Module: Chef::EncryptedDataBagItem::CheckEncrypted

Included in:
DSL::DataQuery, Knife::DataBagSecretOptions
Defined in:
lib/chef/encrypted_data_bag_item/check_encrypted.rb

Overview

Common code for checking if a data bag appears encrypted

Instance Method Summary collapse

Instance Method Details

#encrypted?(raw_data) ⇒ Boolean

Tries to autodetect if the item’s raw hash appears to be encrypted.

Returns:

  • (Boolean)


26
27
28
29
30
31
32
33
# File 'lib/chef/encrypted_data_bag_item/check_encrypted.rb', line 26

def encrypted?(raw_data)
  data = raw_data.reject { |k, _| k == "id" } # Remove the "id" key.
  # Assume hashes containing only the "id" key are not encrypted.
  # Otherwise, remove the keys that don't appear to be encrypted and compare
  # the result with the hash. If some entry has been removed, then some entry
  # doesn't appear to be encrypted and we assume the entire hash is not encrypted.
  data.empty? ? false : data.reject { |_, v| !looks_like_encrypted?(v) } == data
end