Module: Chronicle::ETL::Secrets

Defined in:

lib/chronicle/etl/secrets.rb

Overview

Secret management module

Class Method Summary

• .all(namespace = nil) ⇒ Object

  Retrieve all secrets from all namespaces.

• .available_secrets ⇒ Object

  Which config files are available in ~/.config/chronicle/etl/secrets.

• .exists?(namespace) ⇒ Boolean

  Whether a given namespace exists.

• .read(namespace) ⇒ Object

  Read secrets from a config file.

• .set(namespace, key, value) ⇒ Object

  Save a setting to a namespaced config file.

• .set_all(namespace, secrets) ⇒ Object

  Save a hash to a secrets namespace.

• .unset(namespace, key) ⇒ Object

  Remove a setting from a namespaced config file.

• .valid_namespace_name?(namespace) ⇒ Boolean

  Return whether a namespace name is valid (lowercase alphanumeric and -).

• .write(namespace, secrets) ⇒ Object

  Write secrets to a config file.

Class Method Details

.all(namespace = nil) ⇒ Object

Retrieve all secrets from all namespaces

# File 'lib/chronicle/etl/secrets.rb', line 36

def all(namespace = nil)
  namespaces = namespace.nil? ? available_secrets : [namespace]
  namespaces
    .to_h { |namespace| [namespace.to_sym, read(namespace)] }
    .delete_if { |_, v| v.empty? }
end

.available_secrets ⇒ Object

Which config files are available in ~/.config/chronicle/etl/secrets

# File 'lib/chronicle/etl/secrets.rb', line 64

def available_secrets
  Chronicle::ETL::Config.available_configs('secrets')
end

.exists?(namespace) ⇒ Boolean

Whether a given namespace exists

Returns:

• (Boolean)

# File 'lib/chronicle/etl/secrets.rb', line 10

def exists?(namespace)
  Chronicle::ETL::Config.exists?('secrets', namespace)
end

.read(namespace) ⇒ Object

Read secrets from a config file

# File 'lib/chronicle/etl/secrets.rb', line 49

def read(namespace)
  definition = Chronicle::ETL::Config.load('secrets', namespace)
  definition[:secrets] || {}
end

.set(namespace, key, value) ⇒ Object

Save a setting to a namespaced config file

# File 'lib/chronicle/etl/secrets.rb', line 15

def set(namespace, key, value)
  config = read(namespace)
  config[key.to_sym] = value
  write(namespace, config)
end

.set_all(namespace, secrets) ⇒ Object

Save a hash to a secrets namespace

# File 'lib/chronicle/etl/secrets.rb', line 22

def set_all(namespace, secrets)
  config = read(namespace)
  config = config.merge(secrets.deep_stringify_keys)
  write(namespace, config)
end

.unset(namespace, key) ⇒ Object

Remove a setting from a namespaced config file

# File 'lib/chronicle/etl/secrets.rb', line 29

def unset(namespace, key)
  config = read(namespace)
  config.delete(key.to_sym)
  write(namespace, config)
end

.valid_namespace_name?(namespace) ⇒ Boolean

Return whether a namespace name is valid (lowercase alphanumeric and -)

Returns:

• (Boolean)

# File 'lib/chronicle/etl/secrets.rb', line 44

def valid_namespace_name?(namespace)
  namespace.match(/^[a-z0-9\-]+$/)
end

.write(namespace, secrets) ⇒ Object

Write secrets to a config file

# File 'lib/chronicle/etl/secrets.rb', line 55

def write(namespace, secrets)
  data = {
    secrets: (secrets || {}).transform_keys(&:to_s),
    chronicle_etl_version: Chronicle::ETL::VERSION
  }
  Chronicle::ETL::Config.write('secrets', namespace, data)
end