chamber 3.0.0 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/lib/chamber/binary/runner.rb +16 -18
- data/lib/chamber/commands/unsecure.rb +38 -0
- data/lib/chamber/file.rb +37 -0
- data/lib/chamber/file_set.rb +4 -0
- data/lib/chamber/instance.rb +4 -0
- data/lib/chamber/settings.rb +15 -0
- data/lib/chamber/version.rb +1 -1
- data.tar.gz.sig +0 -0
- metadata +2 -1
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1434b18f4453229446ae2ae6656c2bf1efe0d1aad2525266aeee1ed974a6d1d8
|
|
4
|
+
data.tar.gz: 461e8495983af2516b9968052acf26080570e319871ee9bab71b60e84f10865b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 53c5345034b1b4e686965450851ddf7706c4152af276cd52d908207e357c9853574d2e62b72eaca26ebf2e2e185548e9289833a536f22b492d2ba07c00ae2f62
|
|
7
|
+
data.tar.gz: a74af49b5470c0fb4ec3c21ff2797bf529d9e32e73e05f73915f9be8f09f05dd608a5a90e888640feba9cdbe2d457181c934d62885f89e0d1a830f4dc7e45e4c
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
|
@@ -2,12 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
require 'thor'
|
|
4
4
|
require 'chamber/rubinius_fix'
|
|
5
|
-
require 'chamber/binary/travis'
|
|
6
|
-
require 'chamber/binary/heroku'
|
|
7
|
-
require 'chamber/binary/circle_ci'
|
|
8
5
|
require 'chamber/commands/show'
|
|
9
6
|
require 'chamber/commands/files'
|
|
10
7
|
require 'chamber/commands/secure'
|
|
8
|
+
require 'chamber/commands/unsecure'
|
|
11
9
|
require 'chamber/commands/sign'
|
|
12
10
|
require 'chamber/commands/verify'
|
|
13
11
|
require 'chamber/commands/compare'
|
|
@@ -62,21 +60,6 @@ class Runner < Thor
|
|
|
62
60
|
|
|
63
61
|
################################################################################
|
|
64
62
|
|
|
65
|
-
desc 'travis SUBCOMMAND ...ARGS', 'For manipulating Travis CI environment variables'
|
|
66
|
-
subcommand 'travis', Chamber::Binary::Travis
|
|
67
|
-
|
|
68
|
-
################################################################################
|
|
69
|
-
|
|
70
|
-
desc 'heroku SUBCOMMAND ...ARGS', 'For manipulating Heroku environment variables'
|
|
71
|
-
subcommand 'heroku', Chamber::Binary::Heroku
|
|
72
|
-
|
|
73
|
-
################################################################################
|
|
74
|
-
|
|
75
|
-
desc 'circleci SUBCOMMAND ...ARGS', 'For manipulating CircleCI environment variables'
|
|
76
|
-
subcommand 'circleci', Chamber::Binary::CircleCi
|
|
77
|
-
|
|
78
|
-
################################################################################
|
|
79
|
-
|
|
80
63
|
desc 'show', 'Displays the list of settings and their values'
|
|
81
64
|
|
|
82
65
|
method_option :as_env,
|
|
@@ -155,6 +138,21 @@ class Runner < Thor
|
|
|
155
138
|
|
|
156
139
|
################################################################################
|
|
157
140
|
|
|
141
|
+
desc 'unsecure',
|
|
142
|
+
'Decrypts all encrypted values using the current key(s)' \
|
|
143
|
+
|
|
144
|
+
method_option :dry_run,
|
|
145
|
+
type: :boolean,
|
|
146
|
+
aliases: '-d',
|
|
147
|
+
desc: 'Does not actually decrypt anything, but instead displays ' \
|
|
148
|
+
'what values would be decrypted'
|
|
149
|
+
|
|
150
|
+
def unsecure
|
|
151
|
+
Commands::Unsecure.call(**options.transform_keys(&:to_sym).merge(shell: self))
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
################################################################################
|
|
155
|
+
|
|
158
156
|
desc 'sign',
|
|
159
157
|
'Creates or verifies signatures for all current settings files using ' \
|
|
160
158
|
'the signature private key.'
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'chamber/commands/base'
|
|
4
|
+
require 'chamber/commands/securable'
|
|
5
|
+
|
|
6
|
+
module Chamber
|
|
7
|
+
module Commands
|
|
8
|
+
class Unsecure < Chamber::Commands::Base
|
|
9
|
+
include Chamber::Commands::Securable
|
|
10
|
+
|
|
11
|
+
def initialize(**args)
|
|
12
|
+
super(**args.merge(namespaces: ['*']))
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def call
|
|
16
|
+
disable_warnings do
|
|
17
|
+
current_settings.secure.to_environment.each_key do |key|
|
|
18
|
+
color = dry_run ? :blue : :green
|
|
19
|
+
|
|
20
|
+
shell.say_status 'decrypt', key, color
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
chamber.unsecure unless dry_run
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
private
|
|
28
|
+
|
|
29
|
+
def disable_warnings
|
|
30
|
+
$stderr = ::File.open('/dev/null', 'w')
|
|
31
|
+
|
|
32
|
+
yield
|
|
33
|
+
|
|
34
|
+
$stderr = STDERR
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
data/lib/chamber/file.rb
CHANGED
|
@@ -107,6 +107,43 @@ class File < Pathname
|
|
|
107
107
|
end
|
|
108
108
|
# rubocop:enable Layout/LineLength, Metrics/AbcSize
|
|
109
109
|
|
|
110
|
+
# rubocop:disable Metrics/AbcSize
|
|
111
|
+
def decrypt
|
|
112
|
+
decrypted_settings = to_settings.decrypted.to_flattened_name_hash
|
|
113
|
+
secure_settings = to_settings.encrypted.to_flattened_name_hash
|
|
114
|
+
file_contents = read
|
|
115
|
+
|
|
116
|
+
decrypted_settings.each_pair do |name_pieces, decrypted_value|
|
|
117
|
+
encrypted_value = secure_settings[name_pieces]
|
|
118
|
+
|
|
119
|
+
next unless encrypted_value.is_a?(String)
|
|
120
|
+
|
|
121
|
+
escaped_name = Regexp.escape(name_pieces.last)
|
|
122
|
+
escaped_value = Regexp.escape(encrypted_value)
|
|
123
|
+
line_pattern = /^(\s*)#{escaped_name}(\s*):(\s*)#{escaped_value}$/
|
|
124
|
+
indentation_level = file_contents
|
|
125
|
+
.match(line_pattern)
|
|
126
|
+
&.[](1)
|
|
127
|
+
&.<<(' ')
|
|
128
|
+
|
|
129
|
+
if decrypted_value.include?("\n")
|
|
130
|
+
decrypted_value = decrypted_value
|
|
131
|
+
.chomp
|
|
132
|
+
.gsub(/\n/, "\n#{indentation_level}")
|
|
133
|
+
.prepend("|\n#{indentation_level}")
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
file_contents
|
|
137
|
+
.sub!(
|
|
138
|
+
line_pattern,
|
|
139
|
+
"\\1#{name_pieces.last}\\2:\\3#{decrypted_value}",
|
|
140
|
+
)
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
write(file_contents)
|
|
144
|
+
end
|
|
145
|
+
# rubocop:enable Metrics/AbcSize
|
|
146
|
+
|
|
110
147
|
def sign
|
|
111
148
|
signature_key_contents = decryption_keys[:signature]
|
|
112
149
|
|
data/lib/chamber/file_set.rb
CHANGED
data/lib/chamber/instance.rb
CHANGED
data/lib/chamber/settings.rb
CHANGED
|
@@ -286,6 +286,21 @@ class Settings
|
|
|
286
286
|
))
|
|
287
287
|
end
|
|
288
288
|
|
|
289
|
+
def decrypted
|
|
290
|
+
Settings.new(**metadata.merge(
|
|
291
|
+
settings: raw_data,
|
|
292
|
+
post_filters: [Filters::DecryptionFilter],
|
|
293
|
+
))
|
|
294
|
+
end
|
|
295
|
+
|
|
296
|
+
def encrypted
|
|
297
|
+
Settings.new(**metadata.merge(
|
|
298
|
+
settings: raw_data,
|
|
299
|
+
pre_filters: [Filters::EncryptionFilter],
|
|
300
|
+
post_filters: [],
|
|
301
|
+
))
|
|
302
|
+
end
|
|
303
|
+
|
|
289
304
|
def insecure
|
|
290
305
|
Settings.new(**metadata.merge(
|
|
291
306
|
settings: raw_data,
|
data/lib/chamber/version.rb
CHANGED
data.tar.gz.sig
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: chamber
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- thekompanee
|
|
@@ -155,6 +155,7 @@ files:
|
|
|
155
155
|
- lib/chamber/commands/show.rb
|
|
156
156
|
- lib/chamber/commands/sign.rb
|
|
157
157
|
- lib/chamber/commands/travis.rb
|
|
158
|
+
- lib/chamber/commands/unsecure.rb
|
|
158
159
|
- lib/chamber/commands/verify.rb
|
|
159
160
|
- lib/chamber/configuration.rb
|
|
160
161
|
- lib/chamber/context_resolver.rb
|
metadata.gz.sig
CHANGED
|
Binary file
|