chef-vault 4.1.10 → 4.1.11

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f6931a0011e0829b7920dfdab68f8c445a4ffed1533a15f530aca518df8a6aca
4
- data.tar.gz: beae925bc1d474a7f01b8e2d5d640594f33f0326a22cfda12bf26d9a4f847cc6
3
+ metadata.gz: 44f75213a45df776972cad854aedf5abb94d7a54fde7a9986caed78930f8790e
4
+ data.tar.gz: aaa272cb7893c232b456ef5148bfc0ff91bc5b53a8ae4e9b573f68edaff78df8
5
5
  SHA512:
6
- metadata.gz: e7a7a8ba29f67856dd66dc2a97aed27b13c6895062b0ba716a31398042482e0b4bc189e52d00b6effe286bf7328234b45ecc861304154a84abb8132aa0f5b872
7
- data.tar.gz: ab3dcc738ce3afafc436c43056bb5de4d946bc274421410cbacce56a5ec69be51825320829144218afc260646a1f40553088bf3f1bf8962d4668ea2cb5ff67a0
6
+ metadata.gz: ad149c125f2aa41b9e3fd8d07281c65ecec8317bbc5a6daf2b7deb9e6def089820e57ee59ca68b53852f6fffe54cbf8d711e1c40b6ac04629597bc3ef07107c2
7
+ data.tar.gz: 8e0f928a9b4e8dfb6a2800d0d5c65af323cc2f4678b91b2a535b4c450cd71d96ea320b9861638329821ffe5041e025a81e1cf5dbb1cab5bc90bfcd703876afc1
@@ -40,6 +40,11 @@ class ChefVault
40
40
  # decrypt secrets. Defaults to the value of Chef::Config[:client_key]
41
41
  attr_accessor :client_key_path
42
42
 
43
+ # @!attribute [rw] client_key_contents
44
+ # @return [String] the contents of the private key that is used to
45
+ # decrypt secrets. Defaults to the value of Chef::Config[:client_key_contents]
46
+ attr_accessor :client_key_contents
47
+
43
48
  # returns the raw keys of the underlying Chef::DataBagItem. chef-vault v2
44
49
  # defined #keys as a public accessor that returns the ChefVault::ItemKeys
45
50
  # object for the vault. Ideally, #keys would provide Hash-like behaviour
@@ -58,6 +63,8 @@ class ChefVault
58
63
  # as. Defaults to the :node_name value of Chef::Config
59
64
  # @option opts [String] :client_key_path the name of the node to decrypt
60
65
  # secrets as. Defaults to the :client_key value of Chef::Config
66
+ # @option opts [String] :client_key_contents the private key to decrypt
67
+ # secrets as. Defaults to the :client_key_contents value of Chef::Config
61
68
  def initialize(vault, name, opts = {})
62
69
  super() # Don't pass parameters
63
70
  @data_bag = vault
@@ -68,9 +75,11 @@ class ChefVault
68
75
  opts = {
69
76
  node_name: Chef::Config[:node_name],
70
77
  client_key_path: Chef::Config[:client_key],
78
+ client_key_contents: Chef::Config[:client_key_contents],
71
79
  }.merge(opts)
72
80
  @node_name = opts[:node_name]
73
81
  @client_key_path = opts[:client_key_path]
82
+ @client_key_contents = opts[:client_key_contents]
74
83
  @current_query = search
75
84
  end
76
85
 
@@ -163,7 +172,11 @@ class ChefVault
163
172
 
164
173
  def secret
165
174
  if @keys.include?(@node_name) && !@keys[@node_name].nil?
166
- private_key = OpenSSL::PKey::RSA.new(File.open(@client_key_path).read)
175
+ unless @client_key_contents.nil?
176
+ private_key = OpenSSL::PKey::RSA.new(@client_key_contents)
177
+ else
178
+ private_key = OpenSSL::PKey::RSA.new(File.open(@client_key_path).read)
179
+ end
167
180
  begin
168
181
  private_key.private_decrypt(Base64.decode64(@keys[@node_name]))
169
182
  rescue OpenSSL::PKey::RSAError
@@ -15,6 +15,6 @@
15
15
  # limitations under the License.
16
16
 
17
17
  class ChefVault
18
- VERSION = "4.1.10"
18
+ VERSION = "4.1.11"
19
19
  MAJOR, MINOR, TINY = VERSION.split(".")
20
20
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chef-vault
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.1.10
4
+ version: 4.1.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thom May
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-04-12 00:00:00.000000000 Z
11
+ date: 2023-02-14 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Data encryption support for Chef Infra using data bags
14
14
  email: