clarenceb-hiera-eyaml 2.0.1

data/lib/hiera/backend/eyaml.rb

@@ -0,0 +1,48 @@
+class Hiera
+  module Backend
+    module Eyaml
+
+      VERSION = "2.0.1"
+      DESCRIPTION = "Hiera-eyaml is a backend for Hiera which provides OpenSSL encryption/decryption for Hiera properties"
+
+      class RecoverableError < StandardError
+      end
+
+      def self.subcommand= command
+        @@subcommand = command
+      end
+
+      def self.subcommand
+        @@subcommand
+      end
+      
+      def self.default_encryption_scheme= new_encryption
+        @@default_encryption_scheme = new_encryption
+      end
+
+      def self.default_encryption_scheme
+        @@default_encryption_scheme ||= "PKCS7"
+        @@default_encryption_scheme
+      end
+
+      def self.verbosity_level= new_verbosity_level
+        @@debug_level = new_verbosity_level
+      end
+
+      def self.verbosity_level
+        @@debug_level ||= 1
+        @@debug_level
+      end
+
+      def self.subcommands= commands
+        @@subcommands = commands
+      end
+
+      def self.subcommands
+        @@subcommands
+      end
+      
+    end
+  end
+end
+

data/lib/hiera/backend/eyaml_backend.rb

@@ -0,0 +1,125 @@
+require 'hiera/backend/eyaml/encryptor'
+require 'hiera/backend/eyaml/utils'
+require 'hiera/backend/eyaml/options'
+require 'hiera/backend/eyaml/parser/parser'
+require 'yaml'
+
+class Hiera
+  module Backend
+    class Eyaml_backend
+
+      def initialize
+        @extension = Config[:eyaml][:extension] ? Config[:eyaml][:extension] : "eyaml"
+      end
+
+      def lookup(key, scope, order_override, resolution_type)
+
+        debug("Lookup called for key #{key}")
+        answer = nil
+
+        Backend.datasources(scope, order_override) do |source|
+          eyaml_file = Backend.datafile(:eyaml, scope, source, @extension) || next
+
+          debug("Processing datasource: #{eyaml_file}")
+
+          data = YAML.load(File.read( eyaml_file ))
+
+          next if data.nil? or data.empty?
+          debug ("Data contains valid YAML")
+
+          next unless data.include?(key)
+          debug ("Key #{key} found in YAML document")
+
+          parsed_answer = parse_answer(key, data[key], scope)
+
+          begin
+            case resolution_type
+            when :array
+              debug("Appending answer array")
+              raise Exception, "Hiera type mismatch: expected Array and got #{parsed_answer.class}" unless parsed_answer.kind_of? Array or parsed_answer.kind_of? String
+              answer ||= []
+              answer << parsed_answer
+            when :hash
+              debug("Merging answer hash")
+              raise Exception, "Hiera type mismatch: expected Hash and got #{parsed_answer.class}" unless parsed_answer.kind_of? Hash
+              answer ||= {}
+              answer = Backend.merge_answer(parsed_answer,answer)
+            else
+              debug("Assigning answer variable")
+              answer = parsed_answer
+              break
+            end
+          rescue NoMethodError
+            raise Exception, "Resolution type is #{resolution_type} but parsed_answer is a #{parsed_answer.class}"
+          end
+        end
+
+        answer
+      end
+
+      def parse_answer(key, data, scope, extra_data={})
+        if data.is_a?(Numeric) or data.is_a?(TrueClass) or data.is_a?(FalseClass)
+          # Can't be encrypted
+          data
+        elsif data.is_a?(String)
+          parsed_string = Backend.parse_string(data, scope)
+          decrypt(key, parsed_string, scope)
+        elsif data.is_a?(Hash)
+          answer = {}
+          data.each_pair do |key, val|
+            answer[key] = parse_answer(key, val, scope, extra_data)
+          end
+          answer
+        elsif data.is_a?(Array)
+          answer = []
+          data.each do |item|
+            answer << parse_answer(key, item, scope, extra_data)
+          end
+          answer
+        end
+      end
+
+      def deblock block_string
+        block_string.gsub(/[ \n]/, '')
+      end
+
+      def decrypt(key, value, scope)
+
+        if encrypted? value
+
+          debug "Attempting to decrypt: #{key}"
+
+          Config[:eyaml].each do |config_key, config_value|
+            config_value = Backend.parse_string(Config[:eyaml][config_key], scope)
+            debug "Setting: #{config_key} = #{config_value}"
+            Eyaml::Options[config_key] = config_value
+          end
+
+          Eyaml::Options[:source] = "hiera"
+
+          parser = Eyaml::Parser::ParserFactory.hiera_backend_parser
+          tokens = parser.parse(value)
+          decrypted = tokens.map{ |token| token.to_plain_text }
+          plaintext = decrypted.join
+
+          plaintext.chomp
+
+        else
+          value
+        end
+      end
+
+      def encrypted?(value)
+        if value.match(/.*ENC\[.*?\]/) then true else false end
+      end
+
+      def debug(msg)
+        Hiera.debug("[eyaml_backend]: #{msg}")
+      end
+
+      def warn(msg)
+        Hiera.warn("[eyaml_backend]:  #{msg}")
+      end
+    end
+  end
+end

data/sublime_text/README.md

@@ -0,0 +1,16 @@
+Sublime Text Syntax Highlighting Package
+========================================
+
+The contents of this directory give syntax highlighting to .eyaml files in Sublime Text 2+
+
+Install
+=======
+
+To install, simply copy eyaml.sublime-package into your "Installed Packages" directory in the data directory of your Sublime Text 2 installation. The data directory is:
+
+* Windows: %APPDATA%/Sublime Text 2
+* OS X: ~/Library/Application Support/Sublime Text 2
+* Linux: ~/.Sublime Text 2
+
+Then restart sublimetext
+

data/sublime_text/eyaml.syntax_definition.json

@@ -0,0 +1,288 @@
+{ "name": "EYAML",
+  "scopeName": "source.eyaml",
+  "fileTypes": ["eyaml"],
+  "foldingStartMarker": "^[^#]\\s*.*:(\\s*\\[?| &.+)?$",
+  "foldingStopMarker": "^\\s*$|^\\s*\\}|^\\s*\\]|^\\s*\\)",
+  "keyEquivalent": "^~Y",
+  "repository": {
+    "erb": {
+      "end": "%>",
+      "begin": "<%+(?!>)=?",
+      "patterns": [
+        {
+          "match": "(#).*?(?=%>)",
+          "captures": {
+            "1": {
+              "name": "punctuation.definition.comment.ruby"
+            }
+          },
+          "name": "comment.line.number-sign.ruby"
+        },
+        {
+          "include": "source.ruby.rails"
+        }
+      ],
+      "captures": {
+        "0": {
+          "name": "punctuation.section.embedded.ruby"
+        }
+      },
+      "name": "source.ruby.rails.embedded.html"
+    },
+    "escaped_char": {
+      "match": "\\\\.",
+      "name": "constant.character.escape.yaml"
+    }
+  },
+  "patterns": [
+    {
+      "include": "#erb"
+    },
+    {
+      "end": "^(?!^\\1)|^(?=\\1(-|\\w+\\s*:)|#)",
+      "begin": "^(\\s*)(?:(-)|(?:(-\\s*)?(\\w+\\s*(:))))\\s*(\\||>)",
+      "beginCaptures": {
+        "3": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "4": {
+          "name": "entity.name.tag.yaml"
+        },
+        "5": {
+          "name": "punctuation.separator.key-value.yaml"
+        },
+        "2": {
+          "name": "punctuation.definition.entry.yaml"
+        }
+      },
+      "patterns": [
+        {
+          "include": "#erb"
+        }
+      ],
+      "name": "string.unquoted.block.yaml"
+    },
+    {
+      "match": "(?:(?:(-\\s*)?(\\w+\\s*(:)))|(-))\\s*((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\s*$",
+      "captures": {
+        "3": {
+          "name": "punctuation.separator.key-value.yaml"
+        },
+        "4": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "1": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "2": {
+          "name": "entity.name.tag.yaml"
+        }
+      },
+      "name": "constant.numeric.yaml"
+    },
+    {
+      "match": "(?:(?:(-\\s*)?(\\w+\\s*(:)))|(-))\\s*(?:((\")[^\"]*(\"))|((')[^']*('))|([^,{}&#\\[\\]]+))\\s*",
+      "captures": {
+        "7": {
+          "name": "punctuation.definition.string.end.yaml"
+        },
+        "3": {
+          "name": "punctuation.separator.key-value.yaml"
+        },
+        "11": {
+          "name": "string.unquoted.yaml"
+        },
+        "4": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "8": {
+          "name": "string.quoted.single.yaml"
+        },
+        "9": {
+          "name": "punctuation.definition.string.begin.yaml"
+        },
+        "5": {
+          "name": "string.quoted.double.yaml"
+        },
+        "1": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "6": {
+          "name": "punctuation.definition.string.begin.yaml"
+        },
+        "10": {
+          "name": "punctuation.definition.string.end.yaml"
+        },
+        "2": {
+          "name": "entity.name.tag.yaml"
+        }
+      },
+      "name": "string.unquoted.yaml"
+    },
+    {
+      "match": "(?:(?:(-\\s*)?(\\w+\\s*(:)))|(-))\\s*([0-9]{4}-[0-9]{2}-[0-9]{2})\\s*$",
+      "captures": {
+        "3": {
+          "name": "punctuation.separator.key-value.yaml"
+        },
+        "4": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "1": {
+          "name": "punctuation.definition.entry.yaml"
+        },
+        "2": {
+          "name": "entity.name.tag.yaml"
+        }
+      },
+      "name": "constant.other.date.yaml"
+    },
+    {
+      "match": "(\\w.*?)(:)\\s*((\\!\\!)omap)?",
+      "captures": {
+        "3": {
+          "name": "keyword.other.omap.yaml"
+        },
+        "4": {
+          "name": "punctuation.definition.keyword.yaml"
+        },
+        "1": {
+          "name": "entity.name.tag.yaml"
+        },
+        "2": {
+          "name": "punctuation.separator.key-value.yaml"
+        }
+      },
+      "name": "meta.tag.yaml"
+    },
+    {
+      "match": "(\\&|\\*)\\w.*?$",
+      "captures": {
+        "1": {
+          "name": "punctuation.definition.variable.yaml"
+        }
+      },
+      "name": "variable.other.yaml"
+    },
+    {
+      "end": "\"",
+      "begin": "\"",
+      "beginCaptures": {
+        "0": {
+          "name": "punctuation.definition.string.begin.yaml"
+        }
+      },
+      "patterns": [
+        {
+          "include": "#escaped_char"
+        },
+        {
+          "include": "#erb"
+        }
+      ],
+      "endCaptures": {
+        "0": {
+          "name": "punctuation.definition.string.end.yaml"
+        }
+      },
+      "name": "string.quoted.double.yaml"
+    },
+    {
+      "end": "'",
+      "begin": "'",
+      "beginCaptures": {
+        "0": {
+          "name": "punctuation.definition.string.begin.yaml"
+        }
+      },
+      "patterns": [
+        {
+          "include": "#escaped_char"
+        },
+        {
+          "include": "#erb"
+        }
+      ],
+      "endCaptures": {
+        "0": {
+          "name": "punctuation.definition.string.end.yaml"
+        }
+      },
+      "name": "string.quoted.single.yaml"
+    },
+    {
+      "end": "`",
+      "begin": "`",
+      "beginCaptures": {
+        "0": {
+          "name": "punctuation.definition.string.begin.yaml"
+        }
+      },
+      "patterns": [
+        {
+          "include": "#escaped_char"
+        },
+        {
+          "include": "#erb"
+        }
+      ],
+      "endCaptures": {
+        "0": {
+          "name": "punctuation.definition.string.end.yaml"
+        }
+      },
+      "name": "string.interpolated.yaml"
+    },
+    {
+      "match": "(\\<\\<): ((\\*).*)$",
+      "captures": {
+        "3": {
+          "name": "punctuation.definition.keyword.yaml"
+        },
+        "1": {
+          "name": "entity.name.tag.yaml"
+        },
+        "2": {
+          "name": "keyword.operator.merge-key.yaml"
+        }
+      },
+      "name": "keyword.operator.merge-key.yaml"
+    },
+    {
+      "match": "( |\t)+$",
+      "disabled": "1",
+      "name": "invalid.deprecated.trailing-whitespace.yaml"
+    },
+    {
+      "match": "(?<!\\$)(#)(?!\\{).*$\\n?",
+      "captures": {
+        "1": {
+          "name": "punctuation.definition.comment.yaml"
+        }
+      },
+      "name": "comment.line.number-sign.yaml"
+    },
+    {
+      "match": "-",
+      "name": "keyword.operator.symbol"
+    },
+    {
+      "end": "(?=[^\\t])",
+      "begin": "^(?=\\t)",
+      "patterns": [
+        {
+          "match": "(\\t)(\\t)?",
+          "captures": {
+            "1": {
+              "name": "meta.odd-tab"
+            },
+            "2": {
+              "name": "meta.even-tab"
+            }
+          }
+        }
+      ],
+      "name": "meta.leading-tabs.yaml"
+    }
+  ],  "uuid": "1876aa1d-ff42-4994-b552-663473607454"
+}

data/tools/regem.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+gem uninstall hiera-eyaml --executables
+RAKE_OUT=`rake build`
+echo ${RAKE_OUT}
+VERSION=`echo ${RAKE_OUT} | awk '{print $2}'`
+echo Installing version: ${VERSION} ...
+gem install pkg/hiera-eyaml-${VERSION}.gem
+eyaml -v

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification
+name: clarenceb-hiera-eyaml
+version: !ruby/object:Gem::Version
+  prerelease:
+  version: 2.0.1
+platform: ruby
+authors:
+- Tom Poulton
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2014-01-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: trollop
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    none: false
+  prerelease: false
+  type: :runtime
+- !ruby/object:Gem::Dependency
+  name: highline
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.6.19
+    none: false
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.6.19
+    none: false
+  prerelease: false
+  type: :runtime
+description: 'Hiera backend for decrypting encrypted yaml properties (Fix for Issue
+  #62)'
+email:
+executables:
+- eyaml
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .travis.yml
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- PLUGINS.md
+- README.md
+- Rakefile
+- bin/eyaml
+- hiera-eyaml.gemspec
+- lib/hiera/backend/eyaml.rb
+- lib/hiera/backend/eyaml/CLI.rb
+- lib/hiera/backend/eyaml/commands.rb
+- lib/hiera/backend/eyaml/encryptor.rb
+- lib/hiera/backend/eyaml/encryptors/pkcs7.rb
+- lib/hiera/backend/eyaml/options.rb
+- lib/hiera/backend/eyaml/parser/encrypted_tokens.rb
+- lib/hiera/backend/eyaml/parser/parser.rb
+- lib/hiera/backend/eyaml/parser/token.rb
+- lib/hiera/backend/eyaml/plugins.rb
+- lib/hiera/backend/eyaml/subcommand.rb
+- lib/hiera/backend/eyaml/subcommands/createkeys.rb
+- lib/hiera/backend/eyaml/subcommands/decrypt.rb
+- lib/hiera/backend/eyaml/subcommands/edit.rb
+- lib/hiera/backend/eyaml/subcommands/encrypt.rb
+- lib/hiera/backend/eyaml/subcommands/help.rb
+- lib/hiera/backend/eyaml/subcommands/recrypt.rb
+- lib/hiera/backend/eyaml/subcommands/unknown_command.rb
+- lib/hiera/backend/eyaml/subcommands/version.rb
+- lib/hiera/backend/eyaml/utils.rb
+- lib/hiera/backend/eyaml_backend.rb
+- sublime_text/README.md
+- sublime_text/eyaml.sublime-package
+- sublime_text/eyaml.syntax_definition.json
+- tools/regem.sh
+homepage: https://github.com/clarenceb/hiera-eyaml
+licenses:
+- MIT
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+requirements: []
+rubyforge_project:
+rubygems_version: 1.8.24
+signing_key:
+specification_version: 3
+summary: OpenSSL Encryption backend for Hiera
+test_files: []