-
Notifications
You must be signed in to change notification settings - Fork 0
/
sops.py
48 lines (37 loc) · 1.11 KB
/
sops.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
"""
Calls sops to encrypt or decrypt a file
"""
import subprocess
import yaml
import sys
import os
def is_enc(file):
with open(file, "r") as f:
doc = yaml.load(f, Loader=yaml.FullLoader)
try:
doc["sops"]["version"]
except (KeyError, TypeError):
return False
return True
def encrypt(infile, inplace=True, outfile=sys.stdout):
sops_args = ["-e", "--output-type", "yaml", "--input-type", "yaml"]
__sops(sops_args, infile, inplace, outfile)
def decrypt(infile, inplace=True, outfile=sys.stdout):
sops_args = ["-d", "--input-type", "yaml", "--output-type", "yaml"]
__sops(sops_args, infile, inplace, outfile)
def __sops(args, infile, inplace, outfile):
"""
args are the first sops arguments
"""
args.insert(0, "sops")
f = os.path.basename(infile)
wd = os.path.dirname(infile)
if not wd:
wd = os.getcwd()
if inplace:
args.extend(["-i", f])
process = subprocess.run(args, cwd=wd)
else:
args.append(f)
process = subprocess.run(args, stdout=outfile, cwd=wd)
process.check_returncode()