[feature] support yaml mapping of file pattern to key names

Question

[feature] support yaml mapping of file pattern to key names

kigster opened this issue 8 years ago · 0 comments

For deploy environments, it may be desired to use different set of keys for development, staging and production, for example, instead of a single key.

This is already possible today, but requires passing the key for each file individually.

It would be nice if sym could maintain a global mapping file, that would look like this:

#~/.sym.keys.yml
keys: &default
  default:
      - "#*.txt(\.enc)?$#"
  production:
     - p.secrets.yml
     - "#.*production.*#"
     - "#*.prod$#"
  staging:
     - s.secrets.yml
     - "#.*staging.*#"
     - "#.*.stage$#"

In the file, second level hash keys are the names of the private keys used for files that match at least one of the patterns provided.

Patterns will be searched top to bottom, with the first matching – exiting the check.

If the value begins with a "/" or "./" it is assumed to be a file path.
If the value begins with a "#" it is assumed to be a regex
otherwise it's assumed to be an exact match.