Skip to content

Commit c2b6216

Browse files
isindirisindir
committed
feat: add GCP KMS key suppport
Signed-off-by: Eriks Zelenka <[email protected]>
1 parent 902c19e commit c2b6216

File tree

4 files changed

+45
-8
lines changed

4 files changed

+45
-8
lines changed

README.md

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -62,11 +62,20 @@ sops --encrypt \
6262
> jenkins-secrets.enc.yaml
6363
```
6464

65+
* Encrypt file using `sops` and GCP KMS key:
66+
67+
```bash
68+
sops --encrypt \
69+
--gcp-kms 'projects/<project-name>/locations/<location>/keyRings/<keyring-name>/cryptoKeys/<key-name>' \
70+
--encrypted-suffix='_templates' jenkins-secrets.yaml \
71+
> jenkins-secrets.enc.yaml
72+
```
73+
6574
* Encrypt file using `sops` and Azure Keyvault key:
6675

6776
```bash
6877
sops --encrypt \
69-
--azure-kv "https://<vault-url>/keys/<key-name>/<key-version>" \
78+
--azure-kv 'https://<vault-url>/keys/<key-name>/<key-version>' \
7079
--encrypted-suffix='_templates' jenkins-secrets.yaml \
7180
> jenkins-secrets.enc.yaml
7281
```
@@ -75,7 +84,7 @@ sops --encrypt \
7584

7685
```bash
7786
sops --encrypt \
78-
--pgp "<pgp-finger-print>" \
87+
--pgp '<pgp-finger-print>' \
7988
--encrypted-suffix='_templates' jenkins-secrets.yaml \
8089
> jenkins-secrets.enc.yaml
8190
```

pkg/apis/isindir/v1alpha1/sopssecret_types.go

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -51,14 +51,21 @@ type AzureKmsItem struct {
5151
CreationDate string `json:"created_at,omitempty"`
5252
}
5353

54+
// GcpKmsDataItem defines GCP KMS Key specific encryption details
55+
// +k8s:openapi-gen=true
56+
type GcpKmsDataItem struct {
57+
VaultURL string `json:"resource_id,omitempty"`
58+
EncryptedKey string `json:"enc,omitempty"`
59+
CreationDate string `json:"created_at,omitempty"`
60+
}
61+
5462
// SopsMetadata defines the encryption details
5563
// +k8s:openapi-gen=true
5664
type SopsMetadata struct {
57-
AwsKms []KmsDataItem `json:"kms,omitempty"`
58-
Pgp []PgpDataItem `json:"pgp,omitempty"`
59-
AzureKms []AzureKmsItem `json:"azure_kv,omitempty"`
60-
//TODO: add following
61-
//GcpKms []GcpKmsDataItem `json:"gcp_kms,omitempty"`
65+
AwsKms []KmsDataItem `json:"kms,omitempty"`
66+
Pgp []PgpDataItem `json:"pgp,omitempty"`
67+
AzureKms []AzureKmsItem `json:"azure_kv,omitempty"`
68+
GcpKms []GcpKmsDataItem `json:"gcp_kms,omitempty"`
6269

6370
Mac string `json:"mac,omitempty"`
6471
LastModified string `json:"lastmodified,omitempty"`

pkg/apis/isindir/v1alpha1/zz_generated.deepcopy.go

Lines changed: 21 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

version/version.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,5 +2,5 @@ package version
22

33
var (
44
// Version of the operator
5-
Version = "0.0.5"
5+
Version = "0.0.6"
66
)

0 commit comments

Comments
 (0)