clarenceb-hiera-eyaml 2.0.1

data/lib/hiera/backend/eyaml/subcommands/decrypt.rb

@@ -0,0 +1,81 @@
+require 'hiera/backend/eyaml'
+require 'hiera/backend/eyaml/utils'
+require 'hiera/backend/eyaml/options'
+require 'hiera/backend/eyaml/parser/parser'
+require 'hiera/backend/eyaml/subcommand'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class Decrypt < Subcommand
+
+          def self.options
+            [{:name => :string,
+              :description => "Source input is a string provided as an argument",
+              :short => 's', 
+              :type => :string},
+             {:name => :file,
+              :description => "Source input is a regular file",
+              :short => 'f',
+              :type => :string},
+             {:name => :eyaml,
+              :description => "Source input is an eyaml file",
+              :short => 'e',
+              :type => :string},
+             {:name => :stdin,
+              :description => "Source input is taken from stdin",
+              :short => :none}
+            ]
+          end
+
+          def self.description
+            "decrypt some data"
+          end
+
+          def self.validate options
+            sources = [:eyaml, :password, :string, :file, :stdin].collect {|x| x if options[x]}.compact
+            Trollop::die "You must specify a source" if sources.count.zero?
+            Trollop::die "You can only specify one of (#{sources.join(', ')})" if sources.count > 1
+            options[:source] = sources.first
+
+            options[:input_data] = case options[:source]
+            when :stdin
+              STDIN.read
+            when :string
+              options[:string]
+            when :file
+              File.read options[:file]
+            when :eyaml
+              File.read options[:eyaml]
+            end
+            options
+          end
+
+          def self.execute
+            parser = Parser::ParserFactory.encrypted_parser
+            tokens = parser.parse(Eyaml::Options[:input_data])
+            case Eyaml::Options[:source]
+              when :eyaml
+                decrypted = tokens.map{ |token| token.to_decrypted }
+                decrypted.join
+              else
+                decrypted = tokens.map{ |token|
+                  case token.class.name
+                    when /::EncToken$/
+                      token.plain_text
+                    else
+                      token.match
+                  end
+                }
+                decrypted.join
+            end
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/subcommands/edit.rb

@@ -0,0 +1,105 @@
+require 'hiera/backend/eyaml/utils'
+require 'hiera/backend/eyaml/options'
+require 'hiera/backend/eyaml/parser/parser'
+require 'hiera/backend/eyaml/subcommand'
+require 'highline/import'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class Edit < Subcommand
+
+          def self.options
+            []
+          end
+
+          def self.description
+            "edit an eyaml file"
+          end
+
+          def self.helptext
+            "Usage: eyaml edit [options] <some-eyaml-file>"
+          end
+
+          def self.validate options
+            Trollop::die "You must specify an eyaml file" if ARGV.empty?
+            options[:source] = :eyaml
+            options[:eyaml] = ARGV.shift
+            options[:input_data] = File.read options[:eyaml]
+            options
+          end
+
+          def self.execute
+            encrypted_parser = Parser::ParserFactory.encrypted_parser
+            tokens = encrypted_parser.parse Eyaml::Options[:input_data]
+            decrypted_input = tokens.each_with_index.to_a.map{|(t,index)| t.to_decrypted :index => index}.join
+            decrypted_file = Utils.write_tempfile decrypted_input
+
+            editor = Utils.find_editor
+
+            begin
+              system "#{editor} #{decrypted_file}"
+              status = $?
+
+              raise StandardError, "File was moved by editor" unless File.file? decrypted_file
+              edited_file = File.read decrypted_file
+
+              raise StandardError, "Editor #{editor} has not exited?" unless status.exited?
+              raise StandardError, "Editor did not exit successfully (exit code #{status.exitstatus}), aborting" unless status.exitstatus == 0
+              raise StandardError, "Edited file is blank" if edited_file.empty?
+
+              if edited_file == decrypted_input
+                Utils.info "No changes detected, exiting"
+              else
+                decrypted_parser = Parser::ParserFactory.decrypted_parser
+                edited_tokens = decrypted_parser.parse(edited_file)
+
+                # check that the tokens haven't been copy / pasted
+                used_ids = edited_tokens.find_all{ |t| t.class.name =~ /::EncToken$/ and !t.id.nil? }.map{ |t| t.id }
+                if used_ids.length != used_ids.uniq.length
+                    raise RecoverableError, "A duplicate DEC(ID) was found so I don't know how to proceed. This is probably because you copy and pasted a value - if you do this please delete the ID in parentheses"
+                end
+
+                # replace untouched values with the source values
+                edited_denoised_tokens = edited_tokens.map{ |token|
+                  if token.class.name =~ /::EncToken$/ && !token.id.nil?
+                    old_token = tokens[token.id]
+                    if old_token.plain_text.eql? token.plain_text
+                      old_token
+                    else
+                      token
+                    end
+                  else
+                    token
+                  end
+                }
+
+                encrypted_output = edited_denoised_tokens.map{ |t| t.to_encrypted }.join
+
+                filename = Eyaml::Options[:eyaml]
+                File.open("#{filename}", 'w') { |file|
+                  file.write encrypted_output
+                }
+              end
+            rescue RecoverableError => e
+              Utils.info e
+              if agree "Return to the editor to try again?"
+                retry
+              else
+                raise e
+              end
+            ensure
+              Utils.secure_file_delete :file => decrypted_file, :num_bytes => [edited_file.length, decrypted_input.length].max
+            end
+
+            nil
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/subcommands/encrypt.rb

@@ -0,0 +1,100 @@
+require 'hiera/backend/eyaml/options'
+require 'hiera/backend/eyaml/parser/parser'
+require 'hiera/backend/eyaml/parser/encrypted_tokens'
+require 'hiera/backend/eyaml/subcommand'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class Encrypt < Subcommand
+
+          def self.options
+            [{:name => :password, 
+              :description => "Source input is a password entered on the terminal", 
+              :short => 'p'},
+             {:name => :string,
+              :description => "Source input is a string provided as an argument",
+              :short => 's', 
+              :type => :string},
+             {:name => :file,
+              :description => "Source input is a regular file",
+              :short => 'f',
+              :type => :string},
+             {:name => :stdin,
+              :description => "Source input is taken from stdin",
+              :short => :none},
+             {:name => :eyaml,
+              :description => "Source input is an eyaml file",
+              :short => 'e',
+              :type => :string},
+             {:name => :output,
+              :description => "Output format of final result (examples, block, string)",
+              :type => :string,
+              :short => 'o',
+              :default => "examples"},
+             {:name => :label,
+              :description => "Apply a label to the encrypted result",
+              :short => 'l',
+              :type => :string}
+            ]
+          end
+
+          def self.description
+            "encrypt some data"
+          end
+
+          def self.validate options
+            sources = [:password, :string, :file, :stdin, :eyaml].collect {|x| x if options[x]}.compact
+            Trollop::die "You must specify a source" if sources.count.zero?
+            Trollop::die "You can only specify one of (#{sources.join(', ')})" if sources.count > 1
+            options[:source] = sources.first
+
+            options[:input_data] = case options[:source]
+            when :password
+              Utils.read_password
+            when :string
+              options[:string]
+            when :file
+              File.read options[:file]
+            when :stdin
+              STDIN.read
+            when :eyaml
+              File.read options[:eyaml]
+            end
+            options
+
+          end
+
+          def self.execute
+            case Eyaml::Options[:source]
+              when :eyaml
+                parser = Parser::ParserFactory.decrypted_parser
+                tokens = parser.parse(Eyaml::Options[:input_data])
+                encrypted = tokens.map{ |token| token.to_encrypted }
+                encrypted.join
+              else
+                encryptor = Encryptor.find
+                ciphertext = encryptor.encode( encryptor.encrypt(Eyaml::Options[:input_data]) )
+                token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, '    ')
+                case Eyaml::Options[:output]
+                  when "block"
+                    token.to_encrypted :label => Eyaml::Options[:label], :use_chevron => !Eyaml::Options[:label].nil?, :format => :block
+                  when "string"
+                    token.to_encrypted :label => Eyaml::Options[:label], :format => :string
+                  when "examples"
+                    string = token.to_encrypted :label => Eyaml::Options[:label] || 'string', :format => :string
+                    block = token.to_encrypted :label => Eyaml::Options[:label] || 'block', :format => :block
+                    "#{string}\n\nOR\n\n#{block}"
+                  else
+                    token.to_encrypted :format => :string
+                end
+            end
+          end
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/subcommands/help.rb

@@ -0,0 +1,51 @@
+require 'hiera/backend/eyaml/subcommand'
+require 'hiera/backend/eyaml'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class Help < Subcommand
+
+          def self.options
+            []
+          end
+
+          def self.description
+            "this page"
+          end
+
+          def self.execute
+
+            puts <<-EOS
+Welcome to eyaml #{Eyaml::VERSION} 
+
+Usage:
+eyaml subcommand [global-opts] [subcommand-opts]
+
+Available subcommands:
+#{Eyaml.subcommands.collect {|command|
+  command_class = Subcommands.const_get(Utils.camelcase command)
+  sprintf "%15s: %-65s", command.downcase, command_class.description unless command_class.hidden?
+}.compact.join("\n")}
+
+For more help on an individual command, use --help on that command
+
+Installed Plugins:
+#{Plugins.plugins.collect {|plugin| 
+  "\t" + plugin.name.split("hiera-eyaml-").last
+}.join("\n")}
+EOS
+          end
+
+          def self.hidden?
+            true
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/subcommands/recrypt.rb

@@ -0,0 +1,56 @@
+require 'hiera/backend/eyaml/subcommand'
+require 'hiera/backend/eyaml/options'
+require 'hiera/backend/eyaml/parser/parser'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class Recrypt < Subcommand
+
+          def self.options
+            []
+          end
+
+          def self.description
+            "recrypt an eyaml file"
+          end
+
+          def self.helptext
+            "Usage: eyaml recrypt [options] <some-eyaml-file>"
+          end
+
+          def self.validate options
+            Trollop::die "You must specify an eyaml file" if ARGV.empty?
+            options[:source] = :eyaml
+            options[:eyaml] = ARGV.shift
+            options[:input_data] = File.read options[:eyaml]
+            options
+          end
+
+          def self.execute 
+
+            encrypted_parser = Parser::ParserFactory.encrypted_parser
+            tokens = encrypted_parser.parse Eyaml::Options[:input_data]
+            decrypted_input = tokens.each_with_index.to_a.map{|(t,index)| t.to_decrypted :index => index}.join
+
+            decrypted_parser = Parser::ParserFactory.decrypted_parser
+            edited_tokens = decrypted_parser.parse(decrypted_input)
+
+            encrypted_output = edited_tokens.map{ |t| t.to_encrypted }.join
+
+            filename = Eyaml::Options[:eyaml]
+            File.open("#{filename}", 'w') { |file|
+              file.write encrypted_output
+            }
+
+            nil
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/subcommands/unknown_command.rb

@@ -0,0 +1,48 @@
+require 'hiera/backend/eyaml/subcommand'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class UnknownCommand < Eyaml::Subcommand
+
+          class << self
+            attr_accessor :original_command
+          end
+
+          @@original_command = "unknown"
+
+          def self.options
+            []
+          end
+
+          def self.description
+            "Unknown command (#{@@original_command})"
+          end
+
+          def self.execute
+            subcommands = Eyaml.subcommands
+            puts <<-EOS
+Unknown subcommand#{ ": " + Eyaml.subcommand if Eyaml.subcommand }
+
+Usage: eyaml <subcommand>
+
+Please use one of the following subcommands or help for more help:
+  #{Eyaml.subcommands.sort.collect {|command|
+  command_class = Subcommands.const_get(Utils.camelcase command)
+  command unless command_class.hidden?
+}.compact.join(", ")}
+EOS
+          end
+
+          def self.hidden?
+            true
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/subcommands/version.rb

@@ -0,0 +1,47 @@
+require 'hiera/backend/eyaml/subcommand'
+require 'hiera/backend/eyaml'
+
+class Hiera
+  module Backend
+    module Eyaml
+      module Subcommands
+
+        class Version < Subcommand
+
+          def self.options
+            []
+          end
+
+          def self.description
+            "show version information"
+          end
+
+          def self.execute
+            plugin_versions = {}
+
+            puts <<-EOS
+Version info
+
+hiera-eyaml (core): #{Eyaml::VERSION}
+EOS
+
+            Plugins.plugins.each do |plugin|
+              plugin_shortname = plugin.name.split("hiera-eyaml-").last
+              plugin_version = begin
+                Encryptor.find(plugin_shortname)::VERSION.to_s
+              rescue
+                "unknown (is plugin compatible with eyaml 2.0+ ?)"
+              end
+              puts "    hiera-eyaml-#{plugin_shortname} (gem): #{plugin_version}"
+            end
+
+            nil
+            
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/hiera/backend/eyaml/utils.rb

@@ -0,0 +1,172 @@
+require 'highline/import'
+require 'tempfile'
+require 'fileutils'
+
+class Hiera
+  module Backend
+    module Eyaml
+      class Utils
+
+        def self.read_password
+          ask("Enter password: ") {|q| q.echo = "*" }
+        end
+
+        def self.confirm? message
+          result = ask("#{message} (y/N): ")
+          if result.downcase == "y" or result.downcase == "yes"
+            true
+          else
+            false
+          end
+        end
+
+        def self.camelcase string
+          return string if string !~ /_/ && string =~ /[A-Z]+.*/
+          string.split('_').map{|e| e.capitalize}.join
+        end
+
+        def self.snakecase string
+          return string if string !~ /[A-Z]/
+          string.split(/(?=[A-Z])/).collect {|x| x.downcase}.join("_")
+        end
+
+        def self.find_editor
+          editor = ENV['EDITOR']
+          editor ||= %w{ /usr/bin/sensible-editor /usr/bin/editor /usr/bin/vim /usr/bin/vi }.collect {|e| e if FileTest.executable? e}.compact.first
+          raise StandardError, "Editor not found. Please set your EDITOR env variable" if editor.nil?
+          editor
+        end
+
+        def self.secure_file_delete args
+          file = File.open(args[:file], 'r+')
+          num_bytes = args[:num_bytes]
+          [0xff, 0x55, 0xaa, 0x00].each do |byte|
+            file.seek(0, IO::SEEK_SET)
+            num_bytes.times { file.print(byte.chr) }
+            file.fsync
+          end
+          File.delete args[:file]
+        end
+
+        def self.write_tempfile data_to_write
+          file = Tempfile.open('eyaml_edit')
+          path = file.path
+          file.close!
+
+          file = File.open(path, "w")
+          file.puts data_to_write
+          file.close
+
+          path
+        end
+
+        def self.write_important_file args
+          filename = args[ :filename ]
+          content = args[ :content ]
+          mode = args[ :mode ]
+          if File.file? "#{filename}"
+             raise StandardError, "User aborted" unless Utils::confirm? "Are you sure you want to overwrite \"#{filename}\"?"
+          end
+          open( "#{filename}", "w" ) do |io|
+            io.write(content)
+          end
+          File.chmod( mode, filename ) unless mode.nil?
+        end
+
+        def self.ensure_key_dir_exists key_file
+          key_dir = File.dirname key_file
+
+          unless File.directory? key_dir
+            begin
+              FileUtils.mkdir_p key_dir
+              Utils::info "Created key directory: #{key_dir}"
+            rescue
+              raise StandardError, "Cannot create key directory: #{key_dir}"
+            end
+          end
+
+        end
+
+        def self.find_closest_class args
+          parent_class = args[ :parent_class ]
+          class_name = args[ :class_name ]
+          constants = parent_class.constants
+          candidates = []
+          constants.each do | candidate |
+            candidates << candidate.to_s if candidate.to_s.downcase == class_name.downcase
+          end
+          if candidates.count > 0
+            parent_class.const_get candidates.first
+          else
+            nil
+          end
+        end
+
+        def self.require_dir classdir
+          num_class_hierarchy_levels = self.to_s.split("::").count - 1 
+          root_folder = File.dirname(__FILE__) + "/" + Array.new(num_class_hierarchy_levels).fill("..").join("/")
+          class_folder = root_folder + "/" + classdir
+          Dir[File.expand_path("#{class_folder}/*.rb")].uniq.each do |file|
+            # puts "Requiring file: #{file}"
+            require file
+          end
+        end
+
+        def self.find_all_subclasses_of args
+          parent_class = args[ :parent_class ]
+          constants = parent_class.constants
+          candidates = []
+          constants.each do | candidate |
+            candidates << candidate.to_s.split('::').last if parent_class.const_get(candidate).class.to_s == "Class"
+          end
+          candidates
+        end 
+
+        def self.hiera?
+          "hiera".eql? Eyaml::Options[:source]
+        end
+
+        def self.structure_message messageinfo
+          message = {:from => "hiera-eyaml-core"}
+          case messageinfo.class.to_s
+          when 'Hash'
+            message.merge!(messageinfo)
+          else
+            message.merge!({:msg => messageinfo.to_s})
+          end
+        end
+
+        def self.warn messageinfo
+          message = self.structure_message messageinfo
+          message = "[#{message[:from]}] !!! #{message[:msg]}"
+          if self.hiera?
+            Hiera.warn format_message msg
+          else
+            STDERR.puts message
+          end
+        end
+
+        def self.info messageinfo
+          message = self.structure_message messageinfo
+          message = "[#{message[:from]}] #{message[:msg]}"
+          if self.hiera?
+            Hiera.debug message if Eyaml.verbosity_level > 0
+          else
+            STDERR.puts message if Eyaml.verbosity_level > 0
+          end
+        end
+
+        def self.debug messageinfo
+          message = self.structure_message messageinfo
+          message = "[#{message[:from]}] #{message[:msg]}"
+          if self.hiera?
+            Hiera.debug message if Eyaml.verbosity_level > 1
+          else
+            STDERR.puts message if Eyaml.verbosity_level > 1
+          end
+        end
+
+      end
+    end
+  end
+end