diff --git a/cmd/sops/decrypt.go b/cmd/sops/decrypt.go index f348b16a7..49cd25b14 100644 --- a/cmd/sops/decrypt.go +++ b/cmd/sops/decrypt.go @@ -9,7 +9,7 @@ import ( "go.mozilla.org/sops/v3/keyservice" ) -type decryptOpts struct { +type DecryptOpts struct { Cipher sops.Cipher InputStore sops.Store OutputStore sops.Store @@ -19,7 +19,7 @@ type decryptOpts struct { KeyServices []keyservice.KeyServiceClient } -func decrypt(opts decryptOpts) (decryptedFile []byte, err error) { +func Decrypt(opts DecryptOpts) (decryptedFile []byte, err error) { tree, err := common.LoadEncryptedFileWithBugFixes(common.GenericDecryptOpts{ Cipher: opts.Cipher, InputStore: opts.InputStore, diff --git a/cmd/sops/main.go b/cmd/sops/main.go index 2deea8671..aa37a0e06 100644 --- a/cmd/sops/main.go +++ b/cmd/sops/main.go @@ -28,6 +28,7 @@ import ( publishcmd "go.mozilla.org/sops/v3/cmd/sops/subcommand/publish" "go.mozilla.org/sops/v3/cmd/sops/subcommand/updatekeys" "go.mozilla.org/sops/v3/config" + "go.mozilla.org/sops/v3/encrypt" "go.mozilla.org/sops/v3/gcpkms" "go.mozilla.org/sops/v3/hcvault" "go.mozilla.org/sops/v3/keys" @@ -144,7 +145,7 @@ func main() { inputStore := inputStore(c, fileName) svcs := keyservices(c) - opts := decryptOpts{ + opts := DecryptOpts{ OutputStore: &dotenv.Store{}, InputStore: inputStore, InputPath: fileName, @@ -153,7 +154,7 @@ func main() { IgnoreMAC: c.Bool("ignore-mac"), } - output, err := decrypt(opts) + output, err := Decrypt(opts) if err != nil { return toExitError(err) } @@ -212,7 +213,7 @@ func main() { outputStore := outputStore(c, fileName) svcs := keyservices(c) - opts := decryptOpts{ + opts := DecryptOpts{ OutputStore: outputStore, InputStore: inputStore, InputPath: fileName, @@ -221,7 +222,7 @@ func main() { IgnoreMAC: c.Bool("ignore-mac"), } - output, err := decrypt(opts) + output, err := Decrypt(opts) if err != nil { return toExitError(err) } @@ -796,7 +797,7 @@ func main() { if err != nil { return toExitError(err) } - output, err = encrypt(encryptOpts{ + output, err = encrypt.Encrypt(encrypt.EncryptOpts{ OutputStore: outputStore, InputStore: inputStore, InputPath: fileName, @@ -817,7 +818,7 @@ func main() { if err != nil { return common.NewExitError(fmt.Errorf("error parsing --extract path: %s", err), codes.InvalidTreePathFormat) } - output, err = decrypt(decryptOpts{ + output, err = Decrypt(DecryptOpts{ OutputStore: outputStore, InputStore: inputStore, InputPath: fileName, diff --git a/cmd/sops/encrypt.go b/encrypt/encrypt.go similarity index 94% rename from cmd/sops/encrypt.go rename to encrypt/encrypt.go index 1aa09eeba..e8801a08b 100644 --- a/cmd/sops/encrypt.go +++ b/encrypt/encrypt.go @@ -1,4 +1,4 @@ -package main +package encrypt import ( "io/ioutil" @@ -14,7 +14,7 @@ import ( "go.mozilla.org/sops/v3/version" ) -type encryptOpts struct { +type EncryptOpts struct { Cipher sops.Cipher InputStore sops.Store OutputStore sops.Store @@ -46,7 +46,7 @@ func (err *fileAlreadyEncryptedError) UserError() string { return wordwrap.WrapString(message, 75) } -func ensureNoMetadata(opts encryptOpts, branch sops.TreeBranch) error { +func ensureNoMetadata(opts EncryptOpts, branch sops.TreeBranch) error { for _, b := range branch { if b.Key == "sops" { return &fileAlreadyEncryptedError{} @@ -55,7 +55,7 @@ func ensureNoMetadata(opts encryptOpts, branch sops.TreeBranch) error { return nil } -func encrypt(opts encryptOpts) (encryptedFile []byte, err error) { +func Encrypt(opts EncryptOpts) (encryptedFile []byte, err error) { // Load the file fileBytes, err := ioutil.ReadFile(opts.InputPath) if err != nil {