chef-vault 4.1.10 → 4.1.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f6931a0011e0829b7920dfdab68f8c445a4ffed1533a15f530aca518df8a6aca
-  data.tar.gz: beae925bc1d474a7f01b8e2d5d640594f33f0326a22cfda12bf26d9a4f847cc6
+  metadata.gz: 44f75213a45df776972cad854aedf5abb94d7a54fde7a9986caed78930f8790e
+  data.tar.gz: aaa272cb7893c232b456ef5148bfc0ff91bc5b53a8ae4e9b573f68edaff78df8
 SHA512:
-  metadata.gz: e7a7a8ba29f67856dd66dc2a97aed27b13c6895062b0ba716a31398042482e0b4bc189e52d00b6effe286bf7328234b45ecc861304154a84abb8132aa0f5b872
-  data.tar.gz: ab3dcc738ce3afafc436c43056bb5de4d946bc274421410cbacce56a5ec69be51825320829144218afc260646a1f40553088bf3f1bf8962d4668ea2cb5ff67a0
+  metadata.gz: ad149c125f2aa41b9e3fd8d07281c65ecec8317bbc5a6daf2b7deb9e6def089820e57ee59ca68b53852f6fffe54cbf8d711e1c40b6ac04629597bc3ef07107c2
+  data.tar.gz: 8e0f928a9b4e8dfb6a2800d0d5c65af323cc2f4678b91b2a535b4c450cd71d96ea320b9861638329821ffe5041e025a81e1cf5dbb1cab5bc90bfcd703876afc1

data/lib/chef-vault/item.rb

@@ -40,6 +40,11 @@ class ChefVault
     #     decrypt secrets.  Defaults to the value of Chef::Config[:client_key]
     attr_accessor :client_key_path
 
+    # @!attribute [rw] client_key_contents
+    #   @return [String] the contents of the private key that is used to
+    #     decrypt secrets.  Defaults to the value of Chef::Config[:client_key_contents]
+    attr_accessor :client_key_contents
+
     # returns the raw keys of the underlying Chef::DataBagItem.  chef-vault v2
     # defined #keys as a public accessor that returns the ChefVault::ItemKeys
     # object for the vault.  Ideally, #keys would provide Hash-like behaviour
@@ -58,6 +63,8 @@ class ChefVault
     #   as. Defaults to the :node_name value of Chef::Config
     # @option opts [String] :client_key_path the name of the node to decrypt
     #   secrets as.  Defaults to the :client_key value of Chef::Config
+    # @option opts [String] :client_key_contents the private key to decrypt
+    #   secrets as.  Defaults to the :client_key_contents value of Chef::Config
     def initialize(vault, name, opts = {})
       super() # Don't pass parameters
       @data_bag = vault
@@ -68,9 +75,11 @@ class ChefVault
       opts = {
         node_name: Chef::Config[:node_name],
         client_key_path: Chef::Config[:client_key],
+        client_key_contents: Chef::Config[:client_key_contents],
       }.merge(opts)
       @node_name = opts[:node_name]
       @client_key_path = opts[:client_key_path]
+      @client_key_contents = opts[:client_key_contents]
       @current_query = search
     end
 
@@ -163,7 +172,11 @@ class ChefVault
 
     def secret
       if @keys.include?(@node_name) && !@keys[@node_name].nil?
-        private_key = OpenSSL::PKey::RSA.new(File.open(@client_key_path).read)
+        unless @client_key_contents.nil?
+          private_key = OpenSSL::PKey::RSA.new(@client_key_contents)
+        else
+          private_key = OpenSSL::PKey::RSA.new(File.open(@client_key_path).read)
+        end
         begin
           private_key.private_decrypt(Base64.decode64(@keys[@node_name]))
         rescue OpenSSL::PKey::RSAError

data/lib/chef-vault/version.rb

@@ -15,6 +15,6 @@
 # limitations under the License.
 
 class ChefVault
-  VERSION = "4.1.10"
+  VERSION = "4.1.11"
   MAJOR, MINOR, TINY = VERSION.split(".")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef-vault
 version: !ruby/object:Gem::Version
-  version: 4.1.10
+  version: 4.1.11
 platform: ruby
 authors:
 - Thom May
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-12 00:00:00.000000000 Z
+date: 2023-02-14 00:00:00.000000000 Z
 dependencies: []
 description: Data encryption support for Chef Infra using data bags
 email: