Class: Chef::Knife::Core::EncryptedAttributeBase

Inherits:
Chef::Knife
  • Object
show all
Defined in:
lib/chef/knife/core/encrypted_attribute_base.rb

Overview

knife encrypted attribute commands base class.

All encrypted attribute knife commands inherit some common method from this class.

Instance Method Summary collapse

Instance Method Details

#assert_attribute_does_not_exist(node_name, attr_ary) ⇒ Object

Asserts that an encrypted attribute does not exist.

Exits with error if the attribute exist.

Parameters:

  • node_name (String)

    Chef node name.

  • attr_ary (Array<String>)

    node attribute path as Array.

Returns:

  • void

Raises:

  • (ArgumentError)

    if the attribute path format is wrong.


73
74
75
76
77
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 73

def assert_attribute_does_not_exist(node_name, attr_ary)
  return unless
    Chef::EncryptedAttribute.exist_on_node?(node_name, attr_ary)
  die('Encrypted attribute already exists')
end

#assert_attribute_exists(node_name, attr_ary) ⇒ Object

Asserts that an encrypted attribute exists.

Exits with error if the attribute does no exist.

Parameters:

  • node_name (String)

    Chef node name.

  • attr_ary (Array<String>)

    node attribute path as Array.

Returns:

  • void

Raises:

  • (ArgumentError)

    if the attribute path format is wrong.


60
61
62
63
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 60

def assert_attribute_exists(node_name, attr_ary)
  return if Chef::EncryptedAttribute.exist_on_node?(node_name, attr_ary)
  die('Encrypted attribute not found')
end

#assert_attribute_readable(node_name, attr_ary) ⇒ Object

Asserts that I can decrypt an encrypted attribute from a remote node.

Exists with an error if the attribute cannot be decrypted.

Parameters:

  • node_name (String)

    Chef node name.

  • attr_ary (Array<String>)

    node attribute path as Array.

Returns:

  • void

Raises:

  • (ArgumentError)

    if the attribute path format is wrong.

  • (UnacceptableEncryptedAttributeFormat)

    if encrypted attribute format is wrong.

  • (UnsupportedEncryptedAttributeFormat)

    if encrypted attribute format is not supported or unknown.

  • (SearchFailure)

    if there is a Chef search error.

  • (SearchFatalError)

    if the Chef search response is wrong.

  • (InvalidSearchKeys)

    if search keys structure is wrong.


121
122
123
124
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 121

def assert_attribute_readable(node_name, attr_ary)
  # try to read the attribute
  Chef::EncryptedAttribute.load_from_node(node_name, attr_ary)
end

#assert_valid_argsObject

Asserts that the arguments are valid.

Exits with error if arguments are wrong.

Returns:

  • void


102
103
104
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 102

def assert_valid_args
  # nop
end

#attribute_path_to_ary(str, delim = '.', escape = '\\') ⇒ Array<String>

Parses an array path in or escaped string notation.

Literal delimiter values can be escaped using the escape character.

Uses dot notation by default, using '.' as delimiter and '\' as escape character.

For example, for 'encrypted.attr\.ibute' will return %w(encrypted attr.ibute).

Parameters:

  • str (String)

    array path in dot notation.

  • delim (String) (defaults to: '.')

    delimiter used for string notation.

  • escape (String) (defaults to: '\\')

    escape character to use.

Returns:

  • (Array<String>)

    attribute path as array.


156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 156

def attribute_path_to_ary(str, delim = '.', escape = '\\')
  # cool, but doesn't work for some edge cases
  # return str.scan(/(?:[^.\\]|\\.)+/).map {|x| x.gsub('\\.', '.') }
  result = []
  current = ''
  i = 0
  until str[i].nil?
    if str[i] == escape
      current << attribute_path_to_ary_read_escape(str, i, delim)
      i += 1 # skip the next char
    elsif str[i] == delim
      result << current
      current = ''
    else
      current << str[i]
    end
    i += 1
  end
  result << current
end

#attribute_path_to_ary_read_escape(str, i, delim) ⇒ String

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Parses the escape character from an array path string.

see #attribute_path_to_ary

Parameters:

  • str (String)

    the full string to parse.

  • i (String)

    string position that contains the escape character.

  • delim (String)

    delimiter used for string notation.

Returns:

  • (String)

    the character unscaped.


134
135
136
137
138
139
140
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 134

def attribute_path_to_ary_read_escape(str, i, delim)
  if str[i + 1] == delim
    str[i + 1]
  else
    str[i] + (str[i + 1].nil? ? '' : str[i + 1])
  end
end

#die(msg) ⇒ Object

Prints a fatal error and exits without success.

Parameters:

  • msg (String)

    message to print.

Returns:

  • void


34
35
36
37
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 34

def die(msg)
  ui.fatal(msg)
  exit 1
end

#option_assert(option, msg) ⇒ Object

Asserts that the option value is not nil.

Shows usage and exists if nil.

Parameters:

  • option (Mixed)

    value to check.

  • msg (String)

    error message to print in case value is nil.

Returns:

  • void


46
47
48
49
50
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 46

def option_assert(option, msg)
  return unless option.nil?
  show_usage
  die(msg)
end

#parse_argsObject

Parses knife arguments.

Exits with error if the arguments are wrong.

Returns:

  • void

See Also:


85
86
87
88
89
90
91
92
93
94
95
# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 85

def parse_args
  @node_name = @name_args[0]
  @attr_path = @name_args[1]
  option_assert(@node_name, 'You must specify a node name')
  option_assert(
    @attr_path, 'You must specify an encrypted attribute name'
  )
  @attr_ary = attribute_path_to_ary(@attr_path)

  assert_valid_args
end