Skip to content
| Marketplace
Sign in
Visual Studio Code>Other>SOPS Virtual FilesystemNew to Visual Studio Code? Get it now.
SOPS Virtual Filesystem

SOPS Virtual Filesystem

eh5

|
221 installs
| (0) | Free
VS Code SOPS virtual filesystem extension
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

SOPS Virtual Filesystem

VS Code SOPS virtual filesystem extension.

Show Demo Video

https://user-images.githubusercontent.com/24871166/224997543-886de0d0-f8ff-4d36-a71c-df399d447094.mp4

Features

  • Transparent decryption and re-encryption of SOPS file.
  • Mapping SOPS entries to individual virtual files.
  • Allows non-trivial text format for each entry in SOPS file so you can enjoy syntax highlighting & formatting powered by VS Code ecosystem.

Install

Marketplace Extension
Visual Studio Marketplace eh5.vscode-sops-fs
Open VSX Registry eh5.vscode-sops-fs

Requirements

  • sops in PATH
  • Recent version of VS Code that supports l10n API

Usage

Insert .sops into SOPS filename so the extension can recognize the file as SOPS, e.g.

  • foo.json => foo.sops.json
  • bar.yaml => bar.sops.yaml
  • binary => binary.sops

Alternatively tweak files.associations in your settings to associate arbitrary filenames to language ID sops.

{
  "files.associations": {
    "foobar.mysops.json": "sops"
  }
}

Then right click on SOPS filename or the active editor to mount SOPS file as workspace folder.

Note To unmount the SOPS file, just right click on created workspace folder and select remove the folder from workspace. Note that changes to SOPS virtual filesystem would be written to original SOPS file on save, no unmount is required.

The SOPS file would now be decrypted and listed in mounted folder, with each file or sub-folder mapping to leaf property or dictionary in SOPS file.

You are free to read, write, rename, delete on those files and create folders.

Additionally with the special file __sopsfs__.<extname> corresponding to direct decryption output of SOPS file, only read & write operations are available for this file.

Custom Decryption Keys

Configure sopsfs.env in settings to pass SOPS environment variables for keys. See Usage section in SOPS README.

{
  "sopsfs.env": {
    "SOPS_AGE_KEY_FILE": "/path/to/age/key.txt"
  }
}

See also demo settings.

Development

Note This section is for developers, end-users don't have to read this.

URI Schema

sops:/<base64url encoded SOPS URI>/<path>

  • <base64url encoded SOPS URI>

base64url encoded URI of SOPS file, which is going to be accessed.

For example, given a URI file:///home/alice/project/secrets.yaml it has <base64url encoded SOPS URI> of ZmlsZTovLy9ob21lL2FsaWNlL3Byb2plY3Qvc2VjcmV0cy55YW1s.

> Buffer.from("file:///home/alice/project/secrets.yaml").toString("base64url")
'ZmlsZTovLy9ob21lL2FsaWNlL3Byb2plY3Qvc2VjcmV0cy55YW1s'

As we use vscode.workspace.fs API instead of native fs module to access files, the URI can be any type of schemas registered.

  • <path>

Virtual filesystem path mapping to property tree of SOPS file.

For example, given a property path foo.bar.prop it has <path> of foo/bar/prop.

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2025 Microsoft