@chriscode/hush 5.0.4 → 5.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/sops.d.ts.map +1 -1
- package/dist/core/sops.js +36 -1
- package/package.json +1 -1
package/dist/core/sops.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sops.d.ts","sourceRoot":"","sources":["../../src/core/sops.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"sops.d.ts","sourceRoot":"","sources":["../../src/core/sops.ts"],"names":[],"mappings":"AA0DA,wBAAgB,eAAe,IAAI,OAAO,CAUzC;AAED,wBAAgB,kBAAkB,IAAI,OAAO,CAE5C;AAED,wBAAgB,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAkChD;AAED,wBAAgB,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAsBnE;AAED,wBAAgB,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAsB3C;AAED,wBAAgB,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CA+CzE"}
|
package/dist/core/sops.js
CHANGED
|
@@ -2,10 +2,40 @@ import { execSync, spawnSync } from 'node:child_process';
|
|
|
2
2
|
import { fs } from '../lib/fs.js';
|
|
3
3
|
import { join } from 'node:path';
|
|
4
4
|
import { tmpdir, homedir } from 'node:os';
|
|
5
|
+
import { loadConfig, findProjectRoot } from '../config/loader.js';
|
|
6
|
+
import { keyExists, keyPath } from '../lib/age.js';
|
|
7
|
+
function getProjectIdentifier(root) {
|
|
8
|
+
const config = loadConfig(root);
|
|
9
|
+
if (config.project) {
|
|
10
|
+
return config.project;
|
|
11
|
+
}
|
|
12
|
+
const pkgPath = join(root, 'package.json');
|
|
13
|
+
if (fs.existsSync(pkgPath)) {
|
|
14
|
+
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
|
|
15
|
+
if (typeof pkg.repository === 'string') {
|
|
16
|
+
const match = pkg.repository.match(/github\.com[/:]([\w-]+\/[\w-]+)/);
|
|
17
|
+
if (match)
|
|
18
|
+
return match[1];
|
|
19
|
+
}
|
|
20
|
+
if (pkg.repository?.url) {
|
|
21
|
+
const match = pkg.repository.url.match(/github\.com[/:]([\w-]+\/[\w-]+)/);
|
|
22
|
+
if (match)
|
|
23
|
+
return match[1];
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
return undefined;
|
|
27
|
+
}
|
|
5
28
|
function getAgeKeyFile() {
|
|
6
29
|
if (process.env.SOPS_AGE_KEY_FILE) {
|
|
7
30
|
return process.env.SOPS_AGE_KEY_FILE;
|
|
8
31
|
}
|
|
32
|
+
const projectRoot = findProjectRoot(process.cwd())?.projectRoot;
|
|
33
|
+
if (projectRoot) {
|
|
34
|
+
const project = getProjectIdentifier(projectRoot);
|
|
35
|
+
if (project && keyExists(project)) {
|
|
36
|
+
return keyPath(project);
|
|
37
|
+
}
|
|
38
|
+
}
|
|
9
39
|
const defaultPath = join(homedir(), '.config', 'sops', 'age', 'key.txt');
|
|
10
40
|
if (fs.existsSync(defaultPath)) {
|
|
11
41
|
return defaultPath;
|
|
@@ -52,8 +82,13 @@ export function decrypt(filePath) {
|
|
|
52
82
|
catch (error) {
|
|
53
83
|
const err = error;
|
|
54
84
|
if (err.stderr?.includes('No identity matched')) {
|
|
85
|
+
const projectRoot = findProjectRoot(process.cwd())?.projectRoot;
|
|
86
|
+
const project = projectRoot ? getProjectIdentifier(projectRoot) : undefined;
|
|
87
|
+
const keyLocation = project
|
|
88
|
+
? `~/.config/sops/age/keys/${project.replace(/\//g, '-')}.txt`
|
|
89
|
+
: '~/.config/sops/age/key.txt';
|
|
55
90
|
throw new Error('SOPS decryption failed: No matching age key found.\n' +
|
|
56
|
-
|
|
91
|
+
`Ensure your age key is at ${keyLocation}`);
|
|
57
92
|
}
|
|
58
93
|
throw new Error(`SOPS decryption failed: ${err.stderr || err.message}`);
|
|
59
94
|
}
|