RubyGems - encrypt_data_bag - Versions diffs - 1.0.0 → 1.1.0 - Mend

encrypt_data_bag 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/.travis.yml +0 -1
data/README.md +9 -0
data/Rakefile +7 -0
data/bin/encrypt_data_bag +8 -1
data/lib/encrypt_data_bag.rb +10 -6
data/lib/encrypt_data_bag/version.rb +1 -1
data/test/assets/data_bags/aws/development.json +27 -0
data/test/assets/data_bags/aws/production.json +3 -3
metadata +4 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 413b98798a8cb500fbbfa811231d594e91bc3eb5
-  data.tar.gz: d0c6ea4d7f7a59cdec437e70a77c74c30d3dd071
+  metadata.gz: f8ea87eabfbbcff5517623ea56a6531ffbadab0a
+  data.tar.gz: 1590c1490522c18848ae23bd6a5e206b72df867b
 SHA512:
-  metadata.gz: c327d46a71e83f0eedda9b6cc90f2c3d738f013a2330003e5c3f93840bdabfd1dcf933503f9e70c20c0b664ac7ac6d7917e988c970dbeb31bb3e1a78eec441ef
-  data.tar.gz: fc5f24df1ac67f5cffcc70aa977dbe4a67f2cc18099c387c449d3ca17325ffcfe98e3ba3fbba8409fc79922e706d42a76d899d0eeaba0ff36e0fc9749ed6ef92
+  metadata.gz: 76bcdb3446508045873fa850e9bb5f1e86ae96cf1fbd19d5bd40ddc7c5975b9235645b2419fc4a692f013b743aea729ceaaad78e08adb532d2e5d1f5371d12c0
+  data.tar.gz: 6b000d0da70a970903d85753f05e10b1915e9ea11258d932939bd955c5af2ee87adcdf437307cd7dd93c074226f8ab1322776c92b4007de117a1ba1778b7df9a

data/.travis.yml CHANGED

@@ -1,6 +1,5 @@
 language: ruby
 rvm:
-  - 1.8.7
   - 1.9.2
   - 1.9.3
   - 2.0.0

data/README.md CHANGED

@@ -9,6 +9,15 @@ $ gem install encrypt_data_bag
 ## Usage
 ```
+$ encrypt_data_bag -h
+Usage: encrypt_data_bag [options]
+    -h, --help                       Display this message
+    -v, --version                    Display version
+    -s, --secret-file FILE           Secret key FILE
+    -i, --input-file FILE            Input FILE (plain-text data bag item)
+    -o, --output-file FILE           Output FILE (encrypted data bag item)
+    -d, --decrypt                    Decrypt the data bag item
 $ encrypt_data_bag -s ~/.chef/encrypted_data_bag_secret -i plain_text_item.rb -o encrypted_item.json
 ```

data/Rakefile CHANGED

@@ -16,6 +16,13 @@ task :test do
   system(command.join(" "))
   puts IO.read("test/tmp/staging.json")
   puts IO.read("test/tmp/production.rb")
+  command = ["bundle exec ./bin/encrypt_data_bag"]
+  command << "-s test/assets/encrypted_data_bag_secret"
+  command << "-i test/assets/data_bags/aws/development.json"
+  command << "-o test/tmp/development.rb"
+  command << "-d"
+  system(command.join(" "))
+  puts IO.read("test/tmp/development.rb")
 end
 task :default => :test

data/bin/encrypt_data_bag CHANGED

@@ -24,10 +24,17 @@ OptionParser.new { |options|
   options.on("-o", "--output-file FILE", "Output FILE (encrypted data bag item)") do |file|
     config[:output_file] = file
   end
+  options.on("-d", "--decrypt", "Decrypt the data bag item") do
+    config[:decrypt] = true
+  end
 }.parse!
 raise "You must provide a Secret key FILE (-s)" unless config[:secret_file]
 raise "You must provide an input FILE (-i)" unless config[:input_file]
 raise "You must provide an output FILE (-o)" unless config[:output_file]
-EncryptDataBag.from_file(config[:secret_file], config[:input_file], config[:output_file])
+EncryptDataBag.from_file(
+                         config[:secret_file],
+                         config[:input_file],
+                         config[:output_file],
+                         :decrypt => config[:decrypt])

data/lib/encrypt_data_bag.rb CHANGED

@@ -7,17 +7,21 @@ module EncryptDataBag
       File.extname(file) == ".json"
     end
-    def from_file(secret_file, input_file, output_file)
+    def from_file(secret_file, input_file, output_file, options={})
       secret = Chef::EncryptedDataBagItem.load_secret(secret_file)
-      raw_item = IO.read(input_file)
-      item = is_json_file?(input_file) ? JSON.parse(raw_item) : eval(raw_item)
+      input = IO.read(input_file)
+      item = is_json_file?(input_file) ? JSON.parse(input) : eval(input)
       item = Hash[item.map { |k, v| [k.to_s, v] }]
-      encrypted_item = Chef::EncryptedDataBagItem.encrypt_data_bag_item(item, secret)
+      output = if options[:decrypt]
+        Chef::EncryptedDataBagItem.new(item, secret).to_hash
+      else
+        Chef::EncryptedDataBagItem.encrypt_data_bag_item(item, secret)
+      end
       File.open(output_file, "w") do |file|
         if is_json_file?(output_file)
-          file.print(JSON.pretty_generate(encrypted_item))
+          file.print(JSON.pretty_generate(output))
         else
-          file.write(encrypted_item.pretty_inspect)
+          file.write(output.pretty_inspect)
         end
       end
     end

data/lib/encrypt_data_bag/version.rb CHANGED

@@ -1,3 +1,3 @@
 module EncryptDataBag
-  VERSION = "1.0.0"
+  VERSION = "1.1.0"
 end

data/test/assets/data_bags/aws/development.json ADDED

@@ -0,0 +1,27 @@
+{
+  "id": "development",
+  "aws_access_key_id": {
+    "encrypted_data": "OrX9/3urkoVg90nNBKZo9Yli/L62xugOcnZBUeWmHAY=\n",
+    "iv": "0PkVPxoHU8ABsyvb7LL5gw==\n",
+    "version": 1,
+    "cipher": "aes-256-cbc"
+  },
+  "aws_secret_access_key": {
+    "encrypted_data": "iFG6wvUEwQAH5cSNdXolHwWZac4yt3iyDrIuIq20QlA=\n",
+    "iv": "y5VDMAh6+XZMBR/tnr8kqQ==\n",
+    "version": 1,
+    "cipher": "aes-256-cbc"
+  },
+  "aws_x509_certificate": {
+    "encrypted_data": "8wkLFODJV6CLMnS3hS0H75I4nEAM3PkVtfG/LIUS9NI=\n",
+    "iv": "tOa9uKSYSf71Okh6Jipeew==\n",
+    "version": 1,
+    "cipher": "aes-256-cbc"
+  },
+  "aws_private_key": {
+    "encrypted_data": "xn9dVwhYGpk7C4sc7LmVBR6O1HZwlpr2gv6UUtFkpoQ=\n",
+    "iv": "T5Fp7pTJSrlftmauY6Baeg==\n",
+    "version": 1,
+    "cipher": "aes-256-cbc"
+  }
+}

data/test/assets/data_bags/aws/production.json CHANGED

@@ -1,7 +1,7 @@
 {
-    "id": "staging",
+    "id": "production",
     "aws_access_key_id": "foo",
     "aws_secret_access_key": "bar",
-    "aws_x509_certificate": "foo",
-    "aws_private_key": "bar"
+    "aws_x509_certificate": "foo\n",
+    "aws_private_key": "bar\n"
 }

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: encrypt_data_bag
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Sean Porter
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-01-16 00:00:00.000000000 Z
+date: 2014-01-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef
@@ -72,6 +72,7 @@ files:
 - lib/encrypt_data_bag/version.rb
 - test/assets/aws_private_key.pem
 - test/assets/aws_x509_certificate.crt
+- test/assets/data_bags/aws/development.json
 - test/assets/data_bags/aws/production.json
 - test/assets/data_bags/aws/staging.rb
 - test/assets/encrypted_data_bag_secret
@@ -103,6 +104,7 @@ summary: CLI tool for encrypting Chef data bag items
 test_files:
 - test/assets/aws_private_key.pem
 - test/assets/aws_x509_certificate.crt
+- test/assets/data_bags/aws/development.json
 - test/assets/data_bags/aws/production.json
 - test/assets/data_bags/aws/staging.rb
 - test/assets/encrypted_data_bag_secret