-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Conversation
@@ -207,7 +208,7 @@ func loadFile(path string, sopsEnabled bool) ([]byte, error) { | |||
if err != nil { | |||
return nil, err | |||
} | |||
if sopsEnabled { | |||
if sopsEnabled && strings.Contains(string(bytes), "sops:") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bytes.Contains(bytes, []byte("sops:"))
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(you'll have to rename the variable of course)
436abc6
to
a9cd969
Compare
/rebase |
Decrypt YAMLs with SOPS only if the file has a 'sops' field, this should speed up the apply time for large repositories.
e856f43
to
59fcadd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This might allow some false positives (e.g., keys ending in sops:
), but that won't matter, since SOPS will figure that out.
if err != nil { | ||
return nil, err | ||
} | ||
if sopsEnabled { | ||
return softDecrypt(bytes) | ||
if sopsEnabled && bytes.Contains(fileBytes, []byte("sops:")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unlikely to be triggered IRL, but this disables sops for JSON-like content of yaml files
Changes: