(_knownTextType(knownText, reencrypt)); | ||
return knownText; | ||
@@ -84,2 +84,4 @@ }); | ||
_newTextTypes().forEach(t => types.push(t)); | ||
const schema = yaml.Schema.create(types); | ||
@@ -105,3 +107,3 @@ const str = safeDumpAll(objs, { 'schema': schema }); | ||
function _knownTextType(key, knownText, reencrypt) { | ||
function _knownTextType(knownText, reencrypt) { | ||
return new yaml.Type('!yaml-crypt/:' + knownText.index, { | ||
@@ -122,2 +124,19 @@ kind: 'scalar', | ||
function _newTextTypes() { | ||
const keys = [ | ||
{ 'type': '!yaml-crypt', 'algorithm': yamlcrypt.algorithms[0] } | ||
]; | ||
for (const algorithm of yamlcrypt.algorithms) { | ||
// also allow the usage of just the algorithm name, without version: | ||
const split = algorithm.split(':', 2); | ||
keys.push({ 'type': '!yaml-crypt/' + split[0], 'algorithm': algorithm }); | ||
keys.push({ 'type': '!yaml-crypt/' + algorithm, 'algorithm': algorithm }); | ||
} | ||
return keys.map(key => new yaml.Type(key.type, { | ||
kind: 'scalar', | ||
represent: data => data, | ||
construct: data => new yamlcrypt.Plaintext(data, null, key.algorithm) | ||
})); | ||
} | ||
module.exports.processStrings = processStrings; | ||
@@ -124,0 +143,0 @@ module.exports.processValues = processValues; |
{ | ||
"name": "yaml-crypt", | ||
"version": "0.3.1", | ||
"version": "0.3.2", | ||
"description": "Encrypt and decrypt YAML documents", | ||
@@ -5,0 +5,0 @@ "license": "MIT", |
@@ -31,9 +31,9 @@ # yaml-crypt | ||
$ yaml-crypt --generate-key > my-key | ||
$ yaml-crypt --generate-key > my-key-file | ||
To encrypt all values in a YAML file, run | ||
$ yaml-crypt -k my-key my-file.yaml | ||
$ yaml-crypt -k my-key-file my-file.yaml | ||
This will generate the file `my-file.yaml-crypt`. | ||
This will encrypt the file contents and rename the file to `my-file.yaml-crypt`. | ||
@@ -43,15 +43,17 @@ The operation will be performed based on the file extension, so to decrypt a file, | ||
$ yaml-crypt -k my-key my-file.yaml-crypt | ||
$ yaml-crypt -k my-key-file my-file.yaml-crypt | ||
You can also encrypt only certain parts of a file. Given the following YAML file | ||
apiVersion: v1 | ||
kind: Secret | ||
data: | ||
username: user1 | ||
password: secret123 | ||
```yaml | ||
apiVersion: v1 | ||
kind: Secret | ||
data: | ||
username: user1 | ||
password: secret123 | ||
``` | ||
you can use `--path data` to only encrypt the values `user1` and `secret123`. | ||
Kubernetes secrets are Base64 encoded, so you should use the `--base64` option. | ||
>[Kubernetes](https://kubernetes.io/) secrets are Base64 encoded, so you should also use the `--base64` option. | ||
@@ -63,2 +65,14 @@ It is also possible to directly open encrypted files in an editor, decrypting them | ||
When editing, you can add new encrypted data by specifying the yaml tag `<!yaml-crypt>`: | ||
```yaml | ||
unencrypted: | ||
hello: world | ||
encrypted: | ||
key1: !<!yaml-crypt/:0> secret-key-1 | ||
# add the following line to add a new encrypted entry "key2" to the file, | ||
# which will be encrypted before being written to disk: | ||
key2: !<!yaml-crypt> secret123 | ||
``` | ||
## Configuration | ||
@@ -65,0 +79,0 @@ |
@@ -52,3 +52,3 @@ const fs = require('fs'); | ||
it('should throw an error when passing non-existing files to --edit', () => { | ||
expect(() => runWithKeyFile(['--edit', 'nonexisting'], {}, { 'stdout': new Out() })) | ||
expect(() => runWithKeyFile(['--edit', 'x.yaml-crypt'], {}, { 'stdout': new Out() })) | ||
.to.throw(/file does not exist/); | ||
@@ -55,0 +55,0 @@ }); |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
55362
1313
92