forked from microsoft/winget-pkgs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
New version: SecretsOPerationS.SOPS version 3.9.0 (microsoft#160982)
- Loading branch information
Showing
3 changed files
with
195 additions
and
0 deletions.
There are no files selected for viewing
17 changes: 17 additions & 0 deletions
17
manifests/s/SecretsOPerationS/SOPS/3.9.0/SecretsOPerationS.SOPS.installer.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| # Created with komac v2.3.0 | ||
| # yaml-language-server: $schema=https://aka.ms/winget-manifest.installer.1.6.0.schema.json | ||
|
|
||
| PackageIdentifier: SecretsOPerationS.SOPS | ||
| PackageVersion: 3.9.0 | ||
| InstallerLocale: en-US | ||
| InstallerType: portable | ||
| UpgradeBehavior: install | ||
| Commands: | ||
| - sops | ||
| ReleaseDate: 2024-06-28 | ||
| Installers: | ||
| - Architecture: x64 | ||
| InstallerUrl: https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.exe | ||
| InstallerSha256: 2B45084E9E6308FA465EEAC2419D497B5B16B66D332AF18C03FEB3D68E51F52F | ||
| ManifestType: installer | ||
| ManifestVersion: 1.6.0 |
170 changes: 170 additions & 0 deletions
170
manifests/s/SecretsOPerationS/SOPS/3.9.0/SecretsOPerationS.SOPS.locale.en-US.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,170 @@ | ||
| # Created with komac v2.3.0 | ||
| # yaml-language-server: $schema=https://aka.ms/winget-manifest.defaultLocale.1.6.0.schema.json | ||
|
|
||
| PackageIdentifier: SecretsOPerationS.SOPS | ||
| PackageVersion: 3.9.0 | ||
| PackageLocale: en-US | ||
| Publisher: 'SOPS: Secrets OPerationS' | ||
| PublisherUrl: https://getsops.io/ | ||
| PublisherSupportUrl: https://github.com/getsops/sops/issues | ||
| PackageName: Secrets OPerationS | ||
| PackageUrl: https://github.com/getsops/sops | ||
| License: MPL-2.0 | ||
| LicenseUrl: https://github.com/getsops/sops/blob/HEAD/LICENSE | ||
| ShortDescription: Simple and flexible tool for managing secrets | ||
| Description: sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. | ||
| Moniker: sops | ||
| Tags: | ||
| - aws | ||
| - azure | ||
| - devops | ||
| - gcp | ||
| - pgp | ||
| - secret-distribution | ||
| - secret-management | ||
| - security | ||
| - sops | ||
| ReleaseNotes: |- | ||
| Installation | ||
| To install sops, download one of the pre-built binaries provided for your platform from the artifacts attached to this release.For instance, if you are using Linux on an AMD64 architecture: | ||
| # Download the binary | ||
| curl -LO https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.linux.amd64 | ||
| # Move the binary in to your PATH | ||
| mv sops-v3.9.0.linux.amd64 /usr/local/bin/sops | ||
| # Make the binary executable | ||
| chmod +x /usr/local/bin/sops | ||
| Verify checksums file signature | ||
| The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands: | ||
| # Download the checksums file, certificate and signature | ||
| curl -LO https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.checksums.txt | ||
| curl -LO https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.checksums.pem | ||
| curl -LO https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.checksums.sig | ||
| # Verify the checksums file | ||
| cosign verify-blob sops-v3.9.0.checksums.txt \ | ||
| --certificate sops-v3.9.0.checksums.pem \ | ||
| --signature sops-v3.9.0.checksums.sig \ | ||
| --certificate-identity-regexp= \ | ||
| --certificate-oidc-issuer=https://token.actions.githubusercontent.com | ||
| Verify binary integrity | ||
| To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature: | ||
| # Verify the binary using the checksums file | ||
| sha256sum -c sops-v3.9.0.checksums.txt --ignore-missing | ||
| Verify artifact provenance | ||
| The SLSA provenance of the binaries, packages, and SBOMs can be found within the artifacts associated with this release. It is presented through an in-toto link metadata file named sops-v3.9.0.intoto.jsonl. To verify the provenance of an artifact, you can utilize the slsa-verifier tool: | ||
| # Download the metadata file | ||
| curl -LO https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.intoto.jsonl | ||
| # Verify the provenance of the artifact | ||
| slsa-verifier verify-artifact <artifact> \ | ||
| --provenance-path sops-v3.9.0.intoto.jsonl \ | ||
| --source-uri github.com/getsops/sops \ | ||
| --source-tag v3.9.0 | ||
| Container Images | ||
| The sops binaries are also available as container images, based on Debian (slim) and Alpine Linux. The Debian-based container images include any dependencies which may be required to make use of certain key services, such as GnuPG, AWS KMS, Azure Key Vault, and Google Cloud KMS. The Alpine-based container images are smaller in size, but do not include these dependencies.These container images are available for the following architectures: linux/amd64 and linux/arm64.GitHub Container Registry | ||
| - ghcr.io/getsops/sops:v3.9.0 | ||
| - ghcr.io/getsops/sops:v3.9.0-alpine | ||
| Quay.io | ||
| - quay.io/getsops/sops:v3.9.0 | ||
| - quay.io/getsops/sops:v3.9.0-alpine | ||
| Verify container image signature | ||
| The container images are signed using Cosign with GitHub OIDC. To validate the signature of an image, run the following command: | ||
| cosign verify ghcr.io/getsops/sops:v3.9.0 \ | ||
| --certificate-identity-regexp= \ | ||
| --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ | ||
| -o text | ||
| Verify container image provenance | ||
| The container images include SLSA provenance attestations. For more information around the verification of this, please refer to the slsa-verifier documentation.Software Bill of Materials | ||
| The Software Bill of Materials (SBOM) for each binary is accessible within the artifacts enclosed with this release. It is presented as an SPDX JSON file, formatted as <binary>.spdx.sbom.json.What's Changed | ||
| - Respect aws_profile from Keygroup Config by @Kouzukii in #1049 | ||
| - build(deps): Bump the go group with 6 updates by @dependabot in #1327 | ||
| - build(deps): Bump the go group with 3 updates by @dependabot in #1328 | ||
| - build(deps): Bump the go group with 1 update by @dependabot in #1330 | ||
| - build(deps): Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible by @dependabot in #1336 | ||
| - build(deps): Bump the go group with 3 updates by @dependabot in #1334 | ||
| - Improve README.rst by @Ph0tonic in #1339 | ||
| - Fix typos by @felixfontein in #1337 | ||
| - build(deps): Bump the go group with 7 updates by @dependabot in #1344 | ||
| - Add --mac-only-encrypted to compute MAC only over values which end up encrypted by @mitar in #973 | ||
| - build(deps): Bump the ci group with 1 update by @dependabot in #1347 | ||
| - build(deps): Bump the go group with 7 updates by @dependabot in #1348 | ||
| - README: Correctly tag code as yaml-stream by @felixfontein in #1350 | ||
| - build(deps): Bump the go group with 5 updates by @dependabot in #1354 | ||
| - use getUserConfigDir also in tests by @bkreitch in #1346 | ||
| - Overwrite home dir in vault test by @bkreitch in #1349 | ||
| - Allow configuration of indentation for YAML and JSON stores by @Ph0tonic in #1273 | ||
| - build(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot in #1357 | ||
| - build(deps): Bump the go group with 4 updates by @dependabot in #1360 | ||
| - build(deps): Bump the ci group with 1 update by @dependabot in #1359 | ||
| - Fix TestGnuPGHome_Validate by @stormentt in #1370 | ||
| - build(deps): Bump the go group with 6 updates by @dependabot in #1373 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1376 | ||
| - Docs: indent is used both for encryption and decryption by @felixfontein in #1372 | ||
| - fix a bug where not having a config results in a panic by @stormentt in #1371 | ||
| - Polish the 'sops help' output a bit by @felixfontein in #1341 | ||
| - introduce a --pristine flag to sops exec-env by @e-nikolov in #912 | ||
| - Allow to pass multiple paths to 'updatekeys' by @sj14 in #1274 | ||
| - Warn/fail if the wrong number of arguments is provided by @felixfontein in #1342 | ||
| - Allow to override fileName with different value by @felixfontein in #1332 | ||
| - Sort masterkeys according to decryption-order by @bkreitch in #1345 | ||
| - build(deps): Bump the ci group with 4 updates by @dependabot in #1382 | ||
| - build(deps): Bump the go group with 5 updates by @dependabot in #1381 | ||
| - Deprecate the --background option to exec-env and exec-file by @felixfontein in #1379 | ||
| - build(deps): Bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in #1383 | ||
| - build(deps): Bump the ci group with 1 update by @dependabot in #1386 | ||
| - build(deps): Bump the go group with 5 updates by @dependabot in #1385 | ||
| - Consolidate Flatten/Unflatten pre/post processing by @lancerushing in #1356 | ||
| - INI, DotEnv stores: shamir_threshold is an integer by @felixfontein in #1394 | ||
| - Improve integration tests: reformat test code, make sure exit codes are always checked by @felixfontein in #1390 | ||
| - Make check whether file contains invalid keys for encryption dependent on output store by @felixfontein in #1393 | ||
| - Create a constant for the 'sops' metadata key by @felixfontein in #1398 | ||
| - build(deps): Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 by @dependabot in #1408 | ||
| - build(deps): Bump the ci group with 4 updates by @dependabot in #1425 | ||
| - build(deps): Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 by @dependabot in #1428 | ||
| - build(deps): Bump the go group with 10 updates by @dependabot in #1429 | ||
| - build(deps): Bump the ci group with 4 updates by @dependabot in #1432 | ||
| - Warn if more than one command is used by @felixfontein in #1388 | ||
| - Move extraction of encryption and rotation options to separate functions by @felixfontein in #1389 | ||
| - Add separate subcommands for encryption, decryption, rotating, editing, and setting values by @felixfontein in #1391 | ||
| - Add basic tests for exec-env and exec-file by @felixfontein in #1396 | ||
| - build with go 1.21 and update dependencies by @b-dean in #1427 | ||
| - build(deps): Bump the go group with 4 updates by @dependabot in #1439 | ||
| - sops: fix typo in interface name by @duthils in #1477 | ||
| - Fix function name in comment by @pullmerge in #1484 | ||
| - build(deps): Bump the ci group across 1 directory with 9 updates by @dependabot in #1498 | ||
| - build(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #1454 | ||
| - build(deps): Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot in #1460 | ||
| - build(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible by @dependabot in #1466 | ||
| - build(deps): Bump golang.org/x/net from 0.21.0 to 0.23.0 by @dependabot in #1489 | ||
| - build(deps): Bump actions/setup-go from 5.0.0 to 5.0.1 in the ci group by @dependabot in #1503 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1508 | ||
| - LoadCreationRuleForFile: correctly handle nil without error in callers by @felixfontein in #1506 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1510 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1516 | ||
| - Fix CVE-2024-2660 by @TheoBrigitte in #1519 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1521 | ||
| - fix(Makefile): set locale to make tests pass by @jonasbadstuebner in #1492 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1524 | ||
| - Adjust Makefile to new goreleaser 6.0.0 release by @felixfontein in #1526 | ||
| - build(deps): Bump the go group across 1 directory with 23 updates by @dependabot in #1525 | ||
| - update documentation for age by @tomaszduda23 in #1399 | ||
| - exec-file: if --filename is used, use the provided filename without random suffix by @felixfontein in #1474 | ||
| - build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 by @dependabot in #1528 | ||
| - Do not use DotEnv store for exec-env, but specialized environment serializing code by @felixfontein in #1436 | ||
| - build(deps): Bump the ci group with 2 updates by @dependabot in #1534 | ||
| - Decryption: do not fail if no matching creation_rule is present in config file by @felixfontein in #1434 | ||
| - add filestatus command by @endorama in #545 | ||
| - build(deps): Bump the go group across 1 directory with 16 updates by @dependabot in #1540 | ||
| - build(deps): Bump the go group across 1 directory with 4 updates by @dependabot in #1543 | ||
| - add command unset by @duthils in #1475 | ||
| - Update sops.go comment by @rjeczkow in #1544 | ||
| ReleaseNotesUrl: https://github.com/getsops/sops/releases/tag/v3.9.0 | ||
| ManifestType: defaultLocale | ||
| ManifestVersion: 1.6.0 |
8 changes: 8 additions & 0 deletions
8
manifests/s/SecretsOPerationS/SOPS/3.9.0/SecretsOPerationS.SOPS.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| # Created with komac v2.3.0 | ||
| # yaml-language-server: $schema=https://aka.ms/winget-manifest.version.1.6.0.schema.json | ||
|
|
||
| PackageIdentifier: SecretsOPerationS.SOPS | ||
| PackageVersion: 3.9.0 | ||
| DefaultLocale: en-US | ||
| ManifestType: version | ||
| ManifestVersion: 1.6.0 |