RubyGems - hiera-eyaml - Versions diffs - 3.2.0 → 3.3.0 - Mend

hiera-eyaml 3.2.0 → 3.3.0

Files changed (17) hide show

checksums.yaml +4 -4
data/.github/workflows/release.yml +30 -0
data/.github/workflows/test.yml +62 -0
data/.gitignore +1 -0
data/CHANGELOG.md +52 -1
data/Gemfile +21 -16
data/README.md +91 -5
data/Rakefile +30 -0
data/hiera-eyaml.gemspec +6 -3
data/lib/hiera/backend/eyaml/encryptor.rb +3 -4
data/lib/hiera/backend/eyaml/parser/encrypted_tokens.rb +53 -59
data/lib/hiera/backend/eyaml/plugins.rb +5 -3
data/lib/hiera/backend/eyaml/subcommands/encrypt.rb +4 -4
data/lib/hiera/backend/eyaml.rb +1 -1
data/lib/hiera/backend/eyaml_backend.rb +1 -1
metadata +16 -12
data/.travis.yml +0 -45

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5e93c2ee103e419937e800cf29d8cc795848cf89340bb8480508c3b43937c9e7
-  data.tar.gz: f57e685ca3abd2eaa6018dd1ab82a4a93619225f53fa3a5d2fede6064337b2f3
+  metadata.gz: 1ba41ba9c345e4f06ad535c7b80c6ea77c6ac146e8c983ce19b447b75fbbec32
+  data.tar.gz: 93ebbe3b9a22e5a3fda21e304faf1f837fc6f592288eb6a3745d862d592a8b74
 SHA512:
-  metadata.gz: 2d270bb605a92a56a8b188a4f5a8f3b525966ac4bdab284a833bdf2f5ed4b36e0190d709291e5c21e35df0cc986e98e6fda5c18f85de8f7384edc5da0651f4dc
-  data.tar.gz: 108c7c1ec985b9523cbf05bc0493c486e8df42f9f6c23d623c2ac72d485486871f819e8b6691cb800ff0e0e469f45438527fe8beb00237d456b2e408fc5d50f2
+  metadata.gz: 16b457ef156c42950e5610e503ffe45a8553b383f845d983ebf71fe3104312b742dfd325d61a59ad6e09895c485313611699f1063139567432886a693f964cb0
+  data.tar.gz: 66c315ed82b9516a246712d0659874188d6a58837068013f2bc40a31907624bf29c5044c883a519a216ebf8cdc5ce2347c94f960d93f50cca28b0fed79456be9

data/.github/workflows/release.yml ADDED Viewed

@@ -0,0 +1,30 @@
+name: Release
+on:
+  push:
+    tags:
+      - '*'
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'voxpupuli'
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install Ruby 3.1
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '3.1'
+      - name: Build gem
+        run: gem build *.gemspec
+      - name: Publish gem to rubygems.org
+        run: gem push *.gem
+        env:
+          GEM_HOST_API_KEY: '${{ secrets.RUBYGEMS_AUTH_TOKEN }}'
+      - name: Setup GitHub packages access
+        run: |
+          mkdir -p ~/.gem
+          echo ":github: Bearer ${{ secrets.GITHUB_TOKEN }}" >> ~/.gem/credentials
+          chmod 0600 ~/.gem/credentials
+      - name: Publish gem to GitHub packages
+        run: gem push --key github --host https://rubygems.pkg.github.com/voxpupuli *.gem

data/.github/workflows/test.yml ADDED Viewed

@@ -0,0 +1,62 @@
+name: Test
+on:
+  - pull_request
+  - push
+env:
+  BUNDLE_WITHOUT: release
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - "2.5"
+          - "2.6"
+          - "2.7"
+          - "3.0"
+          - "3.1"
+        puppet:
+          - "~> 7.0"
+          - "~> 6.0"
+          - "https://github.com/puppetlabs/puppet.git#main"
+        exclude:
+          - ruby: "2.6"
+            puppet: "~> 7.0"
+          - ruby: "2.5"
+            puppet: "~> 7.0"
+          - ruby: "3.1"
+            puppet: "~> 6.0"
+          - ruby: "3.0"
+            puppet: "~> 6.0"
+          - ruby: "2.6"
+            puppet: "https://github.com/puppetlabs/puppet.git#main"
+          - ruby: "2.5"
+            puppet: "https://github.com/puppetlabs/puppet.git#main"
+    env:
+      PUPPET_VERSION: ${{ matrix.puppet }}
+      COVERAGE: ${{ matrix.coverage }}
+    name: "Ruby ${{ matrix.ruby }} - Puppet ${{ matrix.puppet }}"
+    steps:
+      - name: Enable coverage reporting on Ruby 3.1
+        if: matrix.puppet == '~> 7.0' && matrix.ruby == '3.1'
+        run: echo 'COVERAGE=yes' >> $GITHUB_ENV
+      - uses: actions/checkout@v2
+      - name: Install expect
+        run: sudo apt-get install expect
+      - name: Install Ruby ${{ matrix.ruby }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: spec tests
+        run: bundle exec rake features
+      - name: Verify gem builds
+        run: gem build *.gemspec
+      - name: Run tests
+        run: bundle exec cucumber -f progress

data/.gitignore CHANGED Viewed

@@ -16,3 +16,4 @@ features/sandbox/puppet-hiera-merge/reports
 features/sandbox/puppet-hiera-merge/state
 features/sandbox/puppet/reports
 features/sandbox/puppet/state
+.vendor/

data/CHANGELOG.md CHANGED Viewed

@@ -2,7 +2,55 @@
 All notable changes to this project will be documented in this file.
-## [v3.2.0](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.0) (2020-01-30)
+## [v3.3.0](https://github.com/voxpupuli/hiera-eyaml/tree/v3.3.0) (2022-05-20)
+[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.2...v3.3.0)
+**Implemented enhancements:**
+- Build gem during CI [\#330](https://github.com/voxpupuli/hiera-eyaml/pull/330) ([bastelfreak](https://github.com/bastelfreak))
+- Add more Ruby/Puppet versions to CI matrix [\#326](https://github.com/voxpupuli/hiera-eyaml/pull/326) ([bastelfreak](https://github.com/bastelfreak))
+**Fixed bugs:**
+- Repair ruby 3.1.x compability with backwards compability. Bumped vers… [\#329](https://github.com/voxpupuli/hiera-eyaml/pull/329) ([mmachner](https://github.com/mmachner))
+- Fix an "undefined method" error with rubygems \>= 3.3.0 [\#327](https://github.com/voxpupuli/hiera-eyaml/pull/327) ([davidsansome](https://github.com/davidsansome))
+## [v3.2.2](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.2) (2021-05-03)
+[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.1...v3.2.2)
+**Fixed bugs:**
+- Using `3.2.1` for editing an eyaml created with `3.2.0` will mess up formatting [\#318](https://github.com/voxpupuli/hiera-eyaml/issues/318)
+- Fix block formatting when editing [\#319](https://github.com/voxpupuli/hiera-eyaml/pull/319) ([kenyon](https://github.com/kenyon))
+**Closed issues:**
+- Concerns about the encrypted? method [\#316](https://github.com/voxpupuli/hiera-eyaml/issues/316)
+## [v3.2.1](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.1) (2021-02-16)
+[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.0...v3.2.1)
+**Fixed bugs:**
+- remove question mark from regex in encrypted? method [\#313](https://github.com/voxpupuli/hiera-eyaml/pull/313) ([mcka1n](https://github.com/mcka1n))
+- Fix block folding [\#307](https://github.com/voxpupuli/hiera-eyaml/pull/307) ([kenyon](https://github.com/kenyon))
+- add step-by-step how-to encrypting multiline values [\#304](https://github.com/voxpupuli/hiera-eyaml/pull/304) ([kBite](https://github.com/kBite))
+**Closed issues:**
+- eyaml edit should produce evenly folded blocks. [\#281](https://github.com/voxpupuli/hiera-eyaml/issues/281)
+- Support version 4 hiera config [\#213](https://github.com/voxpupuli/hiera-eyaml/issues/213)
+**Merged pull requests:**
+- migrate CI to github actions [\#315](https://github.com/voxpupuli/hiera-eyaml/pull/315) ([bastelfreak](https://github.com/bastelfreak))
+- gemspec: fix repo url / Drop Puppet 4/5 tests [\#311](https://github.com/voxpupuli/hiera-eyaml/pull/311) ([bastelfreak](https://github.com/bastelfreak))
+- Unpin highline [\#310](https://github.com/voxpupuli/hiera-eyaml/pull/310) ([lucywyman](https://github.com/lucywyman))
+## [v3.2.0](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.0) (2020-01-31)
 [Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.1.1...v3.2.0)
@@ -122,7 +170,10 @@ This is the first release after this project was migrated to Vox Pupuli.
 - \(docs\) Update README with instructions for using Hiera 5 [\#229](https://github.com/voxpupuli/hiera-eyaml/pull/229) ([nfagerlund](https://github.com/nfagerlund))
 - Attempt to resolve Travis CI issues [\#220](https://github.com/voxpupuli/hiera-eyaml/pull/220) ([rnelson0](https://github.com/rnelson0))
 - Make it clear that the ID and parens must be deleted, not just the ID [\#188](https://github.com/voxpupuli/hiera-eyaml/pull/188) ([sdotz](https://github.com/sdotz))
+- Refactor highline import [\#187](https://github.com/voxpupuli/hiera-eyaml/pull/187) ([petems](https://github.com/petems))
+- Adding hiera-eyaml-kms plugin to readme file [\#184](https://github.com/voxpupuli/hiera-eyaml/pull/184) ([adenot](https://github.com/adenot))
 - Make output of `eyaml decrypt` valid yaml with multiline values. [\#183](https://github.com/voxpupuli/hiera-eyaml/pull/183) ([peculater](https://github.com/peculater))
+- Add testing support for puppet 4 [\#181](https://github.com/voxpupuli/hiera-eyaml/pull/181) ([peculater](https://github.com/peculater))
 ## v2.1.0 (2016-03-02)

data/Gemfile CHANGED Viewed

@@ -1,31 +1,36 @@
 source 'https://rubygems.org/'
-gemspec
-def default_puppet_restriction
-  # Puppet 6 should be the default for Ruby 2.5+
-  # Puppet 5 should be the defualt for Ruby 2.4
-  Gem::Requirement.create('>= 2.5.0').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) ? '~> 6.0' : '~> 5.0'
+# Find a location or specific version for a gem. place_or_version can be a
+# version, which is most often used. It can also be git, which is specified as
+# `git://somewhere.git#branch`. You can also use a file source location, which
+# is specified as `file://some/location/on/disk`.
+def location_for(place_or_version, fake_version = nil)
+  if place_or_version =~ /^(https[:@][^#]*)#(.*)/
+    [fake_version, { :git => $1, :branch => $2, :require => false }].compact
+  elsif place_or_version =~ /^file:\/\/(.*)/
+    ['>= 0', { :path => File.expand_path($1), :require => false }]
+  else
+    [place_or_version, { :require => false }]
+  end
 end
-def activesupport_restriction
-  # Active Support 6.x requires ruby 2.5.0+
-  Gem::Requirement.create('>= 2.5.0').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) ? '~> 6.0' : '~> 5.0'
-end
+gemspec
 group :development do
   gem "aruba", '~> 0.6.2'
   gem "cucumber", '~> 1.1'
   gem "rspec-expectations", '~> 3.1.0'
   gem "hiera-eyaml-plaintext"
-  gem "puppet", ENV['PUPPET_VERSION'] || default_puppet_restriction
-  gem 'json_pure', '<= 2.0.1' if RUBY_VERSION < '2.0.0'
-  if RUBY_VERSION >= '2.2.2'
-    gem 'github_changelog_generator',  :require => false, :git => 'https://github.com/voxpupuli/github-changelog-generator', :branch => 'voxpupuli_essential_fixes'
-    gem "activesupport", activesupport_restriction
-  end
+  gem 'puppet', *location_for(ENV['PUPPET_VERSION']) if ENV['PUPPET_VERSION']
+  gem 'github_changelog_generator'
+  gem "activesupport"
 end
 group :test do
   gem "rake"
 end
+group :coverage, optional: ENV['COVERAGE'] != 'yes' do
+  gem 'simplecov-console', :require => false
+  gem 'codecov', :require => false
+end

data/README.md CHANGED Viewed

@@ -1,9 +1,12 @@
-Hiera eyaml
-===========
+# Hiera eyaml
-[![Build Status](https://travis-ci.org/voxpupuli/hiera-eyaml.png?branch=master)](https://travis-ci.org/voxpupuli/hiera-eyaml)
-[![Gem Version](https://img.shields.io/gem/v/hiera-eyaml.svg)](https://rubygems.org/gems/hiera-eyaml)
-[![Gem Downloads](https://img.shields.io/gem/dt/hiera-eyaml.svg)](https://rubygems.org/gems/hiera-eyaml)
+[![License](https://img.shields.io/github/license/voxpupuli/hiera-eyaml.svg)](https://github.com/voxpupuli/hiera-eyaml/blob/master/LICENSE)
+[![Test](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/test.yml/badge.svg)](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/test.yml)
+[![codecov](https://codecov.io/gh/voxpupuli/hiera-eyaml/branch/master/graph/badge.svg)](https://codecov.io/gh/voxpupuli/hiera-eyaml)
+[![Release](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/release.yml/badge.svg)](https://github.com/voxpupuli/hiera-eyaml/actions/workflows/release.yml)
+[![RubyGem Version](https://img.shields.io/gem/v/hiera-eyaml.svg)](https://rubygems.org/gems/hiera-eyaml)
+[![RubyGem Downloads](https://img.shields.io/gem/dt/hiera-eyaml.svg)](https://rubygems.org/gems/hiera-eyaml)
 hiera-eyaml is a backend for Hiera that provides per-value encryption of sensitive data within yaml files
 to be used by Puppet.
@@ -187,6 +190,89 @@ file just like any other eyaml string and your done.  If the file is rather
 large, you may wish to use a helper like `xclip` to copy the stdout directly to
 your clipboard.
+### Encrypting multiline values
+The following step-by-step example shows you how to encrypt multiline values.
+- Copy the YAML text below to a file named `multiline_example.eyaml`
+```
+---
+accounts::key_sets:
+  dummy:
+    private: |
+      ---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
+      Comment: "dummy-key-hiera-eyaml-issue-rsa-key-20200911"
+      P2/56wAAANwAAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
+      1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAAjQAAAIkAAAAGJQAAAP93ZtrMIRZutZ/SZUyw
+      JWwyI4YxNvr5tBt9UnSJ7K0+rQAAAQDohO1ykUahsogS+ymM6o9WEmdROJZpWShCqdv8Dj
+      2roQAAAIDG1G8hY90Xlz/YiFhDZLLWAAAAgOzMWTfAlHbJ4AdEhG5uU/EAAACA+1/AlcSr
+      QEPM5xLW0unCsQ==
+      ---- END SSH2 ENCRYPTED PRIVATE KEY ----
+```
+- Use `edit` to ...
+  - replace '|' with '>',
+  - prepend `DEC::PKCS7[` before the first line,
+  - remove all whitespaces used for indentation,
+  - and append `]!` to the last line of the multiline value.
+`eyaml edit multiline_example.eyaml`
+```
+---
+accounts::key_sets:
+  dummy:
+    private: >
+      DEC::PKCS7[---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
+Comment: "dummy-key-hiera-eyaml-issue-rsa-key-20170123"
+P2/56wAAANwAAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
+1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAAjQAAAIkAAAAGJQAAAP93ZtrMIRZutZ/SZUyw
+JWwyI4YxNvr5tBt9UnSJ7K0+rQAAAQDohO1ykUahsogS+ymM6o9WEmdROJZpWShCqdv8Dj
+2roQAAAIDG1G8hY90Xlz/YiFhDZLLWAAAAgOzMWTfAlHbJ4AdEhG5uU/EAAACA+1/AlcSr
+QEPM5xLW0unCsQ==
+---- END SSH2 ENCRYPTED PRIVATE KEY ----]!
+```
+```
+# resulting encrypted file
+---
+accounts::key_sets:
+  dummy:
+    private: >
+      ENC[PKCS7,MIIDTQYJKoZIhvcNAQcDoIIDPjCCAzoCAQAxggEhMIIBHQIBADAFMAACAQEw
+      DQYJKoZIhvcNAQEBBQAEggEAXH7xB1xuzoMAqA/3jSXO0ZUR6+UCb3DsTTj3
+      Lsrcx5oQBnJ/ml7GfBCPxBKfArZunLcnxmSk4hECKXdfgKsVjAa++JQWvtEm
+      HUNTFqvwd76Ku+nMfI9c8g+X+l6obLjzWfJdg3t6Ja7CJKl8UNFtSmbfYKVi
+      nZ0xBubgdY4plLAFcZyD5/A/lNFqwb051TRLbZOIRRfLUlRL7RNkKRC59Aog
+      S5aJXjmqx6vRzFifNK0JFZvYHGD75TiHJ5LFjg4rjgFd43AnK8iNo773ZWP2
+      48Gly5Zx7qVQDCDDi1YBgNFb0NIBQw+kWy7HcPH2REvPnXu/HV2FWvDP3Ond
+      yr2EbTCCAg4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEH+CjZJ1gKfaQIrr
+      N5zef7OAggHgBmRVsfaoiNEOzhmHZ5SxxZztmpBNtLv7mteaSqSL5o0TtKQh
+      SDgxBhaQmlL51+JM1Jsnvqm57ikZhj7Vtek/vr5DhYhWs0AxttH5rNaw0zKU
+      4bMppVu+SNKCtT+2Qw31x/S7gF7yVl+mwmXhq3qAj9ExWRX3d/8/zTuC61Io
+      f+7O6YUOucZ/m/YPrQnC5v7bDSKlIf1aFaKqukjM3QO8FZlAOHGPvRuWV2Om
+      QIgxQE6F8r+bTkW3KiVIx5FEIthRZ90VS3tz/2wjj77svddBhlid9ov/0ard
+      GGVNGsl1BFpLqxC0mpZXz237cL/aM58naqmX52J6YmC0xQM3DNmahWlYx1HV
+      J/Ogk12pOYPLJB/09OuoHPzKC4WfpB9B7wAC6pghRkO/84cOw6rgSdbzze5W
+      WMPvo181Y74BSBKhJDdO3lWYmEcDyx4TEsMUlpxd9PBDcOHqf9qHviXrwGzO
+      oSm2bUV0Fum5ueU+D2vu3mO0yIQ6fwyvDZLBRjfJV7K/PyDz81feWT6+g38t
+      AC27c0h8wk9b7HYfqG28nZE7F13qrhwCKnOaYLglsmbszNpRrBhfo1IHF6oM
+      YZRZrnrGQg5qQcxMsLq37RAfRgkY0rRLs78EEAhkf4NDxw0A/ovt]
+```
+- Output of `eyaml decrypt -f multiline_example.eyaml`:
+```
+---
+accounts::key_sets:
+  dummy:
+    private: |
+  ---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
+  Comment: "dummy-key-hiera-eyaml-issue-rsa-key-20200911"
+  P2/56wAAANwAAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
+  1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAAjQAAAIkAAAAGJQAAAP93ZtrMIRZutZ/SZUyw
+  JWwyI4YxNvr5tBt9UnSJ7K0+rQAAAQDohO1ykUahsogS+ymM6o9WEmdROJZpWShCqdv8Dj
+  2roQAAAIDG1G8hY90Xlz/YiFhDZLLWAAAAgOzMWTfAlHbJ4AdEhG5uU/EAAACA+1/AlcSr
+  QEPM5xLW0unCsQ==
+  ---- END SSH2 ENCRYPTED PRIVATE KEY ----
+```
+  - The output *does NOT* have to be valid YAML for usage with Puppet.
 Hiera
 -----

data/Rakefile CHANGED Viewed

@@ -1,5 +1,35 @@
+begin
+  require 'simplecov'
+  require 'simplecov-console'
+  require 'codecov'
+rescue LoadError
+else
+  SimpleCov.start do
+    track_files 'lib/**/*.rb'
+    add_filter '/spec'
+    enable_coverage :branch
+    # do not track vendored files
+    add_filter '/vendor'
+    add_filter '/.vendor'
+  end
+  SimpleCov.formatters = [
+    SimpleCov::Formatter::Console,
+    SimpleCov::Formatter::Codecov,
+  ]
+end
 require "bundler/gem_tasks"
+# https://cucumber.io/docs/tools/ruby/
+# https://stackoverflow.com/questions/6473419/using-simplecov-to-display-cucumber-code-coverage
+require 'cucumber/rake/task'
+Cucumber::Rake::Task.new(:features) do |t|
+  t.cucumber_opts = "--format progress" # Any valid command line option can go here.
+end
 begin
   require 'github_changelog_generator/task'
   GitHubChangelogGenerator::RakeTask.new :changelog do |config|

data/hiera-eyaml.gemspec CHANGED Viewed

@@ -8,15 +8,18 @@ Gem::Specification.new do |gem|
   gem.version       = Hiera::Backend::Eyaml::VERSION
   gem.description   = "Hiera backend for decrypting encrypted yaml properties"
   gem.summary       = "OpenSSL Encryption backend for Hiera"
-  gem.author        = "Tom Poulton"
+  gem.author        = "Vox Pupuli"
+  gem.email         = "voxpupuli@groups.io"
   gem.license       = "MIT"
-  gem.homepage      = "http://github.com/TomPoulton/hiera-eyaml"
+  gem.homepage      = "https://github.com/voxpupuli/hiera-eyaml/"
   gem.files         = `git ls-files`.split($/).reject { |file| file =~ /^features.*$/ }
   gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
   gem.add_dependency('optimist')
-  gem.add_dependency('highline', '~> 1.6.19')
+  gem.add_dependency('highline')
+  gem.required_ruby_version = '>= 2.5.0', ' < 4'
 end

data/lib/hiera/backend/eyaml/encryptor.rb CHANGED Viewed

@@ -14,7 +14,7 @@ class Hiera
         def self.find encryption_scheme = nil
           encryption_scheme = Eyaml.default_encryption_scheme if encryption_scheme.nil?
-          require "hiera/backend/eyaml/encryptors/#{File.basename encryption_scheme.downcase}"
+          require "hiera/backend/eyaml/encryptors/#{File.basename encryption_scheme.downcase}"
           encryptor_module = Module.const_get('Hiera').const_get('Backend').const_get('Eyaml').const_get('Encryptors')
           encryptor_class = Utils.find_closest_class :parent_class => encryptor_module, :class_name => encryption_scheme
           raise StandardError, "Could not find hiera-eyaml encryptor: #{encryption_scheme}. Try gem install hiera-eyaml-#{encryption_scheme.downcase} ?" if encryptor_class.nil?
@@ -22,14 +22,14 @@ class Hiera
         end
         def self.encode binary_string
-          Base64.encode64(binary_string).strip
+          Base64.strict_encode64(binary_string)
         end
         def self.decode string
           Base64.decode64(string)
         end
-        def self.encrypt *args
+        def self.encrypt *args
           raise StandardError, "encrypt() not defined for encryptor plugin: #{self}"
         end
@@ -80,4 +80,3 @@ class Hiera
     end
   end
 end

data/lib/hiera/backend/eyaml/parser/encrypted_tokens.rb CHANGED Viewed

@@ -4,34 +4,36 @@ require 'hiera/backend/eyaml/encryptor'
 require 'hiera/backend/eyaml'
 require 'base64'
 class Hiera
   module Backend
     module Eyaml
       module Parser
         class EncToken < Token
-          @@tokens_map = Hash.new()
+          @@tokens_map = {}
           @@encrypt_unchanged = true
           attr_reader :format, :cipher, :encryptor, :indentation, :plain_text, :id
           def self.encrypted_value(format, encryption_scheme, cipher, match, indentation = '')
             decryptor = Encryptor.find encryption_scheme
-            plain_text = decryptor.decrypt( decryptor.decode cipher )
+            plain_text = decryptor.decrypt(decryptor.decode(cipher))
             EncToken.new(format, plain_text, decryptor, cipher, match, indentation)
           end
           def self.decrypted_value(format, plain_text, encryption_scheme, match, id, indentation = '')
             encryptor = Encryptor.find encryption_scheme
-            cipher = encryptor.encode( encryptor.encrypt plain_text )
-            id_number = id.nil? ? nil : id.gsub(/\(|\)/, "").to_i
+            cipher = encryptor.encode(encryptor.encrypt(plain_text))
+            id_number = id.nil? ? nil : id.gsub(/\(|\)/, '').to_i
             EncToken.new(format, plain_text, encryptor, cipher, match, indentation, id_number)
           end
           def self.plain_text_value(format, plain_text, encryption_scheme, match, id, indentation = '')
             encryptor = Encryptor.find encryption_scheme
-            id_number = id.gsub(/\(|\)/,"").to_i unless id.nil?
-            EncToken.new(format, plain_text, encryptor, "", match, indentation, id_number)
+            id_number = id.gsub(/\(|\)/, '').to_i unless id.nil?
+            EncToken.new(format, plain_text, encryptor, '', match, indentation, id_number)
           end
           def self.tokens_map
-            return @@tokens_map
+            @@tokens_map
           end
           def self.set_encrypt_unchanged(encrypt_unchanged)
@@ -39,12 +41,12 @@ class Hiera
           end
           def self.encrypt_unchanged
-            return @@encrypt_unchanged
+            @@encrypt_unchanged
           end
           def initialize(format, plain_text, encryptor, cipher, match = '', indentation = '', id = nil)
             @format = format
-            @plain_text = Utils.convert_to_utf_8( plain_text )
+            @plain_text = Utils.convert_to_utf_8(plain_text)
             @encryptor = encryptor
             @cipher = cipher
             @indentation = indentation
@@ -52,69 +54,64 @@ class Hiera
             super(match)
           end
-          def to_encrypted(args={})
+          def to_encrypted(args = {})
             label = args[:label]
             label_string = label.nil? ? '' : "#{label}: "
             format = args[:format].nil? ? @format : args[:format]
             encryption_method = args[:change_encryption]
-            if encryption_method != nil
+            unless encryption_method.nil?
               @encryptor = Encryptor.find encryption_method
-              @cipher = Base64.encode64(@encryptor.encrypt @plain_text).strip
+              @cipher = Base64.strict_encode64(@encryptor.encrypt(@plain_text))
             end
             case format
-              when :block
-                # strip any white space
-                @cipher = @cipher.gsub(/[ \t]/, "")
-                # normalize indentation
-                ciphertext = @cipher.gsub(/[\n\r]/, "\n" + @indentation)
-                chevron = (args[:use_chevron].nil? || args[:use_chevron]) ? ">\n" : ''
-                "#{label_string}#{chevron}" + @indentation + "ENC[#{@encryptor.tag},#{ciphertext}]"
-              when :string
-                ciphertext = @cipher.gsub(/[\n\r]/, "")
-                "#{label_string}ENC[#{@encryptor.tag},#{ciphertext}]"
-              else
-                raise "#{@format} is not a valid format"
+            when :block
+              @cipher = @cipher.gsub(/\s/, '')
+              chevron = args[:use_chevron].nil? || args[:use_chevron] ? ">\n" : ''
+              "#{label_string}#{chevron}" + @indentation + "ENC[#{@encryptor.tag},#{@cipher}]".scan(/.{1,60}/).join("\n" + @indentation)
+            when :string
+              ciphertext = @cipher.gsub(/[\n\r]/, '')
+              "#{label_string}ENC[#{@encryptor.tag},#{ciphertext}]"
+            else
+              raise "#{@format} is not a valid format"
             end
           end
-          def to_decrypted(args={})
+          def to_decrypted(args = {})
             label = args[:label]
             label_string = label.nil? ? '' : "#{label}: "
             format = args[:format].nil? ? @format : args[:format]
             index = args[:index].nil? ? '' : "(#{args[:index]})"
-            if @@encrypt_unchanged == false
-              EncToken.tokens_map[index] = @plain_text
-            end
+            EncToken.tokens_map[index] = @plain_text if @@encrypt_unchanged == false
             case format
-              when :block
-                chevron = (args[:use_chevron].nil? || args[:use_chevron]) ? ">\n" : ''
-                "#{label_string}#{chevron}" + indentation + "DEC#{index}::#{@encryptor.tag}[" + @plain_text + "]!"
-              when :string
-                "#{label_string}DEC#{index}::#{@encryptor.tag}[" + @plain_text + "]!"
-              else
-                raise "#{@format} is not a valid format"
+            when :block
+              chevron = args[:use_chevron].nil? || args[:use_chevron] ? ">\n" : ''
+              "#{label_string}#{chevron}" + indentation + "DEC#{index}::#{@encryptor.tag}[" + @plain_text + ']!'
+            when :string
+              "#{label_string}DEC#{index}::#{@encryptor.tag}[" + @plain_text + ']!'
+            else
+              raise "#{@format} is not a valid format"
             end
           end
           def to_plain_text
             @plain_text
           end
         end
         class EncTokenType < TokenType
           def create_enc_token(match, type, enc_comma, cipher, indentation = '')
-            encryption_scheme = enc_comma.nil? ? Eyaml.default_encryption_scheme : enc_comma.split(",").first
+            encryption_scheme = enc_comma.nil? ? Eyaml.default_encryption_scheme : enc_comma.split(',').first
             EncToken.encrypted_value(type, encryption_scheme, cipher, match, indentation)
           end
         end
         class EncHieraTokenType < EncTokenType
           def initialize
-            @regex = /ENC\[(\w+,)?([a-zA-Z0-9\+\/ =\n]+?)\]/
-            @string_token_type = EncStringTokenType.new()
+            @regex = %r{ENC\[(\w+,)?([a-zA-Z0-9+/ =\n]+?)\]}
+            @string_token_type = EncStringTokenType.new
           end
           def create_token(string)
             @string_token_type.create_token(string.gsub(/\s/, ''))
           end
@@ -122,58 +119,55 @@ class Hiera
         class EncStringTokenType < EncTokenType
           def initialize
-            @regex = /ENC\[(\w+,)?([a-zA-Z0-9\+\/=]+?)\]/
+            @regex = %r{ENC\[(\w+,)?([a-zA-Z0-9+/=]+?)\]}
           end
           def create_token(string)
             md = @regex.match(string)
-            self.create_enc_token(string, :string, md[1], md[2])
+            create_enc_token(string, :string, md[1], md[2])
           end
         end
         class EncBlockTokenType < EncTokenType
           def initialize
-            @regex = />\n(\s*)ENC\[(\w+,)?([a-zA-Z0-9\+\/=\s]+?)\]/
+            @regex = %r{>\n(\s*)ENC\[(\w+,)?([a-zA-Z0-9+/=\s]+?)\]}
           end
           def create_token(string)
             md = @regex.match(string)
-            self.create_enc_token(string, :block, md[2], md[3], md[1])
+            create_enc_token(string, :block, md[2], md[3], md[1])
           end
         end
         class DecStringTokenType < TokenType
           def initialize
-            @regex = /DEC(\(\d+\))?::(\w+)\[(.+?)\]\!/m
+            @regex = /DEC(\(\d+\))?::(\w+)\[(.+?)\]!/m
           end
           def create_token(string)
             md = @regex.match(string)
-            if (EncToken.encrypt_unchanged == false)
-              unless md[1].nil?
-                if md[3] == EncToken.tokens_map[md[1]]
-                  return EncToken.plain_text_value(:string, md[3], md[2], string, md[1])
-                end
-              end
+            if EncToken.encrypt_unchanged == false && !md[1].nil? && (md[3] == EncToken.tokens_map[md[1]])
+              return EncToken.plain_text_value(:string, md[3], md[2], string, md[1])
             end
             EncToken.decrypted_value(:string, md[3], md[2], string, md[1])
           end
         end
         class DecBlockTokenType < TokenType
           def initialize
-            @regex = />\n(\s*)DEC(\(\d+\))?::(\w+)\[(.+?)\]\!/m
+            @regex = />\n(\s*)DEC(\(\d+\))?::(\w+)\[(.+?)\]!/m
           end
           def create_token(string)
             md = @regex.match(string)
-            if (EncToken.encrypt_unchanged == false)
-              unless md[2].nil?
-                if md[4] == EncToken.tokens_map[md[2]]
-                  return EncToken.plain_text_value(:string, md[4], md[3], string, md[2])
-                end
-              end
+            if EncToken.encrypt_unchanged == false && !md[2].nil? && (md[4] == EncToken.tokens_map[md[2]])
+              return EncToken.plain_text_value(:string, md[4], md[3], string, md[2])
             end
             EncToken.decrypted_value(:block, md[4], md[3], string, md[2], md[1])
           end
         end
       end
     end
   end

data/lib/hiera/backend/eyaml/plugins.rb CHANGED Viewed

@@ -25,20 +25,22 @@ class Hiera
         def self.find
+          gem_version = Gem::Version.new(Gem::VERSION)
           this_version = Gem::Version.create(Hiera::Backend::Eyaml::VERSION)
-          index = Gem::VERSION >= "1.8.0" ? Gem::Specification : Gem.source_index
+          index = gem_version >= Gem::Version.new("1.8.0") ? Gem::Specification : Gem.source_index
           [index].flatten.each do |source|
-            specs = Gem::VERSION >= "1.6.0" ? source.latest_specs(true) : source.latest_specs
+            specs = gem_version >= Gem::Version.new("1.6.0") ? source.latest_specs(true) : source.latest_specs
             specs.each do |spec|
+              spec = spec.to_spec if spec.respond_to?(:to_spec)
               next if @@plugins.include? spec
               dependency = spec.dependencies.find { |d| d.name == "hiera-eyaml" }
               next if dependency && !dependency.requirement.satisfied_by?( this_version )
               file = nil
-              if Gem::VERSION >= "1.8.0"
+              if gem_version >= Gem::Version.new("1.8.0")
                 file = spec.matches_for_glob("**/eyaml_init.rb").first
               else
                 file = Gem.searcher.matching_files(spec, "**/eyaml_init.rb").first

data/lib/hiera/backend/eyaml/subcommands/encrypt.rb CHANGED Viewed

@@ -11,12 +11,12 @@ class Hiera
         class Encrypt < Subcommand
           def self.options
-            [{:name => :password,
-              :description => "Source input is a password entered on the terminal",
+            [{:name => :password,
+              :description => "Source input is a password entered on the terminal",
               :short => 'p'},
              {:name => :string,
               :description => "Source input is a string provided as an argument",
-              :short => 's',
+              :short => 's',
               :type => :string},
              {:name => :file,
               :description => "Source input is a regular file",
@@ -78,7 +78,7 @@ class Hiera
               else
                 encryptor = Encryptor.find
                 ciphertext = encryptor.encode( encryptor.encrypt(Eyaml::Options[:input_data]) )
-                token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, '    ')
+                token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, '  ')
                 case Eyaml::Options[:output]
                   when "block"
                     token.to_encrypted :label => Eyaml::Options[:label], :use_chevron => !Eyaml::Options[:label].nil?, :format => :block

data/lib/hiera/backend/eyaml.rb CHANGED Viewed

@@ -2,7 +2,7 @@ class Hiera
   module Backend
     module Eyaml
-      VERSION = "3.2.0"
+      VERSION = "3.3.0"
       DESCRIPTION = "Hiera-eyaml is a backend for Hiera which provides OpenSSL encryption/decryption for Hiera properties"
       class RecoverableError < StandardError

data/lib/hiera/backend/eyaml_backend.rb CHANGED Viewed

@@ -99,7 +99,7 @@ class Hiera
       end
       def encrypted?(data)
-        /.*ENC\[.*?\]/ =~ data ? true : false
+        /.*ENC\[.*\]/ =~ data ? true : false
       end
       def parse_answer(data, scope, extra_data={})

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hiera-eyaml
 version: !ruby/object:Gem::Version
-  version: 3.2.0
+  version: 3.3.0
 platform: ruby
 authors:
-- Tom Poulton
+- Vox Pupuli
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-01-31 00:00:00.000000000 Z
+date: 2022-05-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: optimist
@@ -28,25 +28,26 @@ dependencies:
   name: highline
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.19
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.19
+        version: '0'
 description: Hiera backend for decrypting encrypted yaml properties
-email:
+email: voxpupuli@groups.io
 executables:
 - eyaml
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/release.yml"
+- ".github/workflows/test.yml"
 - ".gitignore"
-- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - HISTORY.md
@@ -86,7 +87,7 @@ files:
 - sublime_text/eyaml.syntax_definition.json
 - tools/git_tag_release.rb
 - tools/regem.sh
-homepage: http://github.com/TomPoulton/hiera-eyaml
+homepage: https://github.com/voxpupuli/hiera-eyaml/
 licenses:
 - MIT
 metadata: {}
@@ -98,14 +99,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.0
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: OpenSSL Encryption backend for Hiera

data/.travis.yml DELETED Viewed

@@ -1,45 +0,0 @@
----
-dist: trusty
-language: ruby
-cache: bundler
-sudo: false
-before_install:
-  - bundle -v
-  - rm Gemfile.lock || true
-  - gem update --system $RUBYGEMS_VERSION
-  - gem update bundler
-  - gem --version
-  - bundle -v
-addons:
-  apt:
-    packages:
-      - expect
-script:
-  bundle exec cucumber -f progress
-matrix:
-  include:
-    - rvm: 2.1.9
-      env: PUPPET_VERSION="~> 4.0" RUBYGEMS_VERSION=2.7.8
-    - rvm: 2.4.2
-      env: PUPPET_VERSION="~> 5.0"
-    - rvm: 2.5.7
-      env: PUPPET_VERSION="~> 6.0"
-notifications:
-  email: false
-  irc:
-    on_success: always
-    on_failure: always
-    channels:
-      - "chat.freenode.org#voxpupuli-notifications"
-branches:
-  only:
-    - master
-    - /^v\d/
-deploy:
-  provider: rubygems
-  api_key:
-    secure: 'W6a8A3KfxNydnbK4qhpL4S4KBUnadw8eGr1s8vqeOc8gXlc/qkj/DET9jWpgaEsdnEN/ALJL0WEksYJCHDpdeJv1qKaidFg5dC5l+qZ5gdVHRoKKVFkVlt8WDHe5UdP+bI2vUHWQ/1c04P92+jU9SJ0afTU1xUFn4d3AWCgwmdk='
-  gem: hiera-eyaml
-  on:
-    tags: true
-    repo: voxpupuli/hiera-eyaml