A Python utility to ensure your files are securely encrypted with SOPS. Integrates seamlessly into your pre-commit workflow, providing automated validation for SOPS-encrypted files, enhancing security and compliance in your development process.
Project description
Validate-SOPS
Overview
validate-sops
is a Python utility designed by Vladimir Zhukov to validate that specified files are encrypted using Mozilla SOPS (Secrets OPerationS). It ensures that sensitive files committed to your repository are securely encrypted, preventing accidental exposure of secrets.
Features
- Validates multiple files for SOPS encryption.
- Easily integrated into pre-commit hooks for automated validation.
- Provides clear error messages for non-compliant files.
Usage
To use validate-sops
as a pre-commit hook in your projects, add the following configuration to your .pre-commit-config.yaml
file:
repos:
- repo: https://github.com/voldy/validate-sops
rev: 'v0.1.0' # Use the latest commit SHA or tag
hooks:
- id: validate-sops
files: '.*\/secrets\/encrypted\.(yaml|yml|json|env)$' # Adjust based on your file(s) location and type(s)
Local Development Setup
The following instructions are intended for contributors and developers working on the validate-sops
utility itself.
Installation
This project uses Poetry for dependency management and package handling. Ensure you have Poetry installed on your system.
To set up validate-sops
for local development, follow these steps:
- Clone the repository:
git clone https://github.com/voldy/validate-sops.git
cd validate-sops
- Install dependencies using Poetry:
poetry install
- Set up the pre-commit hooks:
After configuring
.pre-commit-config.yaml
in your project, run the following command to set up the git hook scripts:
pre-commit install
- To manually execute all configured pre-commit hooks on all files, run:
poetry run pre-commit run --all-files
This step is useful for testing the hooks before committing.
Running Tests
To run the unit tests for validate-sops
, use the following command:
poetry run pytest
Contributing
Contributions to validate-sops
are welcome! Please feel free to submit pull requests or open issues to suggest improvements or report bugs.
Author
Vladimir Zhukov
License
validate-sops
is licensed under the MIT License. See the LICENSE
file in the project root for the full license text.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for validate_sops-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9ca889e306398364ade4f05dff1fcf8a130812199cca25be85501859d7146d0f |
|
MD5 | ace35f73bd9c80bca75f34077de832b6 |
|
BLAKE2b-256 | 5937ec58ff4e1a9725293cb9ded742a3d7d7694e1bda40af7621019b3051e66f |