encrypt_data_bag 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +17 -0
  3. data/Gemfile +4 -0
  4. data/LICENSE.txt +22 -0
  5. data/README.md +19 -0
  6. data/Rakefile +21 -0
  7. data/bin/encrypt_data_bag +33 -0
  8. data/encrypt_data_bag.gemspec +25 -0
  9. data/lib/encrypt_data_bag.rb +24 -0
  10. data/lib/encrypt_data_bag/version.rb +3 -0
  11. data/test/assets/aws_private_key.pem +1 -0
  12. data/test/assets/aws_x509_certificate.crt +1 -0
  13. data/test/assets/data_bags/aws/production.json +7 -0
  14. data/test/assets/data_bags/aws/staging.rb +7 -0
  15. data/test/assets/encrypted_data_bag_secret +1 -0
  16. metadata +108 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 581fd50260f2e855664e1b3419c608cfd4dec7e4
4
+ data.tar.gz: 0cf25149d77aa69c70b4f797b4b3bc9c5bb448fb
5
+ SHA512:
6
+ metadata.gz: e9354b859e9c79e312d75211eaa76dbb01a113f54d59d3a6b866ee8f64de92444ce4355e5834271c44b3e1e9316b042f27d3f7b3de53e66a82dd4400a35380b3
7
+ data.tar.gz: a478fe74ffd77d0972d3d80f4cc9dbfdd3fed0d3118017a31c4ecbc648c463a0bd152633565bc973fcd76039144f12db1e3862a896a9d57f225a69598028b627
data/.gitignore ADDED
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in encrypt_data_bag.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2014 Sean Porter
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,19 @@
1
+ ## Installation
2
+
3
+ ```
4
+ $ gem install encrypt_data_bag
5
+ ```
6
+
7
+ ## Usage
8
+
9
+ ```
10
+ $ encrypt_data_bag -s ~/.chef/encrypted_data_bag_secret -i plain_text_item.rb -o encrypted_item.json
11
+ ```
12
+
13
+ ## Contributing
14
+
15
+ 1. Fork it ( http://github.com/<my-github-username>/encrypt_data_bag/fork )
16
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
17
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
18
+ 4. Push to the branch (`git push origin my-new-feature`)
19
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1,21 @@
1
+ require "bundler/gem_tasks"
2
+ require "fileutils"
3
+
4
+ task :test do
5
+ FileUtils.rm_f(Dir.glob("test/tmp/*.{rb,json}"))
6
+ timestamp = Time.now.to_i
7
+ command = ["bundle exec ./bin/encrypt_data_bag"]
8
+ command << "-s test/assets/encrypted_data_bag_secret"
9
+ command << "-i test/assets/data_bags/aws/staging.rb"
10
+ command << "-o test/tmp/staging.json"
11
+ system(command.join(" "))
12
+ command = ["bundle exec ./bin/encrypt_data_bag"]
13
+ command << "-s test/assets/encrypted_data_bag_secret"
14
+ command << "-i test/assets/data_bags/aws/production.json"
15
+ command << "-o test/tmp/production.rb"
16
+ system(command.join(" "))
17
+ puts IO.read("test/tmp/staging.json")
18
+ puts IO.read("test/tmp/production.rb")
19
+ end
20
+
21
+ task :default => :test
data/bin/encrypt_data_bag ADDED
@@ -0,0 +1,33 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "rubygems"
4
+ require "optparse"
5
+ require "encrypt_data_bag"
6
+
7
+ config = Hash.new
8
+
9
+ OptionParser.new { |options|
10
+ options.on("-h", "--help", "Display this message") do
11
+ puts options
12
+ exit
13
+ end
14
+ options.on("-v", "--version", "Display version") do
15
+ puts EncryptDataBag::VERSION
16
+ exit
17
+ end
18
+ options.on("-s", "--secret-file FILE", "Secret key FILE") do |file|
19
+ config[:secret_file] = file
20
+ end
21
+ options.on("-i", "--input-file FILE", "Input FILE (plain-text data bag item)") do |file|
22
+ config[:input_file] = file
23
+ end
24
+ options.on("-o", "--output-file FILE", "Output FILE (encrypted data bag item)") do |file|
25
+ config[:output_file] = file
26
+ end
27
+ }.parse!
28
+
29
+ raise "You must provide a Secret key FILE (-s)" unless config[:secret_file]
30
+ raise "You must provide an input FILE (-i)" unless config[:input_file]
31
+ raise "You must provide an output FILE (-o)" unless config[:output_file]
32
+
33
+ EncryptDataBag.from_file(config[:secret_file], config[:input_file], config[:output_file])
data/encrypt_data_bag.gemspec ADDED
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'encrypt_data_bag/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "encrypt_data_bag"
8
+ spec.version = EncryptDataBag::VERSION
9
+ spec.authors = ["Sean Porter"]
10
+ spec.email = ["portertech@gmail.com"]
11
+ spec.summary = "CLI tool for encrypting Chef data bag items"
12
+ spec.description = "CLI tool for encrypting Chef data bag items"
13
+ spec.homepage = "https://github.com/portertech/encrypt_data_bag"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_dependency "chef"
22
+
23
+ spec.add_development_dependency "bundler"
24
+ spec.add_development_dependency "rake"
25
+ end
data/lib/encrypt_data_bag.rb ADDED
@@ -0,0 +1,24 @@
1
+ require "encrypt_data_bag/version"
2
+ require "chef/encrypted_data_bag_item"
3
+
4
+ module EncryptDataBag
5
+ class << self
6
+ def is_json_file?(file)
7
+ File.extname(file) == ".json"
8
+ end
9
+
10
+ def from_file(secret_file, input_file, output_file)
11
+ secret = Chef::EncryptedDataBagItem.load_secret(secret_file)
12
+ raw_item = IO.read(input_file)
13
+ item = is_json_file?(input_file) ? JSON.parse(raw_item) : eval(raw_item)
14
+ encrypted_item = Chef::EncryptedDataBagItem.encrypt_data_bag_item(item, secret)
15
+ File.open(output_file, "w") do |file|
16
+ if is_json_file?(output_file)
17
+ file.print(JSON.pretty_generate(encrypted_item))
18
+ else
19
+ file.write(encrypted_item.pretty_inspect)
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
data/lib/encrypt_data_bag/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module EncryptDataBag
2
+ VERSION = "0.0.1"
3
+ end
data/test/assets/aws_private_key.pem ADDED
@@ -0,0 +1 @@
1
+ bar
data/test/assets/data_bags/aws/production.json ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ "id": "staging",
3
+ "aws_access_key_id": "foo",
4
+ "aws_secret_access_key": "bar",
5
+ "aws_x509_certificate": "foo",
6
+ "aws_private_key": "bar"
7
+ }
data/test/assets/data_bags/aws/staging.rb ADDED
@@ -0,0 +1,7 @@
1
+ {
2
+ :id => "staging",
3
+ :aws_access_key_id => "foo",
4
+ :aws_secret_access_key => "bar",
5
+ :aws_x509_certificate => IO.read("test/assets/aws_x509_certificate.crt"),
6
+ :aws_private_key => IO.read("test/assets/aws_private_key.pem")
7
+ }
data/test/assets/encrypted_data_bag_secret ADDED
@@ -0,0 +1 @@
1
+ om3aNcptW0TEz5vYK3K7lN7p691En0SDImfPB7MvjkoBlubhyCTWvvPcdxOjXvrHu3s2uOp0RBPhpvFOur9VlWgnpbnLtRRJeaJ2252SsVEEvhDiV6C4tmUJB0JVYeHMKvZvgZrgvDGlSGBbLUF1qEOzqky8d9q+7ScDh4NB6NXxqsIbFVIEzQpQbxbNNFOmN0hGEOWLnzX5KIAr1kg3AMqo+5+ABzLOOs3E1XNqifd3eEKSY8Ar9HhJ6c2gbg1qSRrAZ7rE7Gl0xfKLz4CuTHGDFPQnN1+3nYHkHlAUPIlmJ554YrT3nHcfut+9tqJPQiMB/mu23zk5+gpsYAKgN70jodkS2VwbL54xNKDU6C4Q63+SXTUot2Jtr038oH2pH6lJ8m5If0JeGsM8buuxTjWtvEeJRwTqdxkfeGoySyYYqyVBxrFi27myJ19kO0TOArksxb2nyxBOhz26g4VQx1Q51C/Xlq7oX4x09MFesLl++LxIeCccNV1+enb6B8DtQ4daxCopVs4r+cBVmTATfuqA34Zi3dt67TsArfyvzDoMj+yciNgVKOuV46aajK8H8d/aTIDGMqBN5IbtoOIr3dJcXiasOEUYRdl4CM5eeoxSA5L57boLYTsTndzrV2l2m8PNd0KbHKF0GlRbFWSQK4egZ9aD7oKgLt87LdNIdFc=
metadata ADDED
@@ -0,0 +1,108 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: encrypt_data_bag
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Sean Porter
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-01-15 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: chef
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ description: CLI tool for encrypting Chef data bag items
56
+ email:
57
+ - portertech@gmail.com
58
+ executables:
59
+ - encrypt_data_bag
60
+ extensions: []
61
+ extra_rdoc_files: []
62
+ files:
63
+ - ".gitignore"
64
+ - Gemfile
65
+ - LICENSE.txt
66
+ - README.md
67
+ - Rakefile
68
+ - bin/encrypt_data_bag
69
+ - encrypt_data_bag.gemspec
70
+ - lib/encrypt_data_bag.rb
71
+ - lib/encrypt_data_bag/version.rb
72
+ - test/assets/aws_private_key.pem
73
+ - test/assets/aws_x509_certificate.crt
74
+ - test/assets/data_bags/aws/production.json
75
+ - test/assets/data_bags/aws/staging.rb
76
+ - test/assets/encrypted_data_bag_secret
77
+ - test/tmp/.gitkeep
78
+ homepage: https://github.com/portertech/encrypt_data_bag
79
+ licenses:
80
+ - MIT
81
+ metadata: {}
82
+ post_install_message:
83
+ rdoc_options: []
84
+ require_paths:
85
+ - lib
86
+ required_ruby_version: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - ">="
89
+ - !ruby/object:Gem::Version
90
+ version: '0'
91
+ required_rubygems_version: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - ">="
94
+ - !ruby/object:Gem::Version
95
+ version: '0'
96
+ requirements: []
97
+ rubyforge_project:
98
+ rubygems_version: 2.2.0
99
+ signing_key:
100
+ specification_version: 4
101
+ summary: CLI tool for encrypting Chef data bag items
102
+ test_files:
103
+ - test/assets/aws_private_key.pem
104
+ - test/assets/aws_x509_certificate.crt
105
+ - test/assets/data_bags/aws/production.json
106
+ - test/assets/data_bags/aws/staging.rb
107
+ - test/assets/encrypted_data_bag_secret
108
+ - test/tmp/.gitkeep