chamber 3.0.1 → 3.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9e37ed83e4c76419880c6abbfdc967f2e82a6fc8824b868904cae1fcb26878d0
4
- data.tar.gz: a61415b6fcce618cbd452a7373b22b3ea1093cb8150b12df6798021743ff02d3
3
+ metadata.gz: d3c926bcc85c9ee059234c9c2098bf1ae3856fe8fbd104b5fb735c9e9563b544
4
+ data.tar.gz: 1a95f2a3b154ac32cddb9b57634897c83e963401feb1a53445b63f92ef70ee33
5
5
  SHA512:
6
- metadata.gz: c55d1d457aa0a4d908d4be0e790dc86f10895a2d6514613e1d2d27bfb6ebbde69a7d5e4bb4f0695e6f8da1d993f7d820644b3a975b88d2d91237936c15a6c5e3
7
- data.tar.gz: d0cecb00b849c518ac20f1fefd6c76029e6dbd6a54a9676b28a94529a7df5da9e8a0ef8ea2301cfc9460a627ae168bbab3f07954a48931e5c9a9dd1d60d8f087
6
+ metadata.gz: 0e606a46915ca345ce0d5983fcd03a2a1befbfc01bd0bfae11db4533c2fd860caf05fe51bb1a1b5a2c5f3c636f88822b21c30cc89b7e321164ba578651412b5e
7
+ data.tar.gz: 86d7d2379a89dc954d8c253a22ddaa1eedca2def81f24471205dda362a8225e34d1956b57f9b8181431c0571f248276e8407dce1520fcaca769bffe95b8d754f
checksums.yaml.gz.sig CHANGED
Binary file
@@ -5,6 +5,7 @@ require 'chamber/rubinius_fix'
5
5
  require 'chamber/commands/show'
6
6
  require 'chamber/commands/files'
7
7
  require 'chamber/commands/secure'
8
+ require 'chamber/commands/unsecure'
8
9
  require 'chamber/commands/sign'
9
10
  require 'chamber/commands/verify'
10
11
  require 'chamber/commands/compare'
@@ -137,6 +138,21 @@ class Runner < Thor
137
138
 
138
139
  ################################################################################
139
140
 
141
+ desc 'unsecure',
142
+ 'Decrypts all encrypted values using the current key(s)' \
143
+
144
+ method_option :dry_run,
145
+ type: :boolean,
146
+ aliases: '-d',
147
+ desc: 'Does not actually decrypt anything, but instead displays ' \
148
+ 'what values would be decrypted'
149
+
150
+ def unsecure
151
+ Commands::Unsecure.call(**options.transform_keys(&:to_sym).merge(shell: self))
152
+ end
153
+
154
+ ################################################################################
155
+
140
156
  desc 'sign',
141
157
  'Creates or verifies signatures for all current settings files using ' \
142
158
  'the signature private key.'
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'pp'
3
4
  require 'chamber/commands/base'
4
5
 
5
6
  module Chamber
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'chamber/commands/base'
4
+ require 'chamber/commands/securable'
5
+
6
+ module Chamber
7
+ module Commands
8
+ class Unsecure < Chamber::Commands::Base
9
+ include Chamber::Commands::Securable
10
+
11
+ def initialize(**args)
12
+ super(**args.merge(namespaces: ['*']))
13
+ end
14
+
15
+ def call
16
+ disable_warnings do
17
+ current_settings.secure.to_environment.each_key do |key|
18
+ color = dry_run ? :blue : :green
19
+
20
+ shell.say_status 'decrypt', key, color
21
+ end
22
+ end
23
+
24
+ chamber.unsecure unless dry_run
25
+ end
26
+
27
+ private
28
+
29
+ def disable_warnings
30
+ $stderr = ::File.open('/dev/null', 'w')
31
+
32
+ yield
33
+
34
+ $stderr = STDERR
35
+ end
36
+ end
37
+ end
38
+ end
@@ -18,7 +18,7 @@ class ContextResolver
18
18
  self.options = args
19
19
  end
20
20
 
21
- # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/AbcSize, Layout/LineLength
21
+ # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/AbcSize, Layout/LineLength, Lint/SelfAssignment
22
22
  def resolve
23
23
  options[:rootpath] ||= Pathname.pwd
24
24
  options[:rootpath] = Pathname.new(options[:rootpath])
@@ -50,7 +50,7 @@ class ContextResolver
50
50
 
51
51
  options
52
52
  end
53
- # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/AbcSize, Layout/LineLength
53
+ # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/AbcSize, Layout/LineLength, Lint/SelfAssignment
54
54
 
55
55
  protected
56
56
 
data/lib/chamber/file.rb CHANGED
@@ -49,7 +49,7 @@ class File < Pathname
49
49
  self.encryption_keys = encryption_keys
50
50
  self.signature_name = signature_name
51
51
 
52
- super path
52
+ super(path)
53
53
  end
54
54
 
55
55
  ###
@@ -107,6 +107,43 @@ class File < Pathname
107
107
  end
108
108
  # rubocop:enable Layout/LineLength, Metrics/AbcSize
109
109
 
110
+ # rubocop:disable Metrics/AbcSize
111
+ def decrypt
112
+ decrypted_settings = to_settings.decrypted.to_flattened_name_hash
113
+ secure_settings = to_settings.encrypted.to_flattened_name_hash
114
+ file_contents = read
115
+
116
+ decrypted_settings.each_pair do |name_pieces, decrypted_value|
117
+ encrypted_value = secure_settings[name_pieces]
118
+
119
+ next unless encrypted_value.is_a?(String)
120
+
121
+ escaped_name = Regexp.escape(name_pieces.last)
122
+ escaped_value = Regexp.escape(encrypted_value)
123
+ line_pattern = /^(\s*)#{escaped_name}(\s*):(\s*)#{escaped_value}$/
124
+ indentation_level = file_contents
125
+ .match(line_pattern)
126
+ &.[](1)
127
+ &.<<(' ')
128
+
129
+ if decrypted_value.include?("\n")
130
+ decrypted_value = decrypted_value
131
+ .chomp
132
+ .gsub("\n", "\n#{indentation_level}")
133
+ .prepend("|\n#{indentation_level}")
134
+ end
135
+
136
+ file_contents
137
+ .sub!(
138
+ line_pattern,
139
+ "\\1#{name_pieces.last}\\2:\\3#{decrypted_value}",
140
+ )
141
+ end
142
+
143
+ write(file_contents)
144
+ end
145
+ # rubocop:enable Metrics/AbcSize
146
+
110
147
  def sign
111
148
  signature_key_contents = decryption_keys[:signature]
112
149
 
@@ -192,6 +192,10 @@ class FileSet
192
192
  files.each(&:secure)
193
193
  end
194
194
 
195
+ def unsecure
196
+ files.each(&:decrypt)
197
+ end
198
+
195
199
  def sign
196
200
  files.each(&:sign)
197
201
  end
@@ -38,6 +38,10 @@ class Instance
38
38
  files.secure
39
39
  end
40
40
 
41
+ def unsecure
42
+ files.unsecure
43
+ end
44
+
41
45
  def sign
42
46
  files.sign
43
47
  end
@@ -58,7 +58,7 @@ class KeyPair
58
58
  private
59
59
 
60
60
  def encrypted_private_key
61
- @encrypted_private_key ||= \
61
+ @encrypted_private_key ||=
62
62
  unencrypted_private_key.export(encryption_cipher, passphrase)
63
63
  end
64
64
 
@@ -286,6 +286,21 @@ class Settings
286
286
  ))
287
287
  end
288
288
 
289
+ def decrypted
290
+ Settings.new(**metadata.merge(
291
+ settings: raw_data,
292
+ post_filters: [Filters::DecryptionFilter],
293
+ ))
294
+ end
295
+
296
+ def encrypted
297
+ Settings.new(**metadata.merge(
298
+ settings: raw_data,
299
+ pre_filters: [Filters::EncryptionFilter],
300
+ post_filters: [],
301
+ ))
302
+ end
303
+
289
304
  def insecure
290
305
  Settings.new(**metadata.merge(
291
306
  settings: raw_data,
@@ -302,14 +317,14 @@ class Settings
302
317
  # rubocop:disable Naming/MemoizedInstanceVariableName
303
318
  def raw_data
304
319
  @filtered_raw_data ||= pre_filters.inject(@raw_data) do |filtered_data, filter|
305
- filter.execute(**{ data: filtered_data }.merge(metadata))
320
+ filter.execute(data: filtered_data, **metadata)
306
321
  end
307
322
  end
308
323
  # rubocop:enable Naming/MemoizedInstanceVariableName
309
324
 
310
325
  def data
311
326
  @data ||= post_filters.inject(raw_data) do |filtered_data, filter|
312
- filter.execute(**{ data: filtered_data }.merge(metadata))
327
+ filter.execute(data: filtered_data, **metadata)
313
328
  end
314
329
  end
315
330
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Chamber
4
- VERSION = '3.0.1'
4
+ VERSION = '3.1.1'
5
5
  end
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chamber
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.1
4
+ version: 3.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - thekompanee
@@ -38,7 +38,7 @@ cert_chain:
38
38
  Z6HMkN0PHJ6eG0Zl3/H4H8Xb+KreWlEx3sXXfZj6UscrdHAVffRQnM1E98PCqnRX
39
39
  l5EwT4ShG/HorJMQSTY1EoBLZf54NrD5WlWcfM0CLrcvT7QM77dIqmue
40
40
  -----END CERTIFICATE-----
41
- date: 2023-03-07 00:00:00.000000000 Z
41
+ date: 2024-10-22 00:00:00.000000000 Z
42
42
  dependencies:
43
43
  - !ruby/object:Gem::Dependency
44
44
  name: thor
@@ -155,6 +155,7 @@ files:
155
155
  - lib/chamber/commands/show.rb
156
156
  - lib/chamber/commands/sign.rb
157
157
  - lib/chamber/commands/travis.rb
158
+ - lib/chamber/commands/unsecure.rb
158
159
  - lib/chamber/commands/verify.rb
159
160
  - lib/chamber/configuration.rb
160
161
  - lib/chamber/context_resolver.rb
metadata.gz.sig CHANGED
Binary file