Connexion
t3chn

vi-sops-dev

by @t3chn in Development
1
0
# Install this skill:
npx skills add t3chn/codex-skills --skill "vi-sops-dev"

Install specific skill from multi-skill repository

# Description

Work effectively in the getsops/sops codebase (Go + Rust functional tests): trace CLI behavior (edit/encrypt/decrypt/rotate/updatekeys), debug encryption/decryption + metadata/MAC issues, add or modify key providers (KMS/GCP/Azure/Vault/age/PGP), add file-format stores (YAML/JSON/INI/ENV/binary), update config (.sops.yaml), and run the right test suites. Use when a task mentions SOPS, getsops/sops, sops CLI internals, master keys, keyservice, stores, or functional-tests.

# SKILL.md

name: vi-sops-dev
description: "Work effectively in the getsops/sops codebase (Go + Rust functional tests): trace CLI behavior (edit/encrypt/decrypt/rotate/updatekeys), debug encryption/decryption + metadata/MAC issues, add or modify key providers (KMS/GCP/Azure/Vault/age/PGP), add file-format stores (YAML/JSON/INI/ENV/binary), update config (.sops.yaml), and run the right test suites. Use when a task mentions SOPS, getsops/sops, sops CLI internals, master keys, keyservice, stores, or functional-tests."

Vi Sops Dev

Quick Start

  • Start from the repo map in references/repo-map.md to pick the right entry point fast.
  • Run the developer test loop from references/testing.md (make test, then make functional-tests).
  • Use --verbose (or per-command --verbose where available) to enable debug logging in the CLI.

Workflow

1) Triage the user request

  • Identify whether the change is primarily:
  • CLI plumbing (cmd/sops/...)
  • crypto/tree/metadata (sops.go, aes/, stores/)
  • key provider (kms/, gcpkms/, azkv/, hckms/, hcvault/, age/, pgp/)
  • config parsing (config/)
  • keyservice / gRPC (keyservice/, cmd/sops/subcommand/keyservice/)
  • functional tests (functional-tests/)

2) Trace the execution path

  • If the behavior is user-facing, start at cmd/sops/main.go and follow into the command implementation in cmd/sops/*.go.
  • If the behavior is encryption/decryption:
  • CLI calls helpers in cmd/sops/common/ (load/decrypt/encrypt).
  • Core logic lives in sops.go (Tree/Metadata, MAC, key groups, store interfaces).

3) Make a minimal reproduction

  • Prefer a small fixture (YAML/JSON/ENV/INI) in example.* style, or use existing example.yaml / example.json.
  • Prefer unit tests (go test ./...) for pure logic and functional tests (functional-tests/) for end-to-end CLI behavior.

4) Implement the change

  • Match existing patterns in the nearest package (key providers, stores, CLI command wiring).
  • Keep backwards compatibility in mind: encrypted-file schema + metadata fields are part of the ecosystem.

5) Validate

  • Run make test and (when relevant) make functional-tests. See references/testing.md.

Pointers

  • Repo map: references/repo-map.md
  • Testing: references/testing.md
  • Key providers: references/key-providers.md
  • Optional quick overview script: scripts/sops-repo-map.sh

# Related Skills

facebook
feature-flags @facebook

Use when feature flag tests fail, flags need updating, understanding @gate pragmas, debugging...

★ 242,571
facebook
fix @facebook

Use when you have lint errors, formatting issues, or before committing code to ensure it passes CI.

★ 242,571
facebook
flags @facebook

Use when you need to check feature flag states, compare channels, or debug why a feature behaves...

★ 242,571

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.