...right now this would only apply to keys stored in GitHub, as that's the only time encryption is needed.
ovotech/mantle has the ability to validate ciphertexts for us, so we'd just need to switch it on here:
|
const disableValidation = true |
I can't remember the original reason why this was disabled, so thorough testing required.
...right now this would only apply to keys stored in GitHub, as that's the only time encryption is needed.
ovotech/mantle has the ability to validate ciphertexts for us, so we'd just need to switch it on here:
cloud-key-rotator/pkg/crypt/crypt.go
Line 30 in b1aae8e
I can't remember the original reason why this was disabled, so thorough testing required.