sops
This module provides functionality for working with [Mozilla SOPS](https://github.com/getsops/sops)in a Dagger pipeline. It supports encrypting and decrypting files using an AGE key.
Files are mounted into a container and processed using the `sops` CLI tool.
The `DecryptSops` function decrypts a file with the given SOPS key and returns its plaintext content.
The `EncryptSops` function encrypts a plaintext file using the same SOPS key and returns the encrypted content.
Installation
dagger install github.com/stuttgart-things/dagger/sops@v0.13.0Entrypoint
Return Type
SopsExample
dagger -m github.com/stuttgart-things/dagger/sops@db530d4a1cbc0373f29fa75d6cf4e860cc3a07c0 call \
func (m *MyModule) Example() *dagger.Sops {
return dag.
Sops()
}@function
def example() -> dagger.Sops:
return (
dag.sops()
)@func()
example(): Sops {
return dag
.sops()
}Types
Sops 🔗
baseImage() 🔗
Return Type
String !Example
dagger -m github.com/stuttgart-things/dagger/sops@db530d4a1cbc0373f29fa75d6cf4e860cc3a07c0 call \
base-imagefunc (m *MyModule) Example(ctx context.Context) string {
return dag.
Sops().
BaseImage(ctx)
}@function
async def example() -> str:
return await (
dag.sops()
.base_image()
)@func()
async example(): Promise<string> {
return dag
.sops()
.baseImage()
}decryptSops() 🔗
Return Type
String !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| sopsKey | Secret ! | - | No description provided |
| encryptedFile | File ! | - | No description provided |
Example
dagger -m github.com/stuttgart-things/dagger/sops@db530d4a1cbc0373f29fa75d6cf4e860cc3a07c0 call \
decrypt-sops --sops-key env:MYSECRET --encrypted-file file:pathfunc (m *MyModule) Example(ctx context.Context, sopsKey *dagger.Secret, encryptedFile *dagger.File) string {
return dag.
Sops().
DecryptSops(ctx, sopsKey, encryptedFile)
}@function
async def example(sops_key: dagger.Secret, encrypted_file: dagger.File) -> str:
return await (
dag.sops()
.decrypt_sops(sops_key, encrypted_file)
)@func()
async example(sopsKey: Secret, encryptedFile: File): Promise<string> {
return dag
.sops()
.decryptSops(sopsKey, encryptedFile)
}encrypt() 🔗
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| ageKey | Secret ! | - | No description provided |
| plaintextFile | File ! | - | No description provided |
| fileExtension | String ! | - | e.g., "yaml", "json", "env" |
| sopsConfig | File ! | - | Optional: ~/.sops.yaml config file |
Example
dagger -m github.com/stuttgart-things/dagger/sops@db530d4a1cbc0373f29fa75d6cf4e860cc3a07c0 call \
encrypt --age-key env:MYSECRET --plaintext-file file:path --file-extension string --sops-config file:pathfunc (m *MyModule) Example(ageKey *dagger.Secret, plaintextFile *dagger.File, fileExtension string, sopsConfig *dagger.File) *dagger.File {
return dag.
Sops().
Encrypt(ageKey, plaintextFile, fileExtension, sopsConfig)
}@function
def example(age_key: dagger.Secret, plaintext_file: dagger.File, file_extension: str, sops_config: dagger.File) -> dagger.File:
return (
dag.sops()
.encrypt(age_key, plaintext_file, file_extension, sops_config)
)@func()
example(ageKey: Secret, plaintextFile: File, fileExtension: string, sopsConfig: File): File {
return dag
.sops()
.encrypt(ageKey, plaintextFile, fileExtension, sopsConfig)
}