Skip to content

Commit

Permalink
feat: updates deps, small convience method changes
Browse files Browse the repository at this point in the history
  • Loading branch information
Figedi committed Oct 17, 2024
1 parent c9033b8 commit b7d6533
Showing 33 changed files with 2,624 additions and 5,536 deletions.
14 changes: 0 additions & 14 deletions .commitlintrc.js

This file was deleted.

9 changes: 0 additions & 9 deletions .dockerignore

This file was deleted.

48 changes: 0 additions & 48 deletions .eslintrc.js

This file was deleted.

11 changes: 7 additions & 4 deletions .github/workflows/build-and-push.yml
Original file line number Diff line number Diff line change
@@ -11,12 +11,12 @@ jobs:
permissions: write-all
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Setup node
uses: actions/setup-node@v1
uses: actions/setup-node@v4
with:
node-version: "18.x"
node-version: "20.x"

- name: Setup GitHub user
run: |
@@ -28,12 +28,15 @@ jobs:

- name: Build
run: npm run build

- name: Specs
run: npm run specs

- name: Run lint
run: npm run lint

- name: Semantic Release
uses: cycjimmy/semantic-release-action@v3
uses: cycjimmy/semantic-release-action@v4
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
4 changes: 3 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -9,4 +9,6 @@
/dist

.eslintcache
.DS_Store
.DS_Store

src/run.ts
7 changes: 0 additions & 7 deletions .prettierrc

This file was deleted.

29 changes: 15 additions & 14 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# SOPS

Minimal Sops re-implementation for decrypting sops files directly w/ node.js
Minimal Sops re-implementation for decrypting sops files directly w/ node.js w/o any sops-dependencies

## Why?
I needed a quick way to decrypt sops-encoded files loaded w/ node.js without going through child-process hacks

## Features

This library in no way supports all sops-versions and is only tested on 3.4.x. It does not implement encoding, although this could probably easily added. An example, not complete version is found in sopsUtils in the specFiles.
This library in no way supports all sops-versions and is only tested on 3.9.x. It does not implement encoding, although this could probably easily added. An example for encoding, but by all means not complete, is found in `sops.spec-utils.ts`

*Use this at your own risk*
I've used this in several production projects in a k8s-context in GCP (through GCP KMS).
@@ -16,19 +16,20 @@ I've used this in several production projects in a k8s-context in GCP (through G

Example to decrypt an encrypted file with a GCP-KMS keyring:
```typescript
import { decryptSopsJsonViaGCPKMS, createKMSManagementClient } from "@figedi/sops/kms"
const someEncryptedJson = require("secrets.enc.json");
const client = createKMSManagementClient("your-project-id", "optional-path-to-mounted-svc-account-json");
import { readFile } from "node:fs/promises";
import { GoogleKmsKeyDecryptor } from "@figedi/sops/kms";
import { SopsClient } from "@figedi/sops";

const decrypted = await decryptSopsJsonViaGCPKMS(client, someEncryptedJson);
```
Note: When providing an encrypted-json with a MAC, the mac will be used and checked. If the decrypted-json
does not match the MAC, a `ChecksumMismatchError` is thrown
const run = async () => {

const decryptor = await GoogleKmsKeyDecryptor.create('<your gcp project id>', '<path to a service-account.json>');
const sopsClient = new SopsClient(decryptor);
const testFile = await readFile('<path to a sops encrypted file>', { encoding: 'utf-8'})

console.log(await sopsClient.decrypt(testFile))

}

run()

Example to test whether file is encrypted w/ gcp kms
```typescript
import { canDecryptViaKMS } from "@figedi/sops/kms"
const someEncryptedJson = require("secrets.enc.json");
const isDecryptable = canDecryptViaKMS(someEncryptedJson)
```
105 changes: 105 additions & 0 deletions biome.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
{
"$schema": "https://biomejs.dev/schemas/1.9.3/schema.json",
"organizeImports": {
"enabled": true,
"ignore": ["coverage", "build", "dist", "node_modules", ".turbo"]
},
"files": { "maxSize": 3000000 },
"formatter": {
"enabled": true,
"lineEnding": "lf",
"indentWidth": 4,
"lineWidth": 160,
"indentStyle": "space",
"ignore": ["coverage", "build", "dist", "node_modules", ".turbo", "**/meta/*.json", "src/sdk/gen"]
},
"javascript": {
"formatter": {
"arrowParentheses": "asNeeded",
"semicolons": "always",
"quoteStyle": "single"
}
},
"json": {
"formatter": {
"indentWidth": 2
}
},
"linter": {
"enabled": true,
"rules": {
"recommended": true,
"a11y": {
"noSvgWithoutTitle": "off",
"useValidAnchor": "off",
"useButtonType": "off",
"useKeyWithClickEvents": "off",
"useAnchorContent": "off",
"useAltText": "off",
"useIframeTitle": "off",
"useGenericFontNames": "off",
"noLabelWithoutControl": "off"
},
"style": {
"noNonNullAssertion": "off",
"noParameterAssign": "off",
"noUnusedTemplateLiteral": "off",
"useDefaultParameterLast": "off",
"useShorthandFunctionType": "off",
"useImportType": "off"
},
"correctness": {
"useExhaustiveDependencies": "off",
"noUnusedImports": "error",
"noUnknownMediaFeatureName": "off",
"noUnknownProperty": "off",
"noUnknownFunction": "off"
},
"suspicious": {
"noThenProperty": "off",
"noExplicitAny": "off",
"noExtraNonNullAssertion": "off",
"noConfusingVoidType": "off",
"noImplicitAnyLet": "off",
"noShadowRestrictedNames": "off",
"noEmptyInterface": "off",
"noArrayIndexKey": "off",
"noExportsInTest": "off"
},
"complexity": {
"useLiteralKeys": "off",
"noUselessConstructor": "off",
"noForEach": "off",
"noBannedTypes": "off",
"noStaticOnlyClass": "off",
"useOptionalChain": "off"
},
"performance": {
"noAccumulatingSpread": "off",
"noDelete": "off"
}
},
"ignore": ["coverage", "build", "dist", "node_modules", ".turbo", "*.config.*", "*.json", "*.d.ts"]
},
"overrides": [
{
"include": ["**/*.vue"],
"organizeImports": {
"enabled": true
},
"formatter": {
"indentWidth": 4
},
"linter": {
"rules": {
"style": {
"useImportType": "off"
},
"correctness": {
"noUnusedImports": "off"
}
}
}
}
]
}
8 changes: 8 additions & 0 deletions lefthook.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
pre-commit:
commands:
check:
glob: "*.{js,ts,cjs,mjs,jsx,tsx,vue}"
run: pnpm exec biome check --write --no-errors-on-unmatched --files-ignore-unknown=true {staged_files} && git update-index --again
skip:
- merge
- rebase
3 changes: 0 additions & 3 deletions lint-staged.config.js

This file was deleted.

Loading

0 comments on commit b7d6533

Please sign in to comment.