-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Better support for encrypted files (for example SOPS) #97
Comments
Seems similar to #80 I'm not familiar with SOPS, is this a preprocessor? |
SOPS means Secrets OPerationS and is a tool that is quite popular when using GitOps. It allows to encrypt YAML files at rest, without needing an agent in the cluster to decrypt the format. The files are decrypted by GitOps tooling itself through official support. For example with Flux GitOps: https://www.google.com/search?client=safari&rls=en&q=flux+sops&ie=UTF-8&oe=UTF-8#ip=1 It does the decryption before applying the YAML manifest to the cluster, so I assume it is a preprocessor yes. The option of having to add For now I will add a reminder to inform the SOPS community that adding Consider this issue solved with #80. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close not-planned |
@k8s-triage-robot: Closing this issue, marking it as "Not Planned". In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What would you like to be added?
When using encryption methods to encrypt files, it can add stuff that does not match the spec. One example is SOPS encrypted files:
Why is this needed?
I would expect this file to be ignored, or at least that the SOPS-related stuff is not included in the validation.
Maybe the user can be allowed to add glob patterns to ignore files or sections of a file from validation?
The text was updated successfully, but these errors were encountered: