[feature] support yaml mapping of file pattern to key names
kigster opened this issue · 0 comments
kigster commented
For deploy environments, it may be desired to use different set of keys for development, staging and production, for example, instead of a single key.
This is already possible today, but requires passing the key for each file individually.
It would be nice if sym could maintain a global mapping
file, that would look like this:
#~/.sym.keys.yml
keys: &default
default:
- "#*.txt(\.enc)?$#"
production:
- p.secrets.yml
- "#.*production.*#"
- "#*.prod$#"
staging:
- s.secrets.yml
- "#.*staging.*#"
- "#.*.stage$#"
In the file, second level hash keys are the names of the private keys used for files that match at least one of the patterns provided.
Patterns will be searched top to bottom, with the first matching – exiting the check.
- If the value begins with a "/" or "./" it is assumed to be a file path.
- If the value begins with a "#" it is assumed to be a regex
- otherwise it's assumed to be an exact match.