chamber 2.12.2 → 2.14.0

data/lib/chamber/integrations/rails.rb

@@ -9,7 +9,7 @@ class   Rails < ::Rails::Railtie
     Chamber.load(basepath:   ::Rails.root.join('config'),
                  namespaces: {
                    environment: -> { ::Rails.env },
-                   hostname:    -> { Socket.gethostname },
+                   hostname:    -> { ::Socket.gethostname },
                  })
   end
 end

data/lib/chamber/integrations/sinatra.rb

@@ -16,12 +16,12 @@ module Sinatra
       end
 
       Chamber.load(
-                    basepath:   root,
-                    namespaces: {
-                      environment: -> { env },
-                      hostname:    -> { Socket.gethostname },
-                    },
-                  )
+        basepath:   root,
+        namespaces: {
+          environment: -> { env },
+          hostname:    -> { Socket.gethostname },
+        },
+      )
     end
   end
 end

data/lib/chamber/key_pair.rb

@@ -9,10 +9,10 @@ class  KeyPair
                 :namespace,
                 :passphrase
 
-  def initialize(options = {})
-    self.namespace     = options[:namespace]
-    self.passphrase    = options.fetch(:passphrase, SecureRandom.uuid)
-    self.key_file_path = Pathname.new(options.fetch(:key_file_path))
+  def initialize(key_file_path:, namespace: nil, passphrase: ::SecureRandom.uuid)
+    self.namespace     = namespace
+    self.passphrase    = passphrase
+    self.key_file_path = Pathname.new(key_file_path)
   end
 
   def encrypted_private_key_passphrase_filepath
@@ -77,10 +77,10 @@ class  KeyPair
   def base_key_filename
     @base_key_filename ||= [
                              '.chamber',
-                             namespace,
-                           ].
-                             compact.
-                             join('.')
+                             namespace ? namespace.tr('-.', '') : nil,
+                           ]
+                             .compact
+                             .join('.')
   end
 end
 end

data/lib/chamber/keys/base.rb

@@ -3,73 +3,67 @@
 module  Chamber
 module  Keys
 class   Base
-  def self.resolve(*args)
-    new(*args).resolve
+  def self.resolve(**args)
+    new(**args).resolve
   end
 
   attr_accessor :rootpath
   attr_reader   :filenames,
                 :namespaces
 
-  def initialize(options = {})
-    self.rootpath   = Pathname.new(options.fetch(:rootpath))
-    self.namespaces = options.fetch(:namespaces)
-    self.filenames  = options[:filenames]
+  def initialize(rootpath:, namespaces:, filenames: nil)
+    self.rootpath   = Pathname.new(rootpath)
+    self.namespaces = namespaces
+    self.filenames  = filenames
   end
 
   def resolve
-    filenames.each_with_object({}) do |filename, memo|
-      namespace = namespace_from_filename(filename) || '__default'
-      value     = key_from_file_contents(filename) ||
-                  key_from_environment_variable(filename)
+    key_paths.each_with_object({}) do |path, memo|
+      namespace = namespace_from_path(path) || '__default'
+      value     = path.readable? ? path.read : ENV[environment_variable_from_path(path)]
 
       memo[namespace.downcase.to_sym] = value if value
     end
   end
 
-  def filenames=(other)
-    @filenames = begin
-                   paths = Array(other).
-                             map { |o| Pathname.new(o) }.
-                             compact
+  def as_environment_variables
+    key_paths.select(&:readable?).each_with_object({}) do |path, memo|
+      memo[environment_variable_from_path(path)] = path.read
+    end
+  end
 
-                   paths << default_key_file_path if paths.empty?
+  private
 
-                   (
-                     paths +
-                     generate_key_filenames
-                   ).
-                     uniq
-                 end
+  def key_paths
+    @key_paths = (filenames.any? ? filenames : [default_key_file_path]) +
+                 namespaces.map { |n| namespace_to_key_path(n) }
   end
 
-  private
+  # rubocop:disable Performance/ChainArrayAllocation
+  def filenames=(other)
+    @filenames = Array(other)
+                   .map { |o| Pathname.new(o) }
+                   .compact
+  end
+  # rubocop:enable Performance/ChainArrayAllocation
 
   def namespaces=(other)
-    @namespaces ||= begin
-                      keys = if other.respond_to?(:keys)
-                               other.keys.map(&:to_s)
-                             else
-                               other
-                             end
-
-                      keys + %w{signature}
-                    end
+    @namespaces = other + %w{signature}
   end
 
-  def key_from_file_contents(filename)
-    filename.readable? && filename.read
+  def namespace_from_path(path)
+    path
+      .basename
+      .to_s
+      .match(self.class::NAMESPACE_PATTERN) { |m| m[1].upcase }
   end
 
-  def key_from_environment_variable(filename)
-    ENV[environment_variable_from_filename(filename)]
+  def namespace_to_key_path(namespace)
+    rootpath + ".chamber.#{namespace.to_s.tr('.-', '')}#{key_filename_extension}"
   end
 
-  def namespace_from_filename(filename)
-    filename.
-      basename.
-      to_s.
-      match(self.class::NAMESPACE_PATTERN) { |m| m[1].upcase }
+  def default_key_file_path
+    Pathname.new(rootpath + ".chamber#{key_filename_extension}")
   end
 end
 end

data/lib/chamber/keys/decryption.rb

@@ -13,28 +13,22 @@ class   Decryption < Chamber::Keys::Base
                         (\w+)       # Namespace
                         \.pem       # Extension
                         \z          # End of Filename
-                      /x
+                      /x.freeze
 
   private
 
-  def environment_variable_from_filename(filename)
+  def environment_variable_from_path(path)
     [
       'CHAMBER',
-      namespace_from_filename(filename),
+      namespace_from_path(path),
       'KEY',
-    ].
-      compact.
-      join('_')
+    ]
+      .compact
+      .join('_')
   end
 
-  def generate_key_filenames
-    namespaces.map do |namespace|
-      rootpath + ".chamber.#{namespace}.pem"
-    end
-  end
-
-  def default_key_file_path
-    Pathname.new(rootpath + '.chamber.pem')
+  def key_filename_extension
+    '.pem'
   end
 end
 end

data/lib/chamber/keys/encryption.rb

@@ -13,28 +13,22 @@ class   Encryption < Chamber::Keys::Base
                         (\w+)       # Namespace
                         \.pub\.pem  # Extension
                         \z          # End of Filename
-                      /x
+                      /x.freeze
 
   private
 
-  def environment_variable_from_filename(filename)
+  def environment_variable_from_path(path)
     [
       'CHAMBER',
-      namespace_from_filename(filename),
+      namespace_from_path(path),
       'PUBLIC_KEY',
-    ].
-      compact.
-      join('_')
+    ]
+      .compact
+      .join('_')
   end
 
-  def generate_key_filenames
-    namespaces.map do |namespace|
-      rootpath + ".chamber.#{namespace}.pub.pem"
-    end
-  end
-
-  def default_key_file_path
-    Pathname.new(rootpath + '.chamber.pub.pem')
+  def key_filename_extension
+    '.pub.pem'
   end
 end
 end

data/lib/chamber/namespace_set.rb

@@ -71,10 +71,8 @@ class   NamespaceSet
   # Internal: Iterates over each namespace value and allows it to be used in
   # a block.
   #
-  def each
-    namespaces.each do |namespace|
-      yield namespace
-    end
+  def each(&block)
+    namespaces.each(&block)
   end
 
   ###

data/lib/chamber/settings.rb

@@ -16,29 +16,40 @@ require 'chamber/filters/failed_decryption_filter'
 #
 module  Chamber
 class   Settings
-  attr_accessor :pre_filters,
-                :post_filters,
+  attr_accessor :decryption_keys,
                 :encryption_keys,
-                :decryption_keys
+                :post_filters,
+                :pre_filters,
+                :secure_key_prefix
   attr_reader   :namespaces
 
-  # rubocop:disable Metrics/CyclomaticComplexity, Metrics/LineLength
-  def initialize(options = {})
-    self.namespaces      = options[:namespaces]      || []
-    self.raw_data        = options[:settings]        || {}
-    self.decryption_keys = options[:decryption_keys] || {}
-    self.encryption_keys = options[:encryption_keys] || {}
-    self.pre_filters     = options[:pre_filters]     || [
-                                                          Filters::NamespaceFilter,
-                                                        ]
-    self.post_filters    = options[:post_filters]    || [
-                                                          Filters::DecryptionFilter,
-                                                          Filters::EnvironmentFilter,
-                                                          Filters::FailedDecryptionFilter,
-                                                          Filters::TranslateSecureKeysFilter,
-                                                        ]
+  # rubocop:disable Metrics/ParameterLists
+  def initialize(
+                  decryption_keys:   {},
+                  encryption_keys:   {},
+                  namespaces:        [],
+                  pre_filters:       [
+                                       Filters::NamespaceFilter,
+                                     ],
+                  post_filters:      [
+                                       Filters::DecryptionFilter,
+                                       Filters::EnvironmentFilter,
+                                       Filters::FailedDecryptionFilter,
+                                       Filters::TranslateSecureKeysFilter,
+                                     ],
+                  secure_key_prefix: '_secure_',
+                  settings:          {},
+                  **_args
+                )
+    self.decryption_keys   = decryption_keys
+    self.encryption_keys   = encryption_keys
+    self.namespaces        = namespaces
+    self.post_filters      = post_filters
+    self.pre_filters       = pre_filters
+    self.raw_data          = settings
+    self.secure_key_prefix = secure_key_prefix
   end
-  # rubocop:enable Metrics/CyclomaticComplexity, Metrics/LineLength
+  # rubocop:enable Metrics/ParameterLists
 
   ###
   # Internal: Converts a Settings object into a hash that is compatible as an
@@ -79,15 +90,11 @@ class   Settings
   #                 } ).to_s
   #   # => 'MY_KEY="my value" MY_OTHER_KEY="my other value"'
   #
-  def to_s(options = {})
-    hierarchical_separator = options[:hierarchical_separator] || '_'
-    pair_separator         = options[:pair_separator]         || ' '
-    value_surrounder       = options[:value_surrounder]       || '"'
-    name_value_separator   = options[:name_value_separator]   || '='
-
-    concatenated_name_hash = to_concatenated_name_hash(hierarchical_separator)
-
-    pairs = concatenated_name_hash.to_a.map do |key, value|
+  def to_s(hierarchical_separator: '_',
+           pair_separator:         ' ',
+           value_surrounder:       '"',
+           name_value_separator:   '=')
+    pairs = to_concatenated_name_hash(hierarchical_separator).to_a.map do |key, value|
       "#{key.upcase}#{name_value_separator}#{value_surrounder}#{value}#{value_surrounder}"
     end
 
@@ -182,20 +189,21 @@ class   Settings
   # Returns a new Settings object
   #
   def merge(other)
-    other_settings = if other.is_a? Settings
+    other_settings = case other
+                     when Settings
                        other
-                     elsif other.is_a? Hash
+                     when Hash
                        Settings.new(settings: other)
                      end
 
-    # rubocop:disable Metrics/LineLength
+    # rubocop:disable Layout/LineLength
     Settings.new(
       encryption_keys: encryption_keys.any? ? encryption_keys : other_settings.encryption_keys,
       decryption_keys: decryption_keys.any? ? decryption_keys : other_settings.decryption_keys,
       namespaces:      (namespaces + other_settings.namespaces),
       settings:        raw_data.merge(other_settings.raw_data),
     )
-    # rubocop:enable Metrics/LineLength
+    # rubocop:enable Layout/LineLength
   end
 
   ###
@@ -220,26 +228,26 @@ class   Settings
   end
 
   def securable
-    Settings.new(metadata.merge(
-                    settings:    raw_data,
-                    pre_filters: [Filters::SecureFilter],
-    ))
+    Settings.new(**metadata.merge(
+                   settings:    raw_data,
+                   pre_filters: [Filters::SecureFilter],
+                 ))
   end
 
   def secure
-    Settings.new(metadata.merge(
-                    settings:     raw_data,
-                    pre_filters:  [Filters::EncryptionFilter],
-                    post_filters: [Filters::TranslateSecureKeysFilter],
-    ))
+    Settings.new(**metadata.merge(
+                   settings:     raw_data,
+                   pre_filters:  [Filters::EncryptionFilter],
+                   post_filters: [Filters::TranslateSecureKeysFilter],
+                 ))
   end
 
   def insecure
-    Settings.new(metadata.merge(
-                    settings:     raw_data,
-                    pre_filters:  [Filters::InsecureFilter],
-                    post_filters: [Filters::TranslateSecureKeysFilter],
-    ))
+    Settings.new(**metadata.merge(
+                   settings:     raw_data,
+                   pre_filters:  [Filters::InsecureFilter],
+                   post_filters: [Filters::TranslateSecureKeysFilter],
+                 ))
   end
 
   def method_missing(name, *args)
@@ -262,24 +270,20 @@ class   Settings
     @namespaces = NamespaceSet.new(raw_namespaces)
   end
 
+  # rubocop:disable Naming/MemoizedInstanceVariableName
   def raw_data
     @filtered_raw_data ||= pre_filters.inject(@raw_data) do |filtered_data, filter|
-      filter.execute({ data: filtered_data }.
-                     merge(metadata))
+      filter.execute(**{ data: filtered_data }.merge(metadata))
     end
   end
+  # rubocop:enable Naming/MemoizedInstanceVariableName
 
   def data
     @data ||= post_filters.inject(raw_data) do |filtered_data, filter|
-      filter.execute({ data: filtered_data }.
-                     merge(metadata))
+      filter.execute(**{ data: filtered_data }.merge(metadata))
     end
   end
 
-  def secure_key_prefix
-    '_secure_'
-  end
-
   def metadata
     {
       decryption_keys:   decryption_keys,

data/lib/chamber/types/secured.rb

@@ -3,21 +3,19 @@
 require 'active_support/json'
 require 'chamber'
 
-# rubocop:disable Lint/HandleExceptions, Layout/EmptyLinesAroundModuleBody
 module  Chamber
-
 begin
   require 'active_record/type/value'
 
   CHAMBER_TYPE_VALUE_SUPERCLASS = ActiveRecord::Type::Value
-rescue LoadError
+rescue LoadError # rubocop:disable Lint/SuppressedException
 end
 
 begin
   require 'active_model/type/value'
 
   CHAMBER_TYPE_VALUE_SUPERCLASS = ActiveModel::Type::Value
-rescue LoadError
+rescue LoadError # rubocop:disable Lint/SuppressedException
 end
 
 module  Types
@@ -25,11 +23,12 @@ class   Secured < CHAMBER_TYPE_VALUE_SUPERCLASS
   attr_accessor :decryption_keys,
                 :encryption_keys
 
-  def initialize(options = {})
-    self.encryption_keys = options.fetch(:encryption_keys,
-                                         Chamber.configuration.encryption_keys)
-    self.decryption_keys = options.fetch(:decryption_keys,
-                                         Chamber.configuration.decryption_keys)
+  def initialize(decryption_keys: ::Chamber.configuration.decryption_keys,
+                 encryption_keys: ::Chamber.configuration.encryption_keys)
+    self.decryption_keys = decryption_keys
+    self.encryption_keys = encryption_keys
+
+    super()
   end
 
   def type
@@ -78,4 +77,3 @@ class   Secured < CHAMBER_TYPE_VALUE_SUPERCLASS
 end
 end
 end
-# rubocop:enable Lint/HandleExceptions, Layout/EmptyLinesAroundModuleBody