From e25c1d9c2d455891d508c73c9fa02259978b5dc4 Mon Sep 17 00:00:00 2001 From: Jason Banich Date: Fri, 15 Nov 2019 14:06:52 -0800 Subject: [PATCH 1/2] Sort sops parameters in dotenv file --- stores/dotenv/store.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/stores/dotenv/store.go b/stores/dotenv/store.go index dedf8817c..41124ab0f 100644 --- a/stores/dotenv/store.go +++ b/stores/dotenv/store.go @@ -4,6 +4,7 @@ import ( "bytes" "encoding/json" "fmt" + "sort" "strings" "github.com/getsops/sops/v3" @@ -98,7 +99,14 @@ func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) { if err != nil { return nil, err } - for key, value := range mdItems { + var keys []string + for k := range mdItems { + keys = append(keys, k) + } + sort.Strings(keys) + + for _, key := range keys { + var value = mdItems[key] if value == nil { continue } From 700eea7119bc306ca1787cdf947339eaf21c054d Mon Sep 17 00:00:00 2001 From: Andraz Bajt Date: Thu, 4 Aug 2022 09:34:58 +0200 Subject: [PATCH 2/2] Add a test for dotenv output ordering Signed-off-by: Andraz Bajt --- stores/dotenv/store_test.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/stores/dotenv/store_test.go b/stores/dotenv/store_test.go index 163ddb022..dc0c2d1de 100644 --- a/stores/dotenv/store_test.go +++ b/stores/dotenv/store_test.go @@ -63,3 +63,20 @@ func TestEmitValueNonstring(t *testing.T) { _, err := (&Store{}).EmitValue(BRANCH) assert.NotNil(t, err) } + +func TestEmitEncryptedFileStability(t *testing.T) { + // emit the same tree multiple times to ensure the output is stable + // i.e. emitting the same tree always yields exactly the same output + var previous []byte + for i := 0; i < 10; i += 1 { + bytes, err := (&Store{}).EmitEncryptedFile(sops.Tree{ + Branches: []sops.TreeBranch{{}}, + }) + assert.Nil(t, err) + assert.NotEmpty(t, bytes) + if previous != nil { + assert.Equal(t, previous, bytes) + } + previous = bytes + } +}