Module: EcoRake::Shell::Gpg

Includes:
Command, Files
Defined in:
lib/eco-rake/shell/gpg.rb

Constant Summary collapse

GPG_VERSION_REGEX =
/^gpg.*?gnupg.*?(?<maj>\d+)\.(?<min>\d+)\./i.freeze

Constants included from Files

Files::DAY_SECONDS

Instance Method Summary collapse

Methods included from Files

#csv_files, #delete_file, #folder_files, #gpg_files, #gpg_to_csv_filename, #move_file, #upsert_local_dir

Methods included from Command

#array_cmd, #double_quote, #middlewared_callback, #sh_chain, #sh_continue, #sh_default_block, #sh_exit_on_fail, #string_cmd

Instance Method Details

#decrypt_command(gpg_file, gpg_key: ENV["GPG_KEY"], ignore_mdc_error: false) ⇒ String

Note:
  1. The ENV var GPG_KEY specifies the passphrase to be able to use the private gpg key (suppsedly installed in the user's local gpg keyring).
  2. Depending on the gpg version, the option to prevent the interactive passphrase to prompt is different. This is the reason why we check what is the option for a loopback

Returns the command to decrypt gpg_file.

Parameters:

  • gpg_file (String)

    the file meant to be decrypted.

Returns:

  • (String)

    the command to decrypt gpg_file



16
17
18
19
20
21
22
23
24
25
26
27
# File 'lib/eco-rake/shell/gpg.rb', line 16

def decrypt_command(gpg_file, gpg_key: ENV["GPG_KEY"], ignore_mdc_error: false)
  csv_file = gpg_to_csv_filename(gpg_file)
  no_error = ignore_mdc_error ? '--ignore-mdc-error' : nil
  loopback = gpg_version_gte?(major: 2, minor: 1)? "--pinentry-mode=loopback" : "--batch --yes"
  args     = [
    no_error, loopback,
    '--passphrase', double_quote(gpg_key),
    '-o', double_quote(csv_file),
    '-d', double_quote(gpg_file)
  ]
  string_cmd('gpg', *args)
end