feat: add GCP KMS key suppport

Signed-off-by: Eriks Zelenka <[email protected]>
isindir · Jun 21, 2019 · c2b6216 · c2b6216
1 parent 902c19e
commit c2b6216
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -62,11 +62,20 @@ sops --encrypt \
   > jenkins-secrets.enc.yaml
 ```
 
+* Encrypt file using `sops` and GCP KMS key:
+
+```bash
+sops --encrypt \
+  --gcp-kms 'projects/<project-name>/locations/<location>/keyRings/<keyring-name>/cryptoKeys/<key-name>' \
+  --encrypted-suffix='_templates' jenkins-secrets.yaml \
+  > jenkins-secrets.enc.yaml
+```
+
 * Encrypt file using `sops` and Azure Keyvault key:
 
 ```bash
 sops --encrypt \
-  --azure-kv "https://<vault-url>/keys/<key-name>/<key-version>" \
+  --azure-kv 'https://<vault-url>/keys/<key-name>/<key-version>' \
   --encrypted-suffix='_templates' jenkins-secrets.yaml \
   > jenkins-secrets.enc.yaml
 ```
@@ -75,7 +84,7 @@ sops --encrypt \
 
 ```bash
 sops --encrypt \
-  --pgp "<pgp-finger-print>" \
+  --pgp '<pgp-finger-print>' \
   --encrypted-suffix='_templates' jenkins-secrets.yaml \
   > jenkins-secrets.enc.yaml
 ```

diff --git a/pkg/apis/isindir/v1alpha1/sopssecret_types.go b/pkg/apis/isindir/v1alpha1/sopssecret_types.go
@@ -51,14 +51,21 @@ type AzureKmsItem struct {
 	CreationDate string `json:"created_at,omitempty"`
 }
 
+// GcpKmsDataItem defines GCP KMS Key specific encryption details
+// +k8s:openapi-gen=true
+type GcpKmsDataItem struct {
+	VaultURL     string `json:"resource_id,omitempty"`
+	EncryptedKey string `json:"enc,omitempty"`
+	CreationDate string `json:"created_at,omitempty"`
+}
+
 // SopsMetadata defines the encryption details
 // +k8s:openapi-gen=true
 type SopsMetadata struct {
-	AwsKms   []KmsDataItem  `json:"kms,omitempty"`
-	Pgp      []PgpDataItem  `json:"pgp,omitempty"`
-	AzureKms []AzureKmsItem `json:"azure_kv,omitempty"`
-	//TODO: add following
-	//GcpKms   []GcpKmsDataItem `json:"gcp_kms,omitempty"`
+	AwsKms   []KmsDataItem    `json:"kms,omitempty"`
+	Pgp      []PgpDataItem    `json:"pgp,omitempty"`
+	AzureKms []AzureKmsItem   `json:"azure_kv,omitempty"`
+	GcpKms   []GcpKmsDataItem `json:"gcp_kms,omitempty"`
 
 	Mac             string `json:"mac,omitempty"`
 	LastModified    string `json:"lastmodified,omitempty"`

diff --git a/pkg/apis/isindir/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/isindir/v1alpha1/zz_generated.deepcopy.go
diff --git a/version/version.go b/version/version.go
@@ -2,5 +2,5 @@ package version
 
 var (
 	// Version of the operator
-	Version = "0.0.5"
+	Version = "0.0.6"
 )