Class: SecretKeeper

Inherits:
Object
  • Object
show all
Defined in:
lib/secret-keeper.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeSecretKeeper

Returns a new instance of SecretKeeper.



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/secret-keeper.rb', line 57

def initialize
  env = ENV['RAILS_ENV'] || 'development'
  string = File.open('config/secret-keeper.yml', 'rb') { |f| f.read }
  fail 'config/secret-keeper.yml not existed nor not readable' if string.nil?
  begin
    config = YAML.load(string, aliases: true)[env] || {}
  rescue ArgumentError
    config = YAML.load(string)[env] || {}
  end
  fail 'config/secret-keeper.yml incorrect or environment not exist' if config.nil? || config.empty?
  ev_name = config['ev_name'] || 'SECRET_KEEPER'
  fail "environment variable #{ev_name} not exist" if ENV[ev_name].nil?

  @tasks = config['tasks']
  @using_cipher = OpenSSL::Cipher.new(config['cipher'] || 'AES-256-CBC')
  @cipher_key = Digest::SHA2.hexdigest(ENV[ev_name])[0...@using_cipher.key_len]

  @options = config['options']
end

Instance Attribute Details

#optionsObject (readonly)

Returns the value of attribute options.



5
6
7
 
# File 'lib/secret-keeper.rb', line 5

def options
  @options
end

#tasksObject (readonly)

Returns the value of attribute tasks.



5
6
7
 
# File 'lib/secret-keeper.rb', line 5

def tasks
  @tasks
end

Class Method Details

.decrypt_filesObject 



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/secret-keeper.rb', line 31

def self.decrypt_files
  printer = ['Decrypting...']
  sk = SecretKeeper.new
  printer << '(production config removed)' if sk.options['remove_production']
  printer << '(source files removed)' if sk.options['remove_source']

  ok_queue = []
  sk.tasks.each do |task|
    from = task['decrypt_from'] || task['encrypt_to']
    to = task['decrypt_to'] || task['encrypt_from']

    result = sk.decrypt_file(from, to)
    if result == :ok
      result = sk.remove_production_config(to) if sk.options['remove_production']
      result = sk.remove_file(from) if sk.options['remove_source']
    end

    ok_queue << result if result == :ok
    printer << "  * #{from} --> #{to}, #{result}"
  end
  success = ok_queue.count == sk.tasks.count
  printer << (success ? 'Done!' : 'Failed!')
  printer.each{ |row| puts row } unless sk.options['slience']
  success
end

.encrypt_filesObject 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'lib/secret-keeper.rb', line 7

def self.encrypt_files
  printer = ['Encrypting...']
  sk = SecretKeeper.new
  printer << '(production config removed)' if sk.options['remove_production']
  printer << '(source files removed)' if sk.options['remove_source']
  ok_queue = []
  sk.tasks.each do |task|
    from = File.exist?(task['encrypt_from']) ? task['encrypt_from'] : task['decrypt_to']
    to = task['encrypt_to']

    result = sk.encrypt_file(from, to)
    if result == :ok
      result = sk.remove_file(from) if sk.options['remove_source']
    end

    ok_queue << result if result == :ok
    printer << "  * #{from} --> #{to}, #{result}"
  end
  success = ok_queue.count == sk.tasks.count
  printer << (success ? 'Done!' : 'Failed!')
  printer.each{ |row| puts row } unless sk.options['slience']
  success
end

Instance Method Details

#decrypt_file(from_file, to_file) ⇒ Object 



85
86
87
88
89
90
91
 
# File 'lib/secret-keeper.rb', line 85

def decrypt_file(from_file, to_file)
  decrypted = File.open(from_file, 'rb') { |f| decrypt(f.read) }
  File.open(to_file, 'w') { |f| f.write(decrypted.force_encoding('UTF-8')) }
  :ok
rescue => e
  e
end

#encrypt_file(from_file, to_file) ⇒ Object 



77
78
79
80
81
82
83
 
# File 'lib/secret-keeper.rb', line 77

def encrypt_file(from_file, to_file)
  encrypted = File.open(from_file, 'rb') { |f| encrypt(f.read) }
  File.open(to_file, 'w:ASCII-8BIT') { |f| f.write(encrypted) }
  :ok
rescue => e
  e
end

#remove_file(file_path) ⇒ Object 



107
108
109
110
111
112
 
# File 'lib/secret-keeper.rb', line 107

def remove_file(file_path)
  File.delete(file_path)
  :ok
rescue => e
  e
end

#remove_production_config(file_path) ⇒ Object 



93
94
95
96
97
98
99
100
101
102
103
104
105
 
# File 'lib/secret-keeper.rb', line 93

def remove_production_config(file_path)
  return :ok unless file_path =~ /\.yml/
  begin
    hash = YAML.load_file(file_path, aliases: true)
  rescue ArgumentError
    hash = YAML.load_file(file_path)
  end
  hash.delete('production')
  File.write(file_path, YAML.dump(hash))
  :ok
rescue => e
  e
end