chamber 2.14.3 → 3.0.0rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/lib/chamber/adapters/cloud/heroku.rb +4 -4
- data/lib/chamber/binary/circle_ci.rb +8 -7
- data/lib/chamber/binary/heroku.rb +8 -7
- data/lib/chamber/binary/runner.rb +11 -10
- data/lib/chamber/binary/travis.rb +7 -3
- data/lib/chamber/commands/securable.rb +4 -1
- data/lib/chamber/context_resolver.rb +0 -1
- data/lib/chamber/encryption_methods/public_key.rb +1 -27
- data/lib/chamber/encryption_methods/ssl.rb +2 -28
- data/lib/chamber/file.rb +5 -28
- data/lib/chamber/file_set.rb +1 -7
- data/lib/chamber/filters/decryption_filter.rb +6 -6
- data/lib/chamber/filters/encryption_filter.rb +8 -5
- data/lib/chamber/filters/environment_filter.rb +11 -10
- data/lib/chamber/filters/failed_decryption_filter.rb +4 -1
- data/lib/chamber/filters/insecure_filter.rb +1 -2
- data/lib/chamber/filters/namespace_filter.rb +9 -5
- data/lib/chamber/filters/secure_filter.rb +5 -3
- data/lib/chamber/filters/translate_secure_keys_filter.rb +5 -3
- data/lib/chamber/instance.rb +7 -14
- data/lib/chamber/keys/base.rb +2 -2
- data/lib/chamber/refinements/array.rb +20 -0
- data/lib/chamber/refinements/deep_dup.rb +58 -0
- data/lib/chamber/refinements/enumerable.rb +20 -9
- data/lib/chamber/refinements/hash.rb +51 -0
- data/lib/chamber/rubinius_fix.rb +1 -1
- data/lib/chamber/settings.rb +24 -41
- data/lib/chamber/types/secured.rb +13 -13
- data/lib/chamber/version.rb +1 -1
- data/lib/chamber.rb +0 -11
- data.tar.gz.sig +4 -1
- metadata +24 -39
- metadata.gz.sig +0 -0
- data/lib/chamber/core_ext/hash.rb +0 -15
- data/lib/chamber/errors/non_conforming_key.rb +0 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3119f8787d3c63913a0ab69a0114cbf6d43a154ad1703aef610a2b02720b0cbc
|
|
4
|
+
data.tar.gz: ed25f8e4a9f93045c94aba4776fa6a0296f9db9f1312e4a1dadeb35343eba140
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: acc3d5daf9e6570ccf16e76b8433e8d0912cdd85f4858f6634ee37531aa6a1c53b47621afeb21c0b9524eea6f8af3a02b52872f843b28a3f94d3e20bfa582880
|
|
7
|
+
data.tar.gz: 39a117062b19f734066f11c405730e499cc0325e6b2e3fd208aa68a930645e28f6b88f4f98e43133e8b70457d82ac3860f426b1385611b0d4b924003f79f0490
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
|
@@ -20,18 +20,18 @@ class Heroku
|
|
|
20
20
|
self.app = app
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
def add_environment_variable(name, value)
|
|
23
|
+
def add_environment_variable(name, value) # rubocop:disable Metrics/AbcSize
|
|
24
24
|
value = value.gsub(/\n/, '\n') if value
|
|
25
25
|
request = ::Net::HTTP::Patch.new(config_vars_uri)
|
|
26
26
|
|
|
27
27
|
request['Authorization'] = "Bearer #{api_token}"
|
|
28
28
|
request['Accept'] = 'application/vnd.heroku+json; version=3'
|
|
29
29
|
request['Content-Type'] = 'application/json'
|
|
30
|
-
request.body = ::JSON.dump(
|
|
30
|
+
request.body = ::JSON.dump(::Hash[name, value])
|
|
31
31
|
|
|
32
32
|
response = ::JSON.parse(response(request).body)
|
|
33
33
|
|
|
34
|
-
fail NameError, response['message'] if response['message']
|
|
34
|
+
fail ::NameError, response['message'] if response['message']
|
|
35
35
|
|
|
36
36
|
response
|
|
37
37
|
end
|
|
@@ -44,7 +44,7 @@ class Heroku
|
|
|
44
44
|
|
|
45
45
|
response = ::JSON.parse(response(request).body)
|
|
46
46
|
|
|
47
|
-
fail NameError, response['message'] if response['message']
|
|
47
|
+
fail ::NameError, response['message'] if response['message']
|
|
48
48
|
|
|
49
49
|
response
|
|
50
50
|
end
|
|
@@ -1,16 +1,17 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'thor'
|
|
4
|
-
require 'chamber/core_ext/hash'
|
|
5
4
|
require 'chamber/commands/cloud/clear'
|
|
6
5
|
require 'chamber/commands/cloud/push'
|
|
7
6
|
require 'chamber/commands/cloud/pull'
|
|
8
7
|
require 'chamber/commands/cloud/compare'
|
|
8
|
+
require 'chamber/refinements/hash'
|
|
9
9
|
|
|
10
10
|
module Chamber
|
|
11
11
|
module Binary
|
|
12
|
-
class CircleCi < Thor
|
|
13
|
-
include Thor::Actions
|
|
12
|
+
class CircleCi < ::Thor
|
|
13
|
+
include ::Thor::Actions
|
|
14
|
+
using ::Chamber::Refinements::Hash
|
|
14
15
|
|
|
15
16
|
class_option :api_token,
|
|
16
17
|
type: :string,
|
|
@@ -49,7 +50,7 @@ class CircleCi < Thor
|
|
|
49
50
|
|
|
50
51
|
def clear
|
|
51
52
|
Commands::Cloud::Clear.call(**options
|
|
52
|
-
.
|
|
53
|
+
.deep_transform_keys(&:to_sym)
|
|
53
54
|
.merge(shell: self, adapter: 'circle_ci'))
|
|
54
55
|
end
|
|
55
56
|
|
|
@@ -81,7 +82,7 @@ class CircleCi < Thor
|
|
|
81
82
|
|
|
82
83
|
def push
|
|
83
84
|
Commands::Cloud::Push.call(**options
|
|
84
|
-
.
|
|
85
|
+
.deep_transform_keys(&:to_sym)
|
|
85
86
|
.merge(shell: self, adapter: 'circle_ci'))
|
|
86
87
|
end
|
|
87
88
|
|
|
@@ -96,7 +97,7 @@ class CircleCi < Thor
|
|
|
96
97
|
|
|
97
98
|
def pull
|
|
98
99
|
Commands::Cloud::Pull.call(**options
|
|
99
|
-
.
|
|
100
|
+
.deep_transform_keys(&:to_sym)
|
|
100
101
|
.merge(shell: self, adapter: 'circle_ci'))
|
|
101
102
|
end
|
|
102
103
|
|
|
@@ -114,7 +115,7 @@ class CircleCi < Thor
|
|
|
114
115
|
|
|
115
116
|
def compare
|
|
116
117
|
Commands::Cloud::Compare.call(**options
|
|
117
|
-
.
|
|
118
|
+
.deep_transform_keys(&:to_sym)
|
|
118
119
|
.merge(shell: self, adapter: 'circle_ci'))
|
|
119
120
|
end
|
|
120
121
|
end
|
|
@@ -1,16 +1,17 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'thor'
|
|
4
|
-
require 'chamber/core_ext/hash'
|
|
5
4
|
require 'chamber/commands/cloud/clear'
|
|
6
5
|
require 'chamber/commands/cloud/push'
|
|
7
6
|
require 'chamber/commands/cloud/pull'
|
|
8
7
|
require 'chamber/commands/cloud/compare'
|
|
8
|
+
require 'chamber/refinements/hash'
|
|
9
9
|
|
|
10
10
|
module Chamber
|
|
11
11
|
module Binary
|
|
12
|
-
class Heroku < Thor
|
|
13
|
-
include Thor::Actions
|
|
12
|
+
class Heroku < ::Thor
|
|
13
|
+
include ::Thor::Actions
|
|
14
|
+
using ::Chamber::Refinements::Hash
|
|
14
15
|
|
|
15
16
|
class_option :app,
|
|
16
17
|
type: :string,
|
|
@@ -37,7 +38,7 @@ class Heroku < Thor
|
|
|
37
38
|
|
|
38
39
|
def clear
|
|
39
40
|
Commands::Cloud::Clear.call(**options
|
|
40
|
-
.
|
|
41
|
+
.deep_transform_keys(&:to_sym)
|
|
41
42
|
.merge(shell: self, adapter: 'heroku'))
|
|
42
43
|
end
|
|
43
44
|
|
|
@@ -69,7 +70,7 @@ class Heroku < Thor
|
|
|
69
70
|
|
|
70
71
|
def push
|
|
71
72
|
Commands::Cloud::Push.call(**options
|
|
72
|
-
.
|
|
73
|
+
.deep_transform_keys(&:to_sym)
|
|
73
74
|
.merge(shell: self, adapter: 'heroku'))
|
|
74
75
|
end
|
|
75
76
|
|
|
@@ -84,7 +85,7 @@ class Heroku < Thor
|
|
|
84
85
|
|
|
85
86
|
def pull
|
|
86
87
|
Commands::Cloud::Pull.call(**options
|
|
87
|
-
.
|
|
88
|
+
.deep_transform_keys(&:to_sym)
|
|
88
89
|
.merge(shell: self, adapter: 'heroku'))
|
|
89
90
|
end
|
|
90
91
|
|
|
@@ -102,7 +103,7 @@ class Heroku < Thor
|
|
|
102
103
|
|
|
103
104
|
def compare
|
|
104
105
|
Commands::Cloud::Compare.call(**options
|
|
105
|
-
.
|
|
106
|
+
.deep_transform_keys(&:to_sym)
|
|
106
107
|
.merge(shell: self, adapter: 'heroku'))
|
|
107
108
|
end
|
|
108
109
|
end
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'thor'
|
|
4
|
-
require 'chamber/core_ext/hash'
|
|
5
4
|
require 'chamber/rubinius_fix'
|
|
6
5
|
require 'chamber/binary/travis'
|
|
7
6
|
require 'chamber/binary/heroku'
|
|
@@ -13,11 +12,13 @@ require 'chamber/commands/sign'
|
|
|
13
12
|
require 'chamber/commands/verify'
|
|
14
13
|
require 'chamber/commands/compare'
|
|
15
14
|
require 'chamber/commands/initialize'
|
|
15
|
+
require 'chamber/refinements/hash'
|
|
16
16
|
|
|
17
17
|
module Chamber
|
|
18
18
|
module Binary
|
|
19
|
-
class Runner < Thor
|
|
20
|
-
include Thor::Actions
|
|
19
|
+
class Runner < ::Thor
|
|
20
|
+
include ::Thor::Actions
|
|
21
|
+
using ::Chamber::Refinements::Hash
|
|
21
22
|
|
|
22
23
|
source_root ::File.expand_path('../../../templates', __dir__)
|
|
23
24
|
|
|
@@ -93,7 +94,7 @@ class Runner < Thor
|
|
|
93
94
|
'Useful for debugging.'
|
|
94
95
|
|
|
95
96
|
def show
|
|
96
|
-
puts Commands::Show.call(**options.
|
|
97
|
+
puts Commands::Show.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
97
98
|
end
|
|
98
99
|
|
|
99
100
|
################################################################################
|
|
@@ -101,7 +102,7 @@ class Runner < Thor
|
|
|
101
102
|
desc 'files', 'Lists the settings files which are parsed with the given options'
|
|
102
103
|
|
|
103
104
|
def files
|
|
104
|
-
puts Commands::Files.call(**options.
|
|
105
|
+
puts Commands::Files.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
105
106
|
end
|
|
106
107
|
|
|
107
108
|
################################################################################
|
|
@@ -131,7 +132,7 @@ class Runner < Thor
|
|
|
131
132
|
'destination of the comparison'
|
|
132
133
|
|
|
133
134
|
def compare
|
|
134
|
-
Commands::Compare.call(**options.
|
|
135
|
+
Commands::Compare.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
135
136
|
end
|
|
136
137
|
|
|
137
138
|
################################################################################
|
|
@@ -151,7 +152,7 @@ class Runner < Thor
|
|
|
151
152
|
'what values would be encrypted'
|
|
152
153
|
|
|
153
154
|
def secure
|
|
154
|
-
Commands::Secure.call(**options.
|
|
155
|
+
Commands::Secure.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
155
156
|
end
|
|
156
157
|
|
|
157
158
|
################################################################################
|
|
@@ -170,9 +171,9 @@ class Runner < Thor
|
|
|
170
171
|
|
|
171
172
|
def sign
|
|
172
173
|
if options[:verify]
|
|
173
|
-
Commands::Verify.call(**options.
|
|
174
|
+
Commands::Verify.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
174
175
|
else
|
|
175
|
-
Commands::Sign.call(**options.
|
|
176
|
+
Commands::Sign.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
176
177
|
end
|
|
177
178
|
end
|
|
178
179
|
|
|
@@ -186,7 +187,7 @@ class Runner < Thor
|
|
|
186
187
|
default: false
|
|
187
188
|
|
|
188
189
|
def init
|
|
189
|
-
Commands::Initialize.call(**options.
|
|
190
|
+
Commands::Initialize.call(**options.deep_transform_keys(&:to_sym).merge(shell: self))
|
|
190
191
|
end
|
|
191
192
|
end
|
|
192
193
|
end
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'thor'
|
|
4
|
-
require 'chamber/core_ext/hash'
|
|
5
4
|
require 'chamber/commands/travis/secure'
|
|
5
|
+
require 'chamber/refinements/hash'
|
|
6
6
|
|
|
7
7
|
module Chamber
|
|
8
8
|
module Binary
|
|
9
|
-
class Travis < Thor
|
|
9
|
+
class Travis < ::Thor
|
|
10
|
+
using ::Chamber::Refinements::Hash
|
|
11
|
+
|
|
10
12
|
desc 'secure',
|
|
11
13
|
'Uses your Travis CI public key to encrypt the settings you have ' \
|
|
12
14
|
'chosen not to commit to the repo'
|
|
@@ -26,7 +28,9 @@ class Travis < Thor
|
|
|
26
28
|
'which are marked as "_secure"'
|
|
27
29
|
|
|
28
30
|
def secure
|
|
29
|
-
Commands::Travis::Secure.call(**options
|
|
31
|
+
Commands::Travis::Secure.call(**options
|
|
32
|
+
.deep_transform_keys(&:to_sym)
|
|
33
|
+
.merge(shell: self))
|
|
30
34
|
end
|
|
31
35
|
end
|
|
32
36
|
end
|
|
@@ -2,15 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
require 'shellwords'
|
|
4
4
|
require 'chamber/instance'
|
|
5
|
+
require 'chamber/refinements/hash'
|
|
5
6
|
|
|
6
7
|
module Chamber
|
|
7
8
|
module Commands
|
|
8
9
|
module Securable
|
|
10
|
+
using ::Chamber::Refinements::Hash
|
|
11
|
+
|
|
9
12
|
def initialize(only_sensitive: nil, **args)
|
|
10
13
|
super(**args)
|
|
11
14
|
|
|
12
15
|
ignored_settings_options = args
|
|
13
|
-
.
|
|
16
|
+
.deep_merge(files: ignored_settings_filepaths)
|
|
14
17
|
.reject { |k, _v| k == 'basepath' }
|
|
15
18
|
self.ignored_settings_instance = Chamber::Instance.new(**ignored_settings_options)
|
|
16
19
|
self.current_settings_instance = Chamber::Instance.new(**args)
|
|
@@ -20,33 +20,7 @@ class PublicKey
|
|
|
20
20
|
unencrypted_value = decryption_key.private_decrypt(decoded_string)
|
|
21
21
|
|
|
22
22
|
begin
|
|
23
|
-
_unserialized_value =
|
|
24
|
-
YAML.safe_load(unencrypted_value,
|
|
25
|
-
aliases: true,
|
|
26
|
-
permitted_classes: [
|
|
27
|
-
::Date,
|
|
28
|
-
::Time,
|
|
29
|
-
::Regexp,
|
|
30
|
-
])
|
|
31
|
-
rescue ::Psych::DisallowedClass => error
|
|
32
|
-
warn <<-HEREDOC
|
|
33
|
-
WARNING: Recursive data structures (complex classes) being loaded from Chamber
|
|
34
|
-
has been deprecated and will be removed in 3.0.
|
|
35
|
-
|
|
36
|
-
See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
|
|
37
|
-
for full details.
|
|
38
|
-
|
|
39
|
-
#{error.message}
|
|
40
|
-
|
|
41
|
-
Called from: '#{caller.to_a[8]}'
|
|
42
|
-
HEREDOC
|
|
43
|
-
|
|
44
|
-
if YAML.respond_to?(:unsafe_load)
|
|
45
|
-
YAML.unsafe_load(unencrypted_value)
|
|
46
|
-
else
|
|
47
|
-
YAML.load(unencrypted_value)
|
|
48
|
-
end
|
|
49
|
-
end
|
|
23
|
+
_unserialized_value = YAML.load(unencrypted_value)
|
|
50
24
|
rescue TypeError
|
|
51
25
|
unencrypted_value
|
|
52
26
|
end
|
|
@@ -35,7 +35,7 @@ class Ssl
|
|
|
35
35
|
Base64.strict_encode64(encrypted_data)
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
-
def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize
|
|
38
|
+
def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize
|
|
39
39
|
if decryption_keys.nil?
|
|
40
40
|
value
|
|
41
41
|
else
|
|
@@ -62,33 +62,7 @@ class Ssl
|
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
begin
|
|
65
|
-
_unserialized_value =
|
|
66
|
-
YAML.safe_load(unencrypted_value,
|
|
67
|
-
aliases: true,
|
|
68
|
-
permitted_classes: [
|
|
69
|
-
::Date,
|
|
70
|
-
::Time,
|
|
71
|
-
::Regexp,
|
|
72
|
-
])
|
|
73
|
-
rescue ::Psych::DisallowedClass => error
|
|
74
|
-
warn <<-HEREDOC
|
|
75
|
-
WARNING: Recursive data structures (complex classes) being loaded from Chamber
|
|
76
|
-
has been deprecated and will be removed in 3.0.
|
|
77
|
-
|
|
78
|
-
See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
|
|
79
|
-
for full details.
|
|
80
|
-
|
|
81
|
-
#{error.message}
|
|
82
|
-
|
|
83
|
-
Called from: '#{caller.to_a[8]}'
|
|
84
|
-
HEREDOC
|
|
85
|
-
|
|
86
|
-
if YAML.respond_to?(:unsafe_load)
|
|
87
|
-
YAML.unsafe_load(unencrypted_value)
|
|
88
|
-
else
|
|
89
|
-
YAML.load(unencrypted_value)
|
|
90
|
-
end
|
|
91
|
-
end
|
|
65
|
+
_unserialized_value = YAML.load(unencrypted_value)
|
|
92
66
|
rescue TypeError
|
|
93
67
|
unencrypted_value
|
|
94
68
|
end
|
data/lib/chamber/file.rb
CHANGED
|
@@ -4,6 +4,7 @@ require 'pathname'
|
|
|
4
4
|
require 'yaml'
|
|
5
5
|
require 'erb'
|
|
6
6
|
require 'chamber/files/signature'
|
|
7
|
+
require 'chamber/refinements/hash'
|
|
7
8
|
|
|
8
9
|
###
|
|
9
10
|
# Internal: Represents a single file containing settings information in a given
|
|
@@ -11,6 +12,8 @@ require 'chamber/files/signature'
|
|
|
11
12
|
#
|
|
12
13
|
module Chamber
|
|
13
14
|
class File < Pathname
|
|
15
|
+
using ::Chamber::Refinements::Hash
|
|
16
|
+
|
|
14
17
|
attr_accessor :namespaces,
|
|
15
18
|
:decryption_keys,
|
|
16
19
|
:encryption_keys,
|
|
@@ -139,37 +142,11 @@ class File < Pathname
|
|
|
139
142
|
@secure_prefix_pattern ||= Regexp.escape(secure_prefix)
|
|
140
143
|
end
|
|
141
144
|
|
|
142
|
-
def file_contents_hash
|
|
145
|
+
def file_contents_hash
|
|
143
146
|
file_contents = read
|
|
144
147
|
erb_result = ERB.new(file_contents).result
|
|
145
148
|
|
|
146
|
-
|
|
147
|
-
YAML.safe_load(erb_result,
|
|
148
|
-
aliases: true,
|
|
149
|
-
permitted_classes: [
|
|
150
|
-
::Date,
|
|
151
|
-
::Time,
|
|
152
|
-
::Regexp,
|
|
153
|
-
]) || {}
|
|
154
|
-
rescue ::Psych::DisallowedClass => error
|
|
155
|
-
warn <<-HEREDOC
|
|
156
|
-
WARNING: Recursive data structures (complex classes) being loaded from Chamber
|
|
157
|
-
has been deprecated and will be removed in 3.0.
|
|
158
|
-
|
|
159
|
-
See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
|
|
160
|
-
for full details.
|
|
161
|
-
|
|
162
|
-
#{error.message}
|
|
163
|
-
|
|
164
|
-
Called from: '#{caller.to_a[2]}'
|
|
165
|
-
HEREDOC
|
|
166
|
-
|
|
167
|
-
if YAML.respond_to?(:unsafe_load)
|
|
168
|
-
YAML.unsafe_load(erb_result) || {}
|
|
169
|
-
else
|
|
170
|
-
YAML.load(erb_result) || {}
|
|
171
|
-
end
|
|
172
|
-
end
|
|
149
|
+
(YAML.load(erb_result) || {}).deep_transform_keys(&:to_s)
|
|
173
150
|
rescue Errno::ENOENT
|
|
174
151
|
{}
|
|
175
152
|
end
|
data/lib/chamber/file_set.rb
CHANGED
|
@@ -256,15 +256,9 @@ class FileSet
|
|
|
256
256
|
|
|
257
257
|
private
|
|
258
258
|
|
|
259
|
-
# rubocop:disable Performance/ChainArrayAllocation
|
|
260
259
|
def all_files
|
|
261
|
-
@all_files ||= file_globs
|
|
262
|
-
.map { |fg| Pathname.glob(fg) }
|
|
263
|
-
.flatten
|
|
264
|
-
.uniq
|
|
265
|
-
.sort
|
|
260
|
+
@all_files ||= file_globs.map { |fg| Pathname.glob(fg) }.flatten.uniq.sort # rubocop:disable Performance/ChainArrayAllocation
|
|
266
261
|
end
|
|
267
|
-
# rubocop:enable Performance/ChainArrayAllocation
|
|
268
262
|
|
|
269
263
|
def non_namespaced_files
|
|
270
264
|
@non_namespaced_files ||= all_files - namespaced_files
|
|
@@ -2,16 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
require 'openssl'
|
|
4
4
|
require 'base64'
|
|
5
|
-
require 'hashie/mash'
|
|
6
5
|
require 'yaml'
|
|
7
6
|
require 'chamber/encryption_methods/public_key'
|
|
8
7
|
require 'chamber/encryption_methods/ssl'
|
|
9
8
|
require 'chamber/encryption_methods/none'
|
|
10
9
|
require 'chamber/errors/decryption_failure'
|
|
10
|
+
require 'chamber/refinements/deep_dup'
|
|
11
11
|
|
|
12
12
|
module Chamber
|
|
13
13
|
module Filters
|
|
14
14
|
class DecryptionFilter
|
|
15
|
+
using ::Chamber::Refinements::DeepDup
|
|
16
|
+
|
|
15
17
|
BASE64_STRING_PATTERN = %r{\A[A-Za-z0-9+/]{342}==\z}.freeze
|
|
16
18
|
LARGE_DATA_STRING_PATTERN = %r{
|
|
17
19
|
\A # Beginning of String
|
|
@@ -35,7 +37,7 @@ class DecryptionFilter
|
|
|
35
37
|
|
|
36
38
|
def initialize(data:, secure_key_prefix:, decryption_keys: {}, **_args)
|
|
37
39
|
self.decryption_keys = decryption_keys || {}
|
|
38
|
-
self.data = data.
|
|
40
|
+
self.data = data.deep_dup
|
|
39
41
|
self.secure_key_token = /\A#{Regexp.escape(secure_key_prefix)}/
|
|
40
42
|
end
|
|
41
43
|
|
|
@@ -46,7 +48,7 @@ class DecryptionFilter
|
|
|
46
48
|
protected
|
|
47
49
|
|
|
48
50
|
def execute(raw_data = data)
|
|
49
|
-
settings =
|
|
51
|
+
settings = {}
|
|
50
52
|
|
|
51
53
|
raw_data.each_pair do |key, value|
|
|
52
54
|
settings[key] = if value.respond_to? :each_pair
|
|
@@ -75,7 +77,6 @@ class DecryptionFilter
|
|
|
75
77
|
|
|
76
78
|
private
|
|
77
79
|
|
|
78
|
-
# rubocop:disable Style/RedundantBegin
|
|
79
80
|
def decrypt(key, value)
|
|
80
81
|
method = decryption_method(value)
|
|
81
82
|
|
|
@@ -89,10 +90,9 @@ class DecryptionFilter
|
|
|
89
90
|
|
|
90
91
|
value
|
|
91
92
|
end
|
|
92
|
-
# rubocop:enable Style/RedundantBegin
|
|
93
93
|
|
|
94
94
|
def decryption_method(value)
|
|
95
|
-
if value.
|
|
95
|
+
if value.respond_to?(:match)
|
|
96
96
|
if value.match(BASE64_STRING_PATTERN)
|
|
97
97
|
EncryptionMethods::PublicKey
|
|
98
98
|
elsif value.match(LARGE_DATA_STRING_PATTERN)
|
|
@@ -1,15 +1,17 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'openssl'
|
|
4
|
-
require 'hashie/mash'
|
|
5
4
|
require 'yaml'
|
|
6
5
|
require 'chamber/encryption_methods/public_key'
|
|
7
6
|
require 'chamber/encryption_methods/ssl'
|
|
8
7
|
require 'chamber/encryption_methods/none'
|
|
8
|
+
require 'chamber/refinements/deep_dup'
|
|
9
9
|
|
|
10
10
|
module Chamber
|
|
11
11
|
module Filters
|
|
12
12
|
class EncryptionFilter
|
|
13
|
+
using ::Chamber::Refinements::DeepDup
|
|
14
|
+
|
|
13
15
|
BASE64_STRING_PATTERN = %r{\A[A-Za-z0-9+/]{342}==\z}.freeze
|
|
14
16
|
BASE64_SUBSTRING_PATTERN = %r{[A-Za-z0-9+/#]*={0,2}}.freeze
|
|
15
17
|
LARGE_DATA_STRING_PATTERN = /
|
|
@@ -28,7 +30,7 @@ class EncryptionFilter
|
|
|
28
30
|
|
|
29
31
|
def initialize(data:, secure_key_prefix:, encryption_keys: {}, **_args)
|
|
30
32
|
self.encryption_keys = encryption_keys || {}
|
|
31
|
-
self.data = data.
|
|
33
|
+
self.data = data.deep_dup
|
|
32
34
|
self.secure_key_token = /\A#{Regexp.escape(secure_key_prefix)}/
|
|
33
35
|
end
|
|
34
36
|
|
|
@@ -39,7 +41,7 @@ class EncryptionFilter
|
|
|
39
41
|
protected
|
|
40
42
|
|
|
41
43
|
def execute(raw_data = data, namespace = nil)
|
|
42
|
-
raw_data.each_with_object(
|
|
44
|
+
raw_data.each_with_object({}) do |(key, value), settings|
|
|
43
45
|
settings[key] = if value.respond_to? :each_pair
|
|
44
46
|
execute(value, namespace || key)
|
|
45
47
|
elsif key.match(secure_key_token)
|
|
@@ -67,7 +69,8 @@ class EncryptionFilter
|
|
|
67
69
|
|
|
68
70
|
def encrypt(namespace, key, value)
|
|
69
71
|
method = encryption_method(value)
|
|
70
|
-
|
|
72
|
+
namespace_key = namespace ? namespace.to_sym : nil
|
|
73
|
+
encryption_key = encryption_keys[namespace_key] || encryption_keys[:__default]
|
|
71
74
|
|
|
72
75
|
return value unless encryption_key
|
|
73
76
|
|
|
@@ -75,7 +78,7 @@ class EncryptionFilter
|
|
|
75
78
|
end
|
|
76
79
|
|
|
77
80
|
def encryption_method(value)
|
|
78
|
-
value_is_encrypted = value.
|
|
81
|
+
value_is_encrypted = value.respond_to?(:match) &&
|
|
79
82
|
(value.match(BASE64_STRING_PATTERN) ||
|
|
80
83
|
value.match(LARGE_DATA_STRING_PATTERN))
|
|
81
84
|
|
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'yaml'
|
|
4
|
-
require 'hashie/mash'
|
|
5
|
-
|
|
6
4
|
require 'chamber/errors/environment_conversion'
|
|
5
|
+
require 'chamber/refinements/hash'
|
|
6
|
+
require 'chamber/refinements/deep_dup'
|
|
7
7
|
|
|
8
8
|
module Chamber
|
|
9
9
|
module Filters
|
|
10
10
|
class EnvironmentFilter
|
|
11
|
+
using ::Chamber::Refinements::Hash
|
|
12
|
+
using ::Chamber::Refinements::DeepDup
|
|
13
|
+
|
|
11
14
|
###
|
|
12
15
|
# Internal: Allows the existing environment to be injected into the passed in
|
|
13
16
|
# hash. The hash that is passed in is *not* modified, instead a new hash is
|
|
@@ -110,11 +113,9 @@ class EnvironmentFilter
|
|
|
110
113
|
{ key => execute(value, environment_keys) }
|
|
111
114
|
end,
|
|
112
115
|
lambda do |key, value, environment_key|
|
|
113
|
-
{
|
|
114
|
-
key => convert_environment_value(environment_key,
|
|
116
|
+
{ key => convert_environment_value(environment_key,
|
|
115
117
|
ENV[environment_key],
|
|
116
|
-
value)
|
|
117
|
-
}
|
|
118
|
+
value) }
|
|
118
119
|
end,
|
|
119
120
|
)
|
|
120
121
|
end
|
|
@@ -122,18 +123,18 @@ class EnvironmentFilter
|
|
|
122
123
|
private
|
|
123
124
|
|
|
124
125
|
def with_environment(settings, parent_keys, hash_block, value_block)
|
|
125
|
-
environment_hash =
|
|
126
|
+
environment_hash = {}
|
|
126
127
|
|
|
127
128
|
settings.each_pair do |key, value|
|
|
128
129
|
environment_key = key.to_s.gsub(secure_key_token, '')
|
|
129
|
-
environment_keys = parent_keys.
|
|
130
|
+
environment_keys = parent_keys.deep_dup.push(environment_key)
|
|
130
131
|
|
|
131
132
|
if value.respond_to? :each_pair
|
|
132
|
-
environment_hash.
|
|
133
|
+
environment_hash.deep_merge!(hash_block.call(key, value, environment_keys))
|
|
133
134
|
else
|
|
134
135
|
environment_key = environment_keys.join('_').upcase
|
|
135
136
|
|
|
136
|
-
environment_hash.
|
|
137
|
+
environment_hash.deep_merge!(value_block.call(key, value, environment_key))
|
|
137
138
|
end
|
|
138
139
|
end
|
|
139
140
|
|
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'chamber/errors/decryption_failure'
|
|
4
|
+
require 'chamber/refinements/deep_dup'
|
|
4
5
|
|
|
5
6
|
module Chamber
|
|
6
7
|
module Filters
|
|
7
8
|
class FailedDecryptionFilter
|
|
9
|
+
using ::Chamber::Refinements::DeepDup
|
|
10
|
+
|
|
8
11
|
BASE64_STRING_PATTERN = %r{\A[A-Za-z0-9+/]{342}==\z}.freeze
|
|
9
12
|
|
|
10
13
|
def self.execute(**args)
|
|
@@ -15,7 +18,7 @@ class FailedDecryptionFilter
|
|
|
15
18
|
:secure_key_token
|
|
16
19
|
|
|
17
20
|
def initialize(data:, secure_key_prefix:, **_args)
|
|
18
|
-
self.data = data.
|
|
21
|
+
self.data = data.deep_dup
|
|
19
22
|
self.secure_key_token = /\A#{Regexp.escape(secure_key_prefix)}/
|
|
20
23
|
end
|
|
21
24
|
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require 'hashie/mash'
|
|
4
3
|
require 'chamber/filters/secure_filter'
|
|
5
4
|
|
|
6
5
|
module Chamber
|
|
@@ -22,7 +21,7 @@ class InsecureFilter < SecureFilter
|
|
|
22
21
|
|
|
23
22
|
def execute(raw_data = data) # rubocop:disable Metrics/CyclomaticComplexity
|
|
24
23
|
securable_settings = super
|
|
25
|
-
settings =
|
|
24
|
+
settings = {}
|
|
26
25
|
|
|
27
26
|
securable_settings.each_pair do |key, value|
|
|
28
27
|
value = if value.respond_to? :each_pair
|