decrypt master key in parallel

[SinisterMinister]

Currently, Sops tries to decrypt the master key by iterating over each one in series. In practice, this can lead to significant performance issues if the working key is at the end of the list. The example case we encountered was using Sops with Ansible and the upcoming Sops plugin for it. During execution, Ansible calls sops for every task to decrypt the variables. In our case, we used KMS and PGP for our keys, and when running on a machine that relied on PGP, it would take over 30 seconds to decrypt a file as it iterated through providers. This would make PGP based builds take hours where it would take minutes for KMS based builds as it would fail the KMS key look up thousands of times throughout the run.

This change makes the decryption efforts happen in parallel, returning the first to succeed, making the speed faster than KMS based builds without affecting the KMS based build times.

[codecov-io]

Codecov Report

Merging #638 into develop will decrease coverage by 0.82%.
The diff coverage is 4.34%.

@@             Coverage Diff             @@
##           develop     #638      +/-   ##
===========================================
- Coverage    37.15%   36.33%   -0.83%     
===========================================
  Files           21       21              
  Lines         2893     2967      +74     
===========================================
+ Hits          1075     1078       +3     
- Misses        1724     1795      +71     
  Partials        94       94              

Impacted Files	Coverage Δ
sops.go	47.90% <0.00%> (-8.47%)	⬇️
kms/keysource.go	49.07% <44.44%> (+0.03%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7f350d8...2c2cbf1. Read the comment docs.

[SinisterMinister]

These changes were necessary to deal with the concurrent access of the kmsSvc by the decrypt calls.