hiera-eyaml 3.2.0 → 3.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/release.yml +30 -0
- data/.github/workflows/test.yml +62 -0
- data/.gitignore +1 -0
- data/CHANGELOG.md +52 -1
- data/Gemfile +21 -16
- data/README.md +91 -5
- data/Rakefile +30 -0
- data/hiera-eyaml.gemspec +6 -3
- data/lib/hiera/backend/eyaml/encryptor.rb +3 -4
- data/lib/hiera/backend/eyaml/parser/encrypted_tokens.rb +53 -59
- data/lib/hiera/backend/eyaml/plugins.rb +5 -3
- data/lib/hiera/backend/eyaml/subcommands/encrypt.rb +4 -4
- data/lib/hiera/backend/eyaml.rb +1 -1
- data/lib/hiera/backend/eyaml_backend.rb +1 -1
- metadata +16 -12
- data/.travis.yml +0 -45
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1ba41ba9c345e4f06ad535c7b80c6ea77c6ac146e8c983ce19b447b75fbbec32
|
4
|
+
data.tar.gz: 93ebbe3b9a22e5a3fda21e304faf1f837fc6f592288eb6a3745d862d592a8b74
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 16b457ef156c42950e5610e503ffe45a8553b383f845d983ebf71fe3104312b742dfd325d61a59ad6e09895c485313611699f1063139567432886a693f964cb0
|
7
|
+
data.tar.gz: 66c315ed82b9516a246712d0659874188d6a58837068013f2bc40a31907624bf29c5044c883a519a216ebf8cdc5ce2347c94f960d93f50cca28b0fed79456be9
|
@@ -0,0 +1,30 @@
|
|
1
|
+
name: Release
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
tags:
|
6
|
+
- '*'
|
7
|
+
|
8
|
+
jobs:
|
9
|
+
release:
|
10
|
+
runs-on: ubuntu-latest
|
11
|
+
if: github.repository_owner == 'voxpupuli'
|
12
|
+
steps:
|
13
|
+
- uses: actions/checkout@v2
|
14
|
+
- name: Install Ruby 3.1
|
15
|
+
uses: ruby/setup-ruby@v1
|
16
|
+
with:
|
17
|
+
ruby-version: '3.1'
|
18
|
+
- name: Build gem
|
19
|
+
run: gem build *.gemspec
|
20
|
+
- name: Publish gem to rubygems.org
|
21
|
+
run: gem push *.gem
|
22
|
+
env:
|
23
|
+
GEM_HOST_API_KEY: '${{ secrets.RUBYGEMS_AUTH_TOKEN }}'
|
24
|
+
- name: Setup GitHub packages access
|
25
|
+
run: |
|
26
|
+
mkdir -p ~/.gem
|
27
|
+
echo ":github: Bearer ${{ secrets.GITHUB_TOKEN }}" >> ~/.gem/credentials
|
28
|
+
chmod 0600 ~/.gem/credentials
|
29
|
+
- name: Publish gem to GitHub packages
|
30
|
+
run: gem push --key github --host https://rubygems.pkg.github.com/voxpupuli *.gem
|
@@ -0,0 +1,62 @@
|
|
1
|
+
name: Test
|
2
|
+
|
3
|
+
on:
|
4
|
+
- pull_request
|
5
|
+
- push
|
6
|
+
|
7
|
+
env:
|
8
|
+
BUNDLE_WITHOUT: release
|
9
|
+
|
10
|
+
jobs:
|
11
|
+
test:
|
12
|
+
runs-on: ubuntu-latest
|
13
|
+
strategy:
|
14
|
+
fail-fast: false
|
15
|
+
matrix:
|
16
|
+
ruby:
|
17
|
+
- "2.5"
|
18
|
+
- "2.6"
|
19
|
+
- "2.7"
|
20
|
+
- "3.0"
|
21
|
+
- "3.1"
|
22
|
+
puppet:
|
23
|
+
- "~> 7.0"
|
24
|
+
- "~> 6.0"
|
25
|
+
- "https://github.com/puppetlabs/puppet.git#main"
|
26
|
+
exclude:
|
27
|
+
- ruby: "2.6"
|
28
|
+
puppet: "~> 7.0"
|
29
|
+
- ruby: "2.5"
|
30
|
+
puppet: "~> 7.0"
|
31
|
+
|
32
|
+
- ruby: "3.1"
|
33
|
+
puppet: "~> 6.0"
|
34
|
+
- ruby: "3.0"
|
35
|
+
puppet: "~> 6.0"
|
36
|
+
|
37
|
+
- ruby: "2.6"
|
38
|
+
puppet: "https://github.com/puppetlabs/puppet.git#main"
|
39
|
+
- ruby: "2.5"
|
40
|
+
puppet: "https://github.com/puppetlabs/puppet.git#main"
|
41
|
+
env:
|
42
|
+
PUPPET_VERSION: ${{ matrix.puppet }}
|
43
|
+
COVERAGE: ${{ matrix.coverage }}
|
44
|
+
name: "Ruby ${{ matrix.ruby }} - Puppet ${{ matrix.puppet }}"
|
45
|
+
steps:
|
46
|
+
- name: Enable coverage reporting on Ruby 3.1
|
47
|
+
if: matrix.puppet == '~> 7.0' && matrix.ruby == '3.1'
|
48
|
+
run: echo 'COVERAGE=yes' >> $GITHUB_ENV
|
49
|
+
- uses: actions/checkout@v2
|
50
|
+
- name: Install expect
|
51
|
+
run: sudo apt-get install expect
|
52
|
+
- name: Install Ruby ${{ matrix.ruby }}
|
53
|
+
uses: ruby/setup-ruby@v1
|
54
|
+
with:
|
55
|
+
ruby-version: ${{ matrix.ruby }}
|
56
|
+
bundler-cache: true
|
57
|
+
- name: spec tests
|
58
|
+
run: bundle exec rake features
|
59
|
+
- name: Verify gem builds
|
60
|
+
run: gem build *.gemspec
|
61
|
+
- name: Run tests
|
62
|
+
run: bundle exec cucumber -f progress
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
@@ -2,7 +2,55 @@
|
|
2
2
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
|
5
|
-
## [v3.
|
5
|
+
## [v3.3.0](https://github.com/voxpupuli/hiera-eyaml/tree/v3.3.0) (2022-05-20)
|
6
|
+
|
7
|
+
[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.2...v3.3.0)
|
8
|
+
|
9
|
+
**Implemented enhancements:**
|
10
|
+
|
11
|
+
- Build gem during CI [\#330](https://github.com/voxpupuli/hiera-eyaml/pull/330) ([bastelfreak](https://github.com/bastelfreak))
|
12
|
+
- Add more Ruby/Puppet versions to CI matrix [\#326](https://github.com/voxpupuli/hiera-eyaml/pull/326) ([bastelfreak](https://github.com/bastelfreak))
|
13
|
+
|
14
|
+
**Fixed bugs:**
|
15
|
+
|
16
|
+
- Repair ruby 3.1.x compability with backwards compability. Bumped vers… [\#329](https://github.com/voxpupuli/hiera-eyaml/pull/329) ([mmachner](https://github.com/mmachner))
|
17
|
+
- Fix an "undefined method" error with rubygems \>= 3.3.0 [\#327](https://github.com/voxpupuli/hiera-eyaml/pull/327) ([davidsansome](https://github.com/davidsansome))
|
18
|
+
|
19
|
+
## [v3.2.2](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.2) (2021-05-03)
|
20
|
+
|
21
|
+
[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.1...v3.2.2)
|
22
|
+
|
23
|
+
**Fixed bugs:**
|
24
|
+
|
25
|
+
- Using `3.2.1` for editing an eyaml created with `3.2.0` will mess up formatting [\#318](https://github.com/voxpupuli/hiera-eyaml/issues/318)
|
26
|
+
- Fix block formatting when editing [\#319](https://github.com/voxpupuli/hiera-eyaml/pull/319) ([kenyon](https://github.com/kenyon))
|
27
|
+
|
28
|
+
**Closed issues:**
|
29
|
+
|
30
|
+
- Concerns about the encrypted? method [\#316](https://github.com/voxpupuli/hiera-eyaml/issues/316)
|
31
|
+
|
32
|
+
## [v3.2.1](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.1) (2021-02-16)
|
33
|
+
|
34
|
+
[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.0...v3.2.1)
|
35
|
+
|
36
|
+
**Fixed bugs:**
|
37
|
+
|
38
|
+
- remove question mark from regex in encrypted? method [\#313](https://github.com/voxpupuli/hiera-eyaml/pull/313) ([mcka1n](https://github.com/mcka1n))
|
39
|
+
- Fix block folding [\#307](https://github.com/voxpupuli/hiera-eyaml/pull/307) ([kenyon](https://github.com/kenyon))
|
40
|
+
- add step-by-step how-to encrypting multiline values [\#304](https://github.com/voxpupuli/hiera-eyaml/pull/304) ([kBite](https://github.com/kBite))
|
41
|
+
|
42
|
+
**Closed issues:**
|
43
|
+
|
44
|
+
- eyaml edit should produce evenly folded blocks. [\#281](https://github.com/voxpupuli/hiera-eyaml/issues/281)
|
45
|
+
- Support version 4 hiera config [\#213](https://github.com/voxpupuli/hiera-eyaml/issues/213)
|
46
|
+
|
47
|
+
**Merged pull requests:**
|
48
|
+
|
49
|
+
- migrate CI to github actions [\#315](https://github.com/voxpupuli/hiera-eyaml/pull/315) ([bastelfreak](https://github.com/bastelfreak))
|
50
|
+
- gemspec: fix repo url / Drop Puppet 4/5 tests [\#311](https://github.com/voxpupuli/hiera-eyaml/pull/311) ([bastelfreak](https://github.com/bastelfreak))
|
51
|
+
- Unpin highline [\#310](https://github.com/voxpupuli/hiera-eyaml/pull/310) ([lucywyman](https://github.com/lucywyman))
|
52
|
+
|
53
|
+
## [v3.2.0](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.0) (2020-01-31)
|
6
54
|
|
7
55
|
[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.1.1...v3.2.0)
|
8
56
|
|
@@ -122,7 +170,10 @@ This is the first release after this project was migrated to Vox Pupuli.
|
|
122
170
|
- \(docs\) Update README with instructions for using Hiera 5 [\#229](https://github.com/voxpupuli/hiera-eyaml/pull/229) ([nfagerlund](https://github.com/nfagerlund))
|
123
171
|
- Attempt to resolve Travis CI issues [\#220](https://github.com/voxpupuli/hiera-eyaml/pull/220) ([rnelson0](https://github.com/rnelson0))
|
124
172
|
- Make it clear that the ID and parens must be deleted, not just the ID [\#188](https://github.com/voxpupuli/hiera-eyaml/pull/188) ([sdotz](https://github.com/sdotz))
|
173
|
+
- Refactor highline import [\#187](https://github.com/voxpupuli/hiera-eyaml/pull/187) ([petems](https://github.com/petems))
|
174
|
+
- Adding hiera-eyaml-kms plugin to readme file [\#184](https://github.com/voxpupuli/hiera-eyaml/pull/184) ([adenot](https://github.com/adenot))
|
125
175
|
- Make output of `eyaml decrypt` valid yaml with multiline values. [\#183](https://github.com/voxpupuli/hiera-eyaml/pull/183) ([peculater](https://github.com/peculater))
|
176
|
+
- Add testing support for puppet 4 [\#181](https://github.com/voxpupuli/hiera-eyaml/pull/181) ([peculater](https://github.com/peculater))
|
126
177
|
|
127
178
|
## v2.1.0 (2016-03-02)
|
128
179
|
|
data/Gemfile
CHANGED
@@ -1,31 +1,36 @@
|
|
1
1
|
source 'https://rubygems.org/'
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
3
|
+
# Find a location or specific version for a gem. place_or_version can be a
|
4
|
+
# version, which is most often used. It can also be git, which is specified as
|
5
|
+
# `git://somewhere.git#branch`. You can also use a file source location, which
|
6
|
+
# is specified as `file://some/location/on/disk`.
|
7
|
+
def location_for(place_or_version, fake_version = nil)
|
8
|
+
if place_or_version =~ /^(https[:@][^#]*)#(.*)/
|
9
|
+
[fake_version, { :git => $1, :branch => $2, :require => false }].compact
|
10
|
+
elsif place_or_version =~ /^file:\/\/(.*)/
|
11
|
+
['>= 0', { :path => File.expand_path($1), :require => false }]
|
12
|
+
else
|
13
|
+
[place_or_version, { :require => false }]
|
14
|
+
end
|
9
15
|
end
|
10
16
|
|
11
|
-
|
12
|
-
# Active Support 6.x requires ruby 2.5.0+
|
13
|
-
Gem::Requirement.create('>= 2.5.0').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) ? '~> 6.0' : '~> 5.0'
|
14
|
-
end
|
17
|
+
gemspec
|
15
18
|
|
16
19
|
group :development do
|
17
20
|
gem "aruba", '~> 0.6.2'
|
18
21
|
gem "cucumber", '~> 1.1'
|
19
22
|
gem "rspec-expectations", '~> 3.1.0'
|
20
23
|
gem "hiera-eyaml-plaintext"
|
21
|
-
gem
|
22
|
-
gem '
|
23
|
-
|
24
|
-
gem 'github_changelog_generator', :require => false, :git => 'https://github.com/voxpupuli/github-changelog-generator', :branch => 'voxpupuli_essential_fixes'
|
25
|
-
gem "activesupport", activesupport_restriction
|
26
|
-
end
|
24
|
+
gem 'puppet', *location_for(ENV['PUPPET_VERSION']) if ENV['PUPPET_VERSION']
|
25
|
+
gem 'github_changelog_generator'
|
26
|
+
gem "activesupport"
|
27
27
|
end
|
28
28
|
|
29
29
|
group :test do
|
30
30
|
gem "rake"
|
31
31
|
end
|
32
|
+
|
33
|
+
group :coverage, optional: ENV['COVERAGE'] != 'yes' do
|
34
|
+
gem 'simplecov-console', :require => false
|
35
|
+
gem 'codecov', :require => false
|
36
|
+
end
|
data/README.md
CHANGED
@@ -1,9 +1,12 @@
|
|
1
|
-
Hiera eyaml
|
2
|
-
===========
|
1
|
+
# Hiera eyaml
|
3
2
|
|
4
|
-
|
5
|
-
[![
|
6
|
-
[![
|
3
|
+
|
4
|
+
[![License](https://img.shields.io/github/license/voxpupuli/hiera-eyaml.svg)](https://github.com/voxpupuli/hiera-eyaml/blob/master/LICENSE)
|
5
|
+
[![Test](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/test.yml/badge.svg)](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/test.yml)
|
6
|
+
[![codecov](https://codecov.io/gh/voxpupuli/hiera-eyaml/branch/master/graph/badge.svg)](https://codecov.io/gh/voxpupuli/hiera-eyaml)
|
7
|
+
[![Release](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/release.yml/badge.svg)](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/release.yml)
|
8
|
+
[![RubyGem Version](https://img.shields.io/gem/v/hiera-eyaml.svg)](https://rubygems.org/gems/hiera-eyaml)
|
9
|
+
[![RubyGem Downloads](https://img.shields.io/gem/dt/hiera-eyaml.svg)](https://rubygems.org/gems/hiera-eyaml)
|
7
10
|
|
8
11
|
hiera-eyaml is a backend for Hiera that provides per-value encryption of sensitive data within yaml files
|
9
12
|
to be used by Puppet.
|
@@ -187,6 +190,89 @@ file just like any other eyaml string and your done. If the file is rather
|
|
187
190
|
large, you may wish to use a helper like `xclip` to copy the stdout directly to
|
188
191
|
your clipboard.
|
189
192
|
|
193
|
+
### Encrypting multiline values
|
194
|
+
|
195
|
+
The following step-by-step example shows you how to encrypt multiline values.
|
196
|
+
|
197
|
+
- Copy the YAML text below to a file named `multiline_example.eyaml`
|
198
|
+
```
|
199
|
+
---
|
200
|
+
accounts::key_sets:
|
201
|
+
dummy:
|
202
|
+
private: |
|
203
|
+
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
|
204
|
+
Comment: "dummy-key-hiera-eyaml-issue-rsa-key-20200911"
|
205
|
+
P2/56wAAANwAAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
|
206
|
+
1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAAjQAAAIkAAAAGJQAAAP93ZtrMIRZutZ/SZUyw
|
207
|
+
JWwyI4YxNvr5tBt9UnSJ7K0+rQAAAQDohO1ykUahsogS+ymM6o9WEmdROJZpWShCqdv8Dj
|
208
|
+
2roQAAAIDG1G8hY90Xlz/YiFhDZLLWAAAAgOzMWTfAlHbJ4AdEhG5uU/EAAACA+1/AlcSr
|
209
|
+
QEPM5xLW0unCsQ==
|
210
|
+
---- END SSH2 ENCRYPTED PRIVATE KEY ----
|
211
|
+
```
|
212
|
+
|
213
|
+
- Use `edit` to ...
|
214
|
+
- replace '|' with '>',
|
215
|
+
- prepend `DEC::PKCS7[` before the first line,
|
216
|
+
- remove all whitespaces used for indentation,
|
217
|
+
- and append `]!` to the last line of the multiline value.
|
218
|
+
|
219
|
+
`eyaml edit multiline_example.eyaml`
|
220
|
+
```
|
221
|
+
---
|
222
|
+
accounts::key_sets:
|
223
|
+
dummy:
|
224
|
+
private: >
|
225
|
+
DEC::PKCS7[---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
|
226
|
+
Comment: "dummy-key-hiera-eyaml-issue-rsa-key-20170123"
|
227
|
+
P2/56wAAANwAAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
|
228
|
+
1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAAjQAAAIkAAAAGJQAAAP93ZtrMIRZutZ/SZUyw
|
229
|
+
JWwyI4YxNvr5tBt9UnSJ7K0+rQAAAQDohO1ykUahsogS+ymM6o9WEmdROJZpWShCqdv8Dj
|
230
|
+
2roQAAAIDG1G8hY90Xlz/YiFhDZLLWAAAAgOzMWTfAlHbJ4AdEhG5uU/EAAACA+1/AlcSr
|
231
|
+
QEPM5xLW0unCsQ==
|
232
|
+
---- END SSH2 ENCRYPTED PRIVATE KEY ----]!
|
233
|
+
```
|
234
|
+
```
|
235
|
+
# resulting encrypted file
|
236
|
+
---
|
237
|
+
accounts::key_sets:
|
238
|
+
dummy:
|
239
|
+
private: >
|
240
|
+
ENC[PKCS7,MIIDTQYJKoZIhvcNAQcDoIIDPjCCAzoCAQAxggEhMIIBHQIBADAFMAACAQEw
|
241
|
+
DQYJKoZIhvcNAQEBBQAEggEAXH7xB1xuzoMAqA/3jSXO0ZUR6+UCb3DsTTj3
|
242
|
+
Lsrcx5oQBnJ/ml7GfBCPxBKfArZunLcnxmSk4hECKXdfgKsVjAa++JQWvtEm
|
243
|
+
HUNTFqvwd76Ku+nMfI9c8g+X+l6obLjzWfJdg3t6Ja7CJKl8UNFtSmbfYKVi
|
244
|
+
nZ0xBubgdY4plLAFcZyD5/A/lNFqwb051TRLbZOIRRfLUlRL7RNkKRC59Aog
|
245
|
+
S5aJXjmqx6vRzFifNK0JFZvYHGD75TiHJ5LFjg4rjgFd43AnK8iNo773ZWP2
|
246
|
+
48Gly5Zx7qVQDCDDi1YBgNFb0NIBQw+kWy7HcPH2REvPnXu/HV2FWvDP3Ond
|
247
|
+
yr2EbTCCAg4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEH+CjZJ1gKfaQIrr
|
248
|
+
N5zef7OAggHgBmRVsfaoiNEOzhmHZ5SxxZztmpBNtLv7mteaSqSL5o0TtKQh
|
249
|
+
SDgxBhaQmlL51+JM1Jsnvqm57ikZhj7Vtek/vr5DhYhWs0AxttH5rNaw0zKU
|
250
|
+
4bMppVu+SNKCtT+2Qw31x/S7gF7yVl+mwmXhq3qAj9ExWRX3d/8/zTuC61Io
|
251
|
+
f+7O6YUOucZ/m/YPrQnC5v7bDSKlIf1aFaKqukjM3QO8FZlAOHGPvRuWV2Om
|
252
|
+
QIgxQE6F8r+bTkW3KiVIx5FEIthRZ90VS3tz/2wjj77svddBhlid9ov/0ard
|
253
|
+
GGVNGsl1BFpLqxC0mpZXz237cL/aM58naqmX52J6YmC0xQM3DNmahWlYx1HV
|
254
|
+
J/Ogk12pOYPLJB/09OuoHPzKC4WfpB9B7wAC6pghRkO/84cOw6rgSdbzze5W
|
255
|
+
WMPvo181Y74BSBKhJDdO3lWYmEcDyx4TEsMUlpxd9PBDcOHqf9qHviXrwGzO
|
256
|
+
oSm2bUV0Fum5ueU+D2vu3mO0yIQ6fwyvDZLBRjfJV7K/PyDz81feWT6+g38t
|
257
|
+
AC27c0h8wk9b7HYfqG28nZE7F13qrhwCKnOaYLglsmbszNpRrBhfo1IHF6oM
|
258
|
+
YZRZrnrGQg5qQcxMsLq37RAfRgkY0rRLs78EEAhkf4NDxw0A/ovt]
|
259
|
+
```
|
260
|
+
- Output of `eyaml decrypt -f multiline_example.eyaml`:
|
261
|
+
```
|
262
|
+
---
|
263
|
+
accounts::key_sets:
|
264
|
+
dummy:
|
265
|
+
private: |
|
266
|
+
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
|
267
|
+
Comment: "dummy-key-hiera-eyaml-issue-rsa-key-20200911"
|
268
|
+
P2/56wAAANwAAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
|
269
|
+
1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAAjQAAAIkAAAAGJQAAAP93ZtrMIRZutZ/SZUyw
|
270
|
+
JWwyI4YxNvr5tBt9UnSJ7K0+rQAAAQDohO1ykUahsogS+ymM6o9WEmdROJZpWShCqdv8Dj
|
271
|
+
2roQAAAIDG1G8hY90Xlz/YiFhDZLLWAAAAgOzMWTfAlHbJ4AdEhG5uU/EAAACA+1/AlcSr
|
272
|
+
QEPM5xLW0unCsQ==
|
273
|
+
---- END SSH2 ENCRYPTED PRIVATE KEY ----
|
274
|
+
```
|
275
|
+
- The output *does NOT* have to be valid YAML for usage with Puppet.
|
190
276
|
|
191
277
|
Hiera
|
192
278
|
-----
|
data/Rakefile
CHANGED
@@ -1,5 +1,35 @@
|
|
1
|
+
begin
|
2
|
+
require 'simplecov'
|
3
|
+
require 'simplecov-console'
|
4
|
+
require 'codecov'
|
5
|
+
rescue LoadError
|
6
|
+
else
|
7
|
+
SimpleCov.start do
|
8
|
+
track_files 'lib/**/*.rb'
|
9
|
+
|
10
|
+
add_filter '/spec'
|
11
|
+
|
12
|
+
enable_coverage :branch
|
13
|
+
|
14
|
+
# do not track vendored files
|
15
|
+
add_filter '/vendor'
|
16
|
+
add_filter '/.vendor'
|
17
|
+
end
|
18
|
+
|
19
|
+
SimpleCov.formatters = [
|
20
|
+
SimpleCov::Formatter::Console,
|
21
|
+
SimpleCov::Formatter::Codecov,
|
22
|
+
]
|
23
|
+
end
|
1
24
|
require "bundler/gem_tasks"
|
2
25
|
|
26
|
+
# https://cucumber.io/docs/tools/ruby/
|
27
|
+
# https://stackoverflow.com/questions/6473419/using-simplecov-to-display-cucumber-code-coverage
|
28
|
+
require 'cucumber/rake/task'
|
29
|
+
Cucumber::Rake::Task.new(:features) do |t|
|
30
|
+
t.cucumber_opts = "--format progress" # Any valid command line option can go here.
|
31
|
+
end
|
32
|
+
|
3
33
|
begin
|
4
34
|
require 'github_changelog_generator/task'
|
5
35
|
GitHubChangelogGenerator::RakeTask.new :changelog do |config|
|
data/hiera-eyaml.gemspec
CHANGED
@@ -8,15 +8,18 @@ Gem::Specification.new do |gem|
|
|
8
8
|
gem.version = Hiera::Backend::Eyaml::VERSION
|
9
9
|
gem.description = "Hiera backend for decrypting encrypted yaml properties"
|
10
10
|
gem.summary = "OpenSSL Encryption backend for Hiera"
|
11
|
-
gem.author = "
|
11
|
+
gem.author = "Vox Pupuli"
|
12
|
+
gem.email = "voxpupuli@groups.io"
|
12
13
|
gem.license = "MIT"
|
13
14
|
|
14
|
-
gem.homepage = "
|
15
|
+
gem.homepage = "https://github.com/voxpupuli/hiera-eyaml/"
|
15
16
|
gem.files = `git ls-files`.split($/).reject { |file| file =~ /^features.*$/ }
|
16
17
|
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
18
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
19
|
gem.require_paths = ["lib"]
|
19
20
|
|
20
21
|
gem.add_dependency('optimist')
|
21
|
-
gem.add_dependency('highline'
|
22
|
+
gem.add_dependency('highline')
|
23
|
+
|
24
|
+
gem.required_ruby_version = '>= 2.5.0', ' < 4'
|
22
25
|
end
|
@@ -14,7 +14,7 @@ class Hiera
|
|
14
14
|
|
15
15
|
def self.find encryption_scheme = nil
|
16
16
|
encryption_scheme = Eyaml.default_encryption_scheme if encryption_scheme.nil?
|
17
|
-
require "hiera/backend/eyaml/encryptors/#{File.basename encryption_scheme.downcase}"
|
17
|
+
require "hiera/backend/eyaml/encryptors/#{File.basename encryption_scheme.downcase}"
|
18
18
|
encryptor_module = Module.const_get('Hiera').const_get('Backend').const_get('Eyaml').const_get('Encryptors')
|
19
19
|
encryptor_class = Utils.find_closest_class :parent_class => encryptor_module, :class_name => encryption_scheme
|
20
20
|
raise StandardError, "Could not find hiera-eyaml encryptor: #{encryption_scheme}. Try gem install hiera-eyaml-#{encryption_scheme.downcase} ?" if encryptor_class.nil?
|
@@ -22,14 +22,14 @@ class Hiera
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def self.encode binary_string
|
25
|
-
Base64.
|
25
|
+
Base64.strict_encode64(binary_string)
|
26
26
|
end
|
27
27
|
|
28
28
|
def self.decode string
|
29
29
|
Base64.decode64(string)
|
30
30
|
end
|
31
31
|
|
32
|
-
def self.encrypt *args
|
32
|
+
def self.encrypt *args
|
33
33
|
raise StandardError, "encrypt() not defined for encryptor plugin: #{self}"
|
34
34
|
end
|
35
35
|
|
@@ -80,4 +80,3 @@ class Hiera
|
|
80
80
|
end
|
81
81
|
end
|
82
82
|
end
|
83
|
-
|
@@ -4,34 +4,36 @@ require 'hiera/backend/eyaml/encryptor'
|
|
4
4
|
require 'hiera/backend/eyaml'
|
5
5
|
require 'base64'
|
6
6
|
|
7
|
-
|
8
7
|
class Hiera
|
9
8
|
module Backend
|
10
9
|
module Eyaml
|
11
10
|
module Parser
|
12
11
|
class EncToken < Token
|
13
|
-
@@tokens_map =
|
12
|
+
@@tokens_map = {}
|
14
13
|
@@encrypt_unchanged = true
|
15
14
|
attr_reader :format, :cipher, :encryptor, :indentation, :plain_text, :id
|
15
|
+
|
16
16
|
def self.encrypted_value(format, encryption_scheme, cipher, match, indentation = '')
|
17
17
|
decryptor = Encryptor.find encryption_scheme
|
18
|
-
plain_text = decryptor.decrypt(
|
18
|
+
plain_text = decryptor.decrypt(decryptor.decode(cipher))
|
19
19
|
EncToken.new(format, plain_text, decryptor, cipher, match, indentation)
|
20
20
|
end
|
21
|
+
|
21
22
|
def self.decrypted_value(format, plain_text, encryption_scheme, match, id, indentation = '')
|
22
23
|
encryptor = Encryptor.find encryption_scheme
|
23
|
-
cipher = encryptor.encode(
|
24
|
-
id_number = id.nil? ? nil : id.gsub(/\(|\)/,
|
24
|
+
cipher = encryptor.encode(encryptor.encrypt(plain_text))
|
25
|
+
id_number = id.nil? ? nil : id.gsub(/\(|\)/, '').to_i
|
25
26
|
EncToken.new(format, plain_text, encryptor, cipher, match, indentation, id_number)
|
26
27
|
end
|
28
|
+
|
27
29
|
def self.plain_text_value(format, plain_text, encryption_scheme, match, id, indentation = '')
|
28
30
|
encryptor = Encryptor.find encryption_scheme
|
29
|
-
id_number = id.gsub(/\(|\)/,
|
30
|
-
EncToken.new(format, plain_text, encryptor,
|
31
|
+
id_number = id.gsub(/\(|\)/, '').to_i unless id.nil?
|
32
|
+
EncToken.new(format, plain_text, encryptor, '', match, indentation, id_number)
|
31
33
|
end
|
32
34
|
|
33
35
|
def self.tokens_map
|
34
|
-
|
36
|
+
@@tokens_map
|
35
37
|
end
|
36
38
|
|
37
39
|
def self.set_encrypt_unchanged(encrypt_unchanged)
|
@@ -39,12 +41,12 @@ class Hiera
|
|
39
41
|
end
|
40
42
|
|
41
43
|
def self.encrypt_unchanged
|
42
|
-
|
44
|
+
@@encrypt_unchanged
|
43
45
|
end
|
44
46
|
|
45
47
|
def initialize(format, plain_text, encryptor, cipher, match = '', indentation = '', id = nil)
|
46
48
|
@format = format
|
47
|
-
@plain_text = Utils.convert_to_utf_8(
|
49
|
+
@plain_text = Utils.convert_to_utf_8(plain_text)
|
48
50
|
@encryptor = encryptor
|
49
51
|
@cipher = cipher
|
50
52
|
@indentation = indentation
|
@@ -52,69 +54,64 @@ class Hiera
|
|
52
54
|
super(match)
|
53
55
|
end
|
54
56
|
|
55
|
-
def to_encrypted(args={})
|
57
|
+
def to_encrypted(args = {})
|
56
58
|
label = args[:label]
|
57
59
|
label_string = label.nil? ? '' : "#{label}: "
|
58
60
|
format = args[:format].nil? ? @format : args[:format]
|
59
61
|
encryption_method = args[:change_encryption]
|
60
|
-
|
62
|
+
unless encryption_method.nil?
|
61
63
|
@encryptor = Encryptor.find encryption_method
|
62
|
-
@cipher = Base64.
|
64
|
+
@cipher = Base64.strict_encode64(@encryptor.encrypt(@plain_text))
|
63
65
|
end
|
64
66
|
case format
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
"#{label_string}ENC[#{@encryptor.tag},#{ciphertext}]"
|
75
|
-
else
|
76
|
-
raise "#{@format} is not a valid format"
|
67
|
+
when :block
|
68
|
+
@cipher = @cipher.gsub(/\s/, '')
|
69
|
+
chevron = args[:use_chevron].nil? || args[:use_chevron] ? ">\n" : ''
|
70
|
+
"#{label_string}#{chevron}" + @indentation + "ENC[#{@encryptor.tag},#{@cipher}]".scan(/.{1,60}/).join("\n" + @indentation)
|
71
|
+
when :string
|
72
|
+
ciphertext = @cipher.gsub(/[\n\r]/, '')
|
73
|
+
"#{label_string}ENC[#{@encryptor.tag},#{ciphertext}]"
|
74
|
+
else
|
75
|
+
raise "#{@format} is not a valid format"
|
77
76
|
end
|
78
77
|
end
|
79
78
|
|
80
|
-
def to_decrypted(args={})
|
79
|
+
def to_decrypted(args = {})
|
81
80
|
label = args[:label]
|
82
81
|
label_string = label.nil? ? '' : "#{label}: "
|
83
82
|
format = args[:format].nil? ? @format : args[:format]
|
84
83
|
index = args[:index].nil? ? '' : "(#{args[:index]})"
|
85
|
-
if @@encrypt_unchanged == false
|
86
|
-
EncToken.tokens_map[index] = @plain_text
|
87
|
-
end
|
84
|
+
EncToken.tokens_map[index] = @plain_text if @@encrypt_unchanged == false
|
88
85
|
|
89
86
|
case format
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
87
|
+
when :block
|
88
|
+
chevron = args[:use_chevron].nil? || args[:use_chevron] ? ">\n" : ''
|
89
|
+
"#{label_string}#{chevron}" + indentation + "DEC#{index}::#{@encryptor.tag}[" + @plain_text + ']!'
|
90
|
+
when :string
|
91
|
+
"#{label_string}DEC#{index}::#{@encryptor.tag}[" + @plain_text + ']!'
|
92
|
+
else
|
93
|
+
raise "#{@format} is not a valid format"
|
97
94
|
end
|
98
95
|
end
|
99
96
|
|
100
97
|
def to_plain_text
|
101
98
|
@plain_text
|
102
99
|
end
|
103
|
-
|
104
100
|
end
|
105
101
|
|
106
102
|
class EncTokenType < TokenType
|
107
103
|
def create_enc_token(match, type, enc_comma, cipher, indentation = '')
|
108
|
-
encryption_scheme = enc_comma.nil? ? Eyaml.default_encryption_scheme : enc_comma.split(
|
104
|
+
encryption_scheme = enc_comma.nil? ? Eyaml.default_encryption_scheme : enc_comma.split(',').first
|
109
105
|
EncToken.encrypted_value(type, encryption_scheme, cipher, match, indentation)
|
110
106
|
end
|
111
107
|
end
|
112
108
|
|
113
109
|
class EncHieraTokenType < EncTokenType
|
114
110
|
def initialize
|
115
|
-
@regex =
|
116
|
-
@string_token_type = EncStringTokenType.new
|
111
|
+
@regex = %r{ENC\[(\w+,)?([a-zA-Z0-9+/ =\n]+?)\]}
|
112
|
+
@string_token_type = EncStringTokenType.new
|
117
113
|
end
|
114
|
+
|
118
115
|
def create_token(string)
|
119
116
|
@string_token_type.create_token(string.gsub(/\s/, ''))
|
120
117
|
end
|
@@ -122,58 +119,55 @@ class Hiera
|
|
122
119
|
|
123
120
|
class EncStringTokenType < EncTokenType
|
124
121
|
def initialize
|
125
|
-
@regex =
|
122
|
+
@regex = %r{ENC\[(\w+,)?([a-zA-Z0-9+/=]+?)\]}
|
126
123
|
end
|
124
|
+
|
127
125
|
def create_token(string)
|
128
126
|
md = @regex.match(string)
|
129
|
-
|
127
|
+
create_enc_token(string, :string, md[1], md[2])
|
130
128
|
end
|
131
129
|
end
|
132
130
|
|
133
131
|
class EncBlockTokenType < EncTokenType
|
134
132
|
def initialize
|
135
|
-
@regex =
|
133
|
+
@regex = %r{>\n(\s*)ENC\[(\w+,)?([a-zA-Z0-9+/=\s]+?)\]}
|
136
134
|
end
|
135
|
+
|
137
136
|
def create_token(string)
|
138
137
|
md = @regex.match(string)
|
139
|
-
|
138
|
+
create_enc_token(string, :block, md[2], md[3], md[1])
|
140
139
|
end
|
141
140
|
end
|
142
141
|
|
143
142
|
class DecStringTokenType < TokenType
|
144
143
|
def initialize
|
145
|
-
@regex = /DEC(\(\d+\))?::(\w+)\[(.+?)\]
|
144
|
+
@regex = /DEC(\(\d+\))?::(\w+)\[(.+?)\]!/m
|
146
145
|
end
|
146
|
+
|
147
147
|
def create_token(string)
|
148
148
|
md = @regex.match(string)
|
149
|
-
if
|
150
|
-
|
151
|
-
if md[3] == EncToken.tokens_map[md[1]]
|
152
|
-
return EncToken.plain_text_value(:string, md[3], md[2], string, md[1])
|
153
|
-
end
|
154
|
-
end
|
149
|
+
if EncToken.encrypt_unchanged == false && !md[1].nil? && (md[3] == EncToken.tokens_map[md[1]])
|
150
|
+
return EncToken.plain_text_value(:string, md[3], md[2], string, md[1])
|
155
151
|
end
|
152
|
+
|
156
153
|
EncToken.decrypted_value(:string, md[3], md[2], string, md[1])
|
157
154
|
end
|
158
155
|
end
|
159
156
|
|
160
157
|
class DecBlockTokenType < TokenType
|
161
158
|
def initialize
|
162
|
-
@regex = />\n(\s*)DEC(\(\d+\))?::(\w+)\[(.+?)\]
|
159
|
+
@regex = />\n(\s*)DEC(\(\d+\))?::(\w+)\[(.+?)\]!/m
|
163
160
|
end
|
161
|
+
|
164
162
|
def create_token(string)
|
165
163
|
md = @regex.match(string)
|
166
|
-
if
|
167
|
-
|
168
|
-
if md[4] == EncToken.tokens_map[md[2]]
|
169
|
-
return EncToken.plain_text_value(:string, md[4], md[3], string, md[2])
|
170
|
-
end
|
171
|
-
end
|
164
|
+
if EncToken.encrypt_unchanged == false && !md[2].nil? && (md[4] == EncToken.tokens_map[md[2]])
|
165
|
+
return EncToken.plain_text_value(:string, md[4], md[3], string, md[2])
|
172
166
|
end
|
167
|
+
|
173
168
|
EncToken.decrypted_value(:block, md[4], md[3], string, md[2], md[1])
|
174
169
|
end
|
175
170
|
end
|
176
|
-
|
177
171
|
end
|
178
172
|
end
|
179
173
|
end
|
@@ -25,20 +25,22 @@ class Hiera
|
|
25
25
|
|
26
26
|
def self.find
|
27
27
|
|
28
|
+
gem_version = Gem::Version.new(Gem::VERSION)
|
28
29
|
this_version = Gem::Version.create(Hiera::Backend::Eyaml::VERSION)
|
29
|
-
index =
|
30
|
+
index = gem_version >= Gem::Version.new("1.8.0") ? Gem::Specification : Gem.source_index
|
30
31
|
|
31
32
|
[index].flatten.each do |source|
|
32
|
-
specs =
|
33
|
+
specs = gem_version >= Gem::Version.new("1.6.0") ? source.latest_specs(true) : source.latest_specs
|
33
34
|
|
34
35
|
specs.each do |spec|
|
36
|
+
spec = spec.to_spec if spec.respond_to?(:to_spec)
|
35
37
|
next if @@plugins.include? spec
|
36
38
|
|
37
39
|
dependency = spec.dependencies.find { |d| d.name == "hiera-eyaml" }
|
38
40
|
next if dependency && !dependency.requirement.satisfied_by?( this_version )
|
39
41
|
|
40
42
|
file = nil
|
41
|
-
if
|
43
|
+
if gem_version >= Gem::Version.new("1.8.0")
|
42
44
|
file = spec.matches_for_glob("**/eyaml_init.rb").first
|
43
45
|
else
|
44
46
|
file = Gem.searcher.matching_files(spec, "**/eyaml_init.rb").first
|
@@ -11,12 +11,12 @@ class Hiera
|
|
11
11
|
class Encrypt < Subcommand
|
12
12
|
|
13
13
|
def self.options
|
14
|
-
[{:name => :password,
|
15
|
-
:description => "Source input is a password entered on the terminal",
|
14
|
+
[{:name => :password,
|
15
|
+
:description => "Source input is a password entered on the terminal",
|
16
16
|
:short => 'p'},
|
17
17
|
{:name => :string,
|
18
18
|
:description => "Source input is a string provided as an argument",
|
19
|
-
:short => 's',
|
19
|
+
:short => 's',
|
20
20
|
:type => :string},
|
21
21
|
{:name => :file,
|
22
22
|
:description => "Source input is a regular file",
|
@@ -78,7 +78,7 @@ class Hiera
|
|
78
78
|
else
|
79
79
|
encryptor = Encryptor.find
|
80
80
|
ciphertext = encryptor.encode( encryptor.encrypt(Eyaml::Options[:input_data]) )
|
81
|
-
token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, '
|
81
|
+
token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, ' ')
|
82
82
|
case Eyaml::Options[:output]
|
83
83
|
when "block"
|
84
84
|
token.to_encrypted :label => Eyaml::Options[:label], :use_chevron => !Eyaml::Options[:label].nil?, :format => :block
|
data/lib/hiera/backend/eyaml.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hiera-eyaml
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- Vox Pupuli
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-05-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: optimist
|
@@ -28,25 +28,26 @@ dependencies:
|
|
28
28
|
name: highline
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- - "
|
31
|
+
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version:
|
33
|
+
version: '0'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- - "
|
38
|
+
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version:
|
40
|
+
version: '0'
|
41
41
|
description: Hiera backend for decrypting encrypted yaml properties
|
42
|
-
email:
|
42
|
+
email: voxpupuli@groups.io
|
43
43
|
executables:
|
44
44
|
- eyaml
|
45
45
|
extensions: []
|
46
46
|
extra_rdoc_files: []
|
47
47
|
files:
|
48
|
+
- ".github/workflows/release.yml"
|
49
|
+
- ".github/workflows/test.yml"
|
48
50
|
- ".gitignore"
|
49
|
-
- ".travis.yml"
|
50
51
|
- CHANGELOG.md
|
51
52
|
- Gemfile
|
52
53
|
- HISTORY.md
|
@@ -86,7 +87,7 @@ files:
|
|
86
87
|
- sublime_text/eyaml.syntax_definition.json
|
87
88
|
- tools/git_tag_release.rb
|
88
89
|
- tools/regem.sh
|
89
|
-
homepage:
|
90
|
+
homepage: https://github.com/voxpupuli/hiera-eyaml/
|
90
91
|
licenses:
|
91
92
|
- MIT
|
92
93
|
metadata: {}
|
@@ -98,14 +99,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
98
99
|
requirements:
|
99
100
|
- - ">="
|
100
101
|
- !ruby/object:Gem::Version
|
101
|
-
version:
|
102
|
+
version: 2.5.0
|
103
|
+
- - "<"
|
104
|
+
- !ruby/object:Gem::Version
|
105
|
+
version: '4'
|
102
106
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
103
107
|
requirements:
|
104
108
|
- - ">="
|
105
109
|
- !ruby/object:Gem::Version
|
106
110
|
version: '0'
|
107
111
|
requirements: []
|
108
|
-
rubygems_version: 3.
|
112
|
+
rubygems_version: 3.3.7
|
109
113
|
signing_key:
|
110
114
|
specification_version: 4
|
111
115
|
summary: OpenSSL Encryption backend for Hiera
|
data/.travis.yml
DELETED
@@ -1,45 +0,0 @@
|
|
1
|
-
---
|
2
|
-
dist: trusty
|
3
|
-
language: ruby
|
4
|
-
cache: bundler
|
5
|
-
sudo: false
|
6
|
-
before_install:
|
7
|
-
- bundle -v
|
8
|
-
- rm Gemfile.lock || true
|
9
|
-
- gem update --system $RUBYGEMS_VERSION
|
10
|
-
- gem update bundler
|
11
|
-
- gem --version
|
12
|
-
- bundle -v
|
13
|
-
addons:
|
14
|
-
apt:
|
15
|
-
packages:
|
16
|
-
- expect
|
17
|
-
script:
|
18
|
-
bundle exec cucumber -f progress
|
19
|
-
matrix:
|
20
|
-
include:
|
21
|
-
- rvm: 2.1.9
|
22
|
-
env: PUPPET_VERSION="~> 4.0" RUBYGEMS_VERSION=2.7.8
|
23
|
-
- rvm: 2.4.2
|
24
|
-
env: PUPPET_VERSION="~> 5.0"
|
25
|
-
- rvm: 2.5.7
|
26
|
-
env: PUPPET_VERSION="~> 6.0"
|
27
|
-
notifications:
|
28
|
-
email: false
|
29
|
-
irc:
|
30
|
-
on_success: always
|
31
|
-
on_failure: always
|
32
|
-
channels:
|
33
|
-
- "chat.freenode.org#voxpupuli-notifications"
|
34
|
-
branches:
|
35
|
-
only:
|
36
|
-
- master
|
37
|
-
- /^v\d/
|
38
|
-
deploy:
|
39
|
-
provider: rubygems
|
40
|
-
api_key:
|
41
|
-
secure: 'W6a8A3KfxNydnbK4qhpL4S4KBUnadw8eGr1s8vqeOc8gXlc/qkj/DET9jWpgaEsdnEN/ALJL0WEksYJCHDpdeJv1qKaidFg5dC5l+qZ5gdVHRoKKVFkVlt8WDHe5UdP+bI2vUHWQ/1c04P92+jU9SJ0afTU1xUFn4d3AWCgwmdk='
|
42
|
-
gem: hiera-eyaml
|
43
|
-
on:
|
44
|
-
tags: true
|
45
|
-
repo: voxpupuli/hiera-eyaml
|