How does one use `decrypt.File` provided by the mozilla sops decrypt go module
Janik-Haag opened this issue · 4 comments
Hey I'm running into a similar error to #804
I'm opening this issue because my question is a bit different sorry if this is a duplicate.
my .sops.yaml
basically looks like:
keys:
- &janik age1...
creation_rules:
- path_regex: ^secrets/shared.yaml$
key_groups:
- age:
- *janik
this is a minimal code example to reproduce the behavior:
package main
import (
"fmt"
"go.mozilla.org/sops/decrypt"
)
func main() {
plain, err := decrypt.File("./secrets/shared.yaml", "yaml")
if err != nil {
fmt.Println(fmt.Errorf("Failed to decrypt: %w", err))
}
fmt.Println(plain)
}
if I run the resulting binary it prints:
Failed to decrypt: No keys found in file
[]
I also checked that XDG_CONFIG_HOME is set correctly and decrypting the file with the sops cli utility works just fine and using other tools that implement sops like https://github.com/Mic92/sops-nix/ also works without any problem.
I also checked in the ./secrets/shared.yaml
and it basically looks like:
...
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1...
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
...
-----END AGE ENCRYPTED FILE-----
...
"go.mozilla.org/sops/decrypt"
Please note that the package moved (#1246). It could be that the problem you are encountering is caused by a bug long fixed in this repo.
In any case, the general usage is correct, I tried this with github.com/getsops/sops/v3/decrypt
and a different file to decrypt, and it gave me a long list of bytes :) I don't use age keys though, so maybe the problem is (also) related to that.
Thank you! Changing the url made it work.
I'm glad it was only this and not a real bug 😅