hiera-eyaml 3.4.0 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/release.yml +2 -2
- data/.github/workflows/test.yml +18 -28
- data/.rubocop.yml +8 -0
- data/.rubocop_todo.yml +416 -0
- data/CHANGELOG.md +33 -1
- data/Gemfile +13 -14
- data/README.md +32 -8
- data/Rakefile +11 -4
- data/hiera-eyaml.gemspec +17 -15
- data/lib/hiera/backend/eyaml/CLI.rb +12 -19
- data/lib/hiera/backend/eyaml/commands.rb +2 -6
- data/lib/hiera/backend/eyaml/edithelper.rb +24 -19
- data/lib/hiera/backend/eyaml/encrypthelper.rb +17 -19
- data/lib/hiera/backend/eyaml/encryptor.rb +40 -43
- data/lib/hiera/backend/eyaml/encryptors/pkcs7.rb +79 -105
- data/lib/hiera/backend/eyaml/highlinehelper.rb +3 -5
- data/lib/hiera/backend/eyaml/logginghelper.rb +27 -29
- data/lib/hiera/backend/eyaml/options.rb +13 -16
- data/lib/hiera/backend/eyaml/parser/encrypted_tokens.rb +2 -2
- data/lib/hiera/backend/eyaml/parser/parser.rb +35 -36
- data/lib/hiera/backend/eyaml/parser/token.rb +15 -6
- data/lib/hiera/backend/eyaml/plugins.rb +13 -18
- data/lib/hiera/backend/eyaml/subcommand.rb +72 -74
- data/lib/hiera/backend/eyaml/subcommands/createkeys.rb +2 -6
- data/lib/hiera/backend/eyaml/subcommands/decrypt.rb +52 -52
- data/lib/hiera/backend/eyaml/subcommands/edit.rb +57 -58
- data/lib/hiera/backend/eyaml/subcommands/encrypt.rb +65 -69
- data/lib/hiera/backend/eyaml/subcommands/help.rb +17 -22
- data/lib/hiera/backend/eyaml/subcommands/recrypt.rb +13 -20
- data/lib/hiera/backend/eyaml/subcommands/unknown_command.rb +10 -14
- data/lib/hiera/backend/eyaml/subcommands/version.rb +4 -9
- data/lib/hiera/backend/eyaml/utils.rb +27 -28
- data/lib/hiera/backend/eyaml.rb +7 -9
- data/lib/hiera/backend/eyaml_backend.rb +33 -27
- metadata +62 -14
- data/tools/git_tag_release.rb +0 -98
- data/tools/regem.sh +0 -11
|
@@ -9,24 +9,21 @@ class Hiera
|
|
|
9
9
|
module Backend
|
|
10
10
|
module Eyaml
|
|
11
11
|
module Subcommands
|
|
12
|
-
|
|
13
12
|
class Edit < Subcommand
|
|
14
|
-
|
|
15
13
|
def self.options
|
|
16
|
-
[{ :
|
|
17
|
-
:
|
|
18
|
-
{:
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
]
|
|
14
|
+
[{ name: :no_preamble,
|
|
15
|
+
description: "Don't prefix edit sessions with the informative preamble", },
|
|
16
|
+
{ name: :no_decrypt,
|
|
17
|
+
short: '-d',
|
|
18
|
+
description: 'Do not decrypt existing encrypted content. New content marked properly will be encrypted.', },]
|
|
22
19
|
end
|
|
23
20
|
|
|
24
21
|
def self.description
|
|
25
|
-
|
|
22
|
+
'edit an eyaml file'
|
|
26
23
|
end
|
|
27
24
|
|
|
28
25
|
def self.helptext
|
|
29
|
-
|
|
26
|
+
'Usage: eyaml edit [options] <some-eyaml-file>'
|
|
30
27
|
end
|
|
31
28
|
|
|
32
29
|
def self.prefix
|
|
@@ -34,40 +31,40 @@ class Hiera
|
|
|
34
31
|
end
|
|
35
32
|
|
|
36
33
|
def self.preamble
|
|
37
|
-
tags = ([
|
|
38
|
-
plugin.name.split(
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
preamble =
|
|
42
|
-
This is eyaml edit mode. This text (lines starting with #{
|
|
43
|
-
the file) will be removed when you save and exit.
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
preamble.gsub(/^/, "#{
|
|
34
|
+
tags = (['pkcs7'] + Plugins.plugins.collect do |plugin|
|
|
35
|
+
plugin.name.split('hiera-eyaml-').last
|
|
36
|
+
end).collect { |name| Encryptor.find(name).tag }
|
|
37
|
+
|
|
38
|
+
preamble = <<~EOS
|
|
39
|
+
This is eyaml edit mode. This text (lines starting with #{prefix} at the top of
|
|
40
|
+
the file) will be removed when you save and exit.
|
|
41
|
+
- To edit encrypted values, change the content of the DEC(<num>)::PKCS7[]!
|
|
42
|
+
block#{(tags.size > 1) ? " (or #{tags.drop(1).collect { |tag| "DEC(<num>)::#{tag}[]!" }.join(' or ')})." : '.'}
|
|
43
|
+
WARNING: DO NOT change the number in the parentheses.
|
|
44
|
+
- To add a new encrypted value copy and paste a new block from the
|
|
45
|
+
appropriate example below. Note that:
|
|
46
|
+
* the text to encrypt goes in the square brackets
|
|
47
|
+
* ensure you include the exclamation mark when you copy and paste
|
|
48
|
+
* you must not include a number when adding a new block
|
|
49
|
+
e.g. #{tags.collect { |tag| "DEC::#{tag}[]!" }.join(' -or- ')}
|
|
50
|
+
EOS
|
|
51
|
+
|
|
52
|
+
preamble.gsub(/^/, "#{prefix} ")
|
|
56
53
|
end
|
|
57
54
|
|
|
58
|
-
def self.validate
|
|
59
|
-
Optimist
|
|
55
|
+
def self.validate(options)
|
|
56
|
+
Optimist.die 'You must specify an eyaml file' if ARGV.empty?
|
|
60
57
|
options[:source] = :eyaml
|
|
61
58
|
options[:eyaml] = ARGV.shift
|
|
62
59
|
if File.exist? options[:eyaml]
|
|
63
60
|
begin
|
|
64
61
|
options[:input_data] = File.read options[:eyaml]
|
|
65
|
-
rescue
|
|
62
|
+
rescue StandardError
|
|
66
63
|
raise StandardError, "Could not open file for reading: #{options[:eyaml]}"
|
|
67
64
|
end
|
|
68
65
|
else
|
|
69
66
|
LoggingHelper.info "#{options[:eyaml]} doesn't exist, editing new file"
|
|
70
|
-
options[:input_data] =
|
|
67
|
+
options[:input_data] = '---'
|
|
71
68
|
end
|
|
72
69
|
options
|
|
73
70
|
end
|
|
@@ -80,42 +77,48 @@ eos
|
|
|
80
77
|
# The 'no_' option has special handling - bypass that and just check if a flag was set.
|
|
81
78
|
if Eyaml::Options[:no_decrypt_given]
|
|
82
79
|
decrypted_input = Eyaml::Options[:input_data]
|
|
83
|
-
decrypted_file_content = Eyaml::Options[:no_preamble] ? decrypted_input : (
|
|
80
|
+
decrypted_file_content = Eyaml::Options[:no_preamble] ? decrypted_input : (preamble + decrypted_input)
|
|
84
81
|
else
|
|
85
82
|
encrypted_parser = Parser::ParserFactory.encrypted_parser
|
|
86
83
|
tokens = encrypted_parser.parse Eyaml::Options[:input_data]
|
|
87
|
-
decrypted_input = tokens.each_with_index.to_a.map{|(t,index)| t.to_decrypted :index
|
|
88
|
-
decrypted_file_content = Eyaml::Options[:no_preamble] ? decrypted_input : (
|
|
84
|
+
decrypted_input = tokens.each_with_index.to_a.map { |(t, index)| t.to_decrypted index: index }.join
|
|
85
|
+
decrypted_file_content = Eyaml::Options[:no_preamble] ? decrypted_input : (preamble + decrypted_input)
|
|
89
86
|
end
|
|
90
87
|
|
|
91
88
|
begin
|
|
92
|
-
decrypted_file
|
|
89
|
+
decrypted_file ||= EditHelper.write_tempfile decrypted_file_content
|
|
93
90
|
system "#{editor} \"#{decrypted_file}\""
|
|
94
91
|
status = $?
|
|
95
92
|
|
|
96
|
-
raise StandardError,
|
|
93
|
+
raise StandardError, 'File was moved by editor' unless File.file? decrypted_file
|
|
94
|
+
|
|
97
95
|
raw_edited_file = File.read decrypted_file
|
|
98
96
|
# strip comments at start of file
|
|
99
|
-
edited_file = raw_edited_file.split(
|
|
97
|
+
edited_file = raw_edited_file.split($/, -1).drop_while { |line| line.start_with?(prefix) }.join($/)
|
|
100
98
|
|
|
101
99
|
raise StandardError, "Editor #{editor} has not exited?" unless status.exited?
|
|
102
|
-
|
|
103
|
-
|
|
100
|
+
|
|
101
|
+
unless status.exitstatus == 0
|
|
102
|
+
raise StandardError,
|
|
103
|
+
"Editor did not exit successfully (exit code #{status.exitstatus}), aborting"
|
|
104
|
+
end
|
|
105
|
+
raise StandardError, 'Edited file is blank' if edited_file.empty?
|
|
104
106
|
|
|
105
107
|
if edited_file == decrypted_input
|
|
106
|
-
LoggingHelper.info
|
|
108
|
+
LoggingHelper.info 'No changes detected, exiting'
|
|
107
109
|
else
|
|
108
110
|
decrypted_parser = Parser::ParserFactory.decrypted_parser
|
|
109
111
|
edited_tokens = decrypted_parser.parse(edited_file)
|
|
110
112
|
|
|
111
113
|
# check that the tokens haven't been copy / pasted
|
|
112
|
-
used_ids = edited_tokens.find_all{ |t| t.class.name =~ /::EncToken$/ and !t.id.nil? }.map{ |t| t.id }
|
|
114
|
+
used_ids = edited_tokens.find_all { |t| t.class.name =~ /::EncToken$/ and !t.id.nil? }.map { |t| t.id }
|
|
113
115
|
if used_ids.length != used_ids.uniq.length
|
|
114
|
-
|
|
116
|
+
raise RecoverableError,
|
|
117
|
+
"A duplicate DEC(ID) was found so I don't know how to proceed. This is probably because you copy and pasted a value - if you do this please delete the ID and parentheses"
|
|
115
118
|
end
|
|
116
119
|
|
|
117
120
|
# replace untouched values with the source values
|
|
118
|
-
edited_denoised_tokens = edited_tokens.map
|
|
121
|
+
edited_denoised_tokens = edited_tokens.map do |token|
|
|
119
122
|
if token.class.name =~ /::EncToken$/ && !token.id.nil?
|
|
120
123
|
old_token = tokens[token.id]
|
|
121
124
|
if old_token.plain_text.eql? token.plain_text
|
|
@@ -126,31 +129,27 @@ eos
|
|
|
126
129
|
else
|
|
127
130
|
token
|
|
128
131
|
end
|
|
129
|
-
|
|
132
|
+
end
|
|
130
133
|
|
|
131
|
-
encrypted_output = edited_denoised_tokens.map{ |t| t.to_encrypted }.join
|
|
134
|
+
encrypted_output = edited_denoised_tokens.map { |t| t.to_encrypted }.join
|
|
132
135
|
|
|
133
136
|
filename = Eyaml::Options[:eyaml]
|
|
134
|
-
File.
|
|
135
|
-
file.write encrypted_output
|
|
136
|
-
}
|
|
137
|
+
File.write("#{filename}", encrypted_output)
|
|
137
138
|
end
|
|
138
139
|
rescue RecoverableError => e
|
|
139
140
|
LoggingHelper.info e
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
raise e
|
|
144
|
-
end
|
|
141
|
+
raise e unless agree 'Return to the editor to try again?'
|
|
142
|
+
|
|
143
|
+
retry
|
|
145
144
|
ensure
|
|
146
|
-
EditHelper.secure_file_delete :
|
|
145
|
+
EditHelper.secure_file_delete file: decrypted_file,
|
|
146
|
+
num_bytes: [edited_file.length,
|
|
147
|
+
decrypted_input.length,].max
|
|
147
148
|
end
|
|
148
149
|
|
|
149
150
|
nil
|
|
150
151
|
end
|
|
151
|
-
|
|
152
152
|
end
|
|
153
|
-
|
|
154
153
|
end
|
|
155
154
|
end
|
|
156
155
|
end
|
|
@@ -7,94 +7,90 @@ class Hiera
|
|
|
7
7
|
module Backend
|
|
8
8
|
module Eyaml
|
|
9
9
|
module Subcommands
|
|
10
|
-
|
|
11
10
|
class Encrypt < Subcommand
|
|
12
|
-
|
|
13
11
|
def self.options
|
|
14
|
-
[{:
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
{:
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
{:
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
{:
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
{:
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
{:
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
{:
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
]
|
|
12
|
+
[{ name: :password,
|
|
13
|
+
description: 'Source input is a password entered on the terminal',
|
|
14
|
+
short: 'p', },
|
|
15
|
+
{ name: :string,
|
|
16
|
+
description: 'Source input is a string provided as an argument',
|
|
17
|
+
short: 's',
|
|
18
|
+
type: :string, },
|
|
19
|
+
{ name: :file,
|
|
20
|
+
description: 'Source input is a regular file',
|
|
21
|
+
short: 'f',
|
|
22
|
+
type: :string, },
|
|
23
|
+
{ name: :stdin,
|
|
24
|
+
description: 'Source input is taken from stdin',
|
|
25
|
+
short: :none, },
|
|
26
|
+
{ name: :eyaml,
|
|
27
|
+
description: 'Source input is an eyaml file',
|
|
28
|
+
short: 'e',
|
|
29
|
+
type: :string, },
|
|
30
|
+
{ name: :output,
|
|
31
|
+
description: 'Output format of final result (examples, block, string)',
|
|
32
|
+
type: :string,
|
|
33
|
+
short: 'o',
|
|
34
|
+
default: 'examples', },
|
|
35
|
+
{ name: :label,
|
|
36
|
+
description: 'Apply a label to the encrypted result',
|
|
37
|
+
short: 'l',
|
|
38
|
+
type: :string, },]
|
|
42
39
|
end
|
|
43
40
|
|
|
44
41
|
def self.description
|
|
45
|
-
|
|
42
|
+
'encrypt some data'
|
|
46
43
|
end
|
|
47
44
|
|
|
48
|
-
def self.validate
|
|
49
|
-
sources = [
|
|
50
|
-
Optimist
|
|
51
|
-
Optimist
|
|
45
|
+
def self.validate(options)
|
|
46
|
+
sources = %i[password string file stdin eyaml].collect { |x| x if options[x] }.compact
|
|
47
|
+
Optimist.die 'You must specify a source' if sources.count.zero?
|
|
48
|
+
Optimist.die "You can only specify one of (#{sources.join(', ')})" if sources.count > 1
|
|
52
49
|
options[:source] = sources.first
|
|
53
50
|
|
|
54
51
|
options[:input_data] = case options[:source]
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
52
|
+
when :password
|
|
53
|
+
require 'hiera/backend/eyaml/highlinehelper'
|
|
54
|
+
HighlineHelper.read_password
|
|
55
|
+
when :string
|
|
56
|
+
options[:string]
|
|
57
|
+
when :file
|
|
58
|
+
File.read options[:file]
|
|
59
|
+
when :stdin
|
|
60
|
+
STDIN.read
|
|
61
|
+
when :eyaml
|
|
62
|
+
File.read options[:eyaml]
|
|
63
|
+
end
|
|
67
64
|
options
|
|
68
|
-
|
|
69
65
|
end
|
|
70
66
|
|
|
71
67
|
def self.execute
|
|
72
68
|
case Eyaml::Options[:source]
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
69
|
+
when :eyaml
|
|
70
|
+
parser = Parser::ParserFactory.decrypted_parser
|
|
71
|
+
tokens = parser.parse(Eyaml::Options[:input_data])
|
|
72
|
+
encrypted = tokens.map { |token| token.to_encrypted }
|
|
73
|
+
encrypted.join
|
|
74
|
+
else
|
|
75
|
+
encryptor = Encryptor.find
|
|
76
|
+
ciphertext = encryptor.encode(encryptor.encrypt(Eyaml::Options[:input_data]))
|
|
77
|
+
token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, ' ')
|
|
78
|
+
case Eyaml::Options[:output]
|
|
79
|
+
when 'block'
|
|
80
|
+
token.to_encrypted label: Eyaml::Options[:label], use_chevron: !Eyaml::Options[:label].nil?,
|
|
81
|
+
format: :block
|
|
82
|
+
when 'string'
|
|
83
|
+
token.to_encrypted label: Eyaml::Options[:label], format: :string
|
|
84
|
+
when 'examples'
|
|
85
|
+
string = token.to_encrypted label: Eyaml::Options[:label] || 'string', format: :string
|
|
86
|
+
block = token.to_encrypted label: Eyaml::Options[:label] || 'block', format: :block
|
|
87
|
+
"#{string}\n\nOR\n\n#{block}"
|
|
78
88
|
else
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
token = Parser::EncToken.new(:block, Eyaml::Options[:input_data], encryptor, ciphertext, nil, ' ')
|
|
82
|
-
case Eyaml::Options[:output]
|
|
83
|
-
when "block"
|
|
84
|
-
token.to_encrypted :label => Eyaml::Options[:label], :use_chevron => !Eyaml::Options[:label].nil?, :format => :block
|
|
85
|
-
when "string"
|
|
86
|
-
token.to_encrypted :label => Eyaml::Options[:label], :format => :string
|
|
87
|
-
when "examples"
|
|
88
|
-
string = token.to_encrypted :label => Eyaml::Options[:label] || 'string', :format => :string
|
|
89
|
-
block = token.to_encrypted :label => Eyaml::Options[:label] || 'block', :format => :block
|
|
90
|
-
"#{string}\n\nOR\n\n#{block}"
|
|
91
|
-
else
|
|
92
|
-
token.to_encrypted :format => :string
|
|
93
|
-
end
|
|
89
|
+
token.to_encrypted format: :string
|
|
90
|
+
end
|
|
94
91
|
end
|
|
95
92
|
end
|
|
96
93
|
end
|
|
97
|
-
|
|
98
94
|
end
|
|
99
95
|
end
|
|
100
96
|
end
|
|
@@ -5,47 +5,42 @@ class Hiera
|
|
|
5
5
|
module Backend
|
|
6
6
|
module Eyaml
|
|
7
7
|
module Subcommands
|
|
8
|
-
|
|
9
8
|
class Help < Subcommand
|
|
10
|
-
|
|
11
9
|
def self.options
|
|
12
10
|
[]
|
|
13
11
|
end
|
|
14
12
|
|
|
15
13
|
def self.description
|
|
16
|
-
|
|
14
|
+
'this page'
|
|
17
15
|
end
|
|
18
16
|
|
|
19
17
|
def self.execute
|
|
18
|
+
puts <<~EOS
|
|
19
|
+
Welcome to eyaml #{Eyaml::VERSION}#{' '}
|
|
20
20
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
Usage:
|
|
25
|
-
eyaml subcommand [global-opts] [subcommand-opts]
|
|
21
|
+
Usage:
|
|
22
|
+
eyaml subcommand [global-opts] [subcommand-opts]
|
|
26
23
|
|
|
27
|
-
Available subcommands:
|
|
28
|
-
#{Eyaml.subcommands.collect
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
24
|
+
Available subcommands:
|
|
25
|
+
#{Eyaml.subcommands.collect do |command|
|
|
26
|
+
command_class = Subcommands.const_get(Utils.camelcase(command))
|
|
27
|
+
format '%15s: %-65s', command.downcase, command_class.description unless command_class.hidden?
|
|
28
|
+
end.compact.join("\n")}
|
|
32
29
|
|
|
33
|
-
For more help on an individual command, use --help on that command
|
|
30
|
+
For more help on an individual command, use --help on that command
|
|
34
31
|
|
|
35
|
-
Installed Plugins:
|
|
36
|
-
#{Plugins.plugins.collect
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
EOS
|
|
32
|
+
Installed Plugins:
|
|
33
|
+
#{Plugins.plugins.collect do |plugin| # {' '}
|
|
34
|
+
"\t" + plugin.name.split('hiera-eyaml-').last
|
|
35
|
+
end.join("\n")}
|
|
36
|
+
EOS
|
|
40
37
|
end
|
|
41
38
|
|
|
42
39
|
def self.hidden?
|
|
43
40
|
true
|
|
44
41
|
end
|
|
45
|
-
|
|
46
42
|
end
|
|
47
|
-
|
|
48
43
|
end
|
|
49
44
|
end
|
|
50
45
|
end
|
|
51
|
-
end
|
|
46
|
+
end
|
|
@@ -6,28 +6,26 @@ class Hiera
|
|
|
6
6
|
module Backend
|
|
7
7
|
module Eyaml
|
|
8
8
|
module Subcommands
|
|
9
|
-
|
|
10
9
|
class Recrypt < Subcommand
|
|
11
|
-
|
|
12
10
|
def self.options
|
|
13
11
|
[
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
12
|
+
{ name: :change_encryption,
|
|
13
|
+
description: 'Specify the new encryption method that should be used for the file',
|
|
14
|
+
short: 'd',
|
|
15
|
+
default: 'pkcs7', },
|
|
16
|
+
]
|
|
19
17
|
end
|
|
20
18
|
|
|
21
19
|
def self.description
|
|
22
|
-
|
|
20
|
+
'recrypt an eyaml file'
|
|
23
21
|
end
|
|
24
22
|
|
|
25
23
|
def self.helptext
|
|
26
|
-
|
|
24
|
+
'Usage: eyaml recrypt [options] <some-eyaml-file>'
|
|
27
25
|
end
|
|
28
26
|
|
|
29
|
-
def self.validate
|
|
30
|
-
Optimist
|
|
27
|
+
def self.validate(options)
|
|
28
|
+
Optimist.die 'You must specify an eyaml file' if ARGV.empty?
|
|
31
29
|
options[:source] = :eyaml
|
|
32
30
|
options[:eyaml] = ARGV.shift
|
|
33
31
|
options[:input_data] = File.read options[:eyaml]
|
|
@@ -35,27 +33,22 @@ class Hiera
|
|
|
35
33
|
options
|
|
36
34
|
end
|
|
37
35
|
|
|
38
|
-
def self.execute
|
|
39
|
-
|
|
36
|
+
def self.execute
|
|
40
37
|
encrypted_parser = Parser::ParserFactory.encrypted_parser
|
|
41
38
|
tokens = encrypted_parser.parse Eyaml::Options[:input_data]
|
|
42
|
-
decrypted_input = tokens.each_with_index.to_a.map{|(t,index)| t.to_decrypted :index
|
|
39
|
+
decrypted_input = tokens.each_with_index.to_a.map { |(t, index)| t.to_decrypted index: index }.join
|
|
43
40
|
|
|
44
41
|
decrypted_parser = Parser::ParserFactory.decrypted_parser
|
|
45
42
|
edited_tokens = decrypted_parser.parse(decrypted_input)
|
|
46
43
|
|
|
47
|
-
encrypted_output = edited_tokens.map{ |t| t.to_encrypted({:
|
|
44
|
+
encrypted_output = edited_tokens.map { |t| t.to_encrypted({ change_encryption: @change_encryption }) }.join
|
|
48
45
|
|
|
49
46
|
filename = Eyaml::Options[:eyaml]
|
|
50
|
-
File.
|
|
51
|
-
file.write encrypted_output
|
|
52
|
-
}
|
|
47
|
+
File.write("#{filename}", encrypted_output)
|
|
53
48
|
|
|
54
49
|
nil
|
|
55
50
|
end
|
|
56
|
-
|
|
57
51
|
end
|
|
58
|
-
|
|
59
52
|
end
|
|
60
53
|
end
|
|
61
54
|
end
|
|
@@ -4,14 +4,12 @@ class Hiera
|
|
|
4
4
|
module Backend
|
|
5
5
|
module Eyaml
|
|
6
6
|
module Subcommands
|
|
7
|
-
|
|
8
7
|
class UnknownCommand < Eyaml::Subcommand
|
|
9
|
-
|
|
10
8
|
class << self
|
|
11
9
|
attr_accessor :original_command
|
|
12
10
|
end
|
|
13
11
|
|
|
14
|
-
@@original_command =
|
|
12
|
+
@@original_command = 'unknown'
|
|
15
13
|
|
|
16
14
|
def self.options
|
|
17
15
|
[]
|
|
@@ -23,25 +21,23 @@ class Hiera
|
|
|
23
21
|
|
|
24
22
|
def self.execute
|
|
25
23
|
subcommands = Eyaml.subcommands
|
|
26
|
-
puts
|
|
27
|
-
Unknown subcommand#{
|
|
24
|
+
puts <<~EOS
|
|
25
|
+
Unknown subcommand#{': ' + Eyaml.subcommand if Eyaml.subcommand}
|
|
28
26
|
|
|
29
|
-
Usage: eyaml <subcommand>
|
|
27
|
+
Usage: eyaml <subcommand>
|
|
30
28
|
|
|
31
|
-
Please use one of the following subcommands or help for more help:
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
EOS
|
|
29
|
+
Please use one of the following subcommands or help for more help:
|
|
30
|
+
#{Eyaml.subcommands.sort.collect do |command|
|
|
31
|
+
command_class = Subcommands.const_get(Utils.camelcase(command))
|
|
32
|
+
command unless command_class.hidden?
|
|
33
|
+
end.compact.join(', ')}
|
|
34
|
+
EOS
|
|
37
35
|
end
|
|
38
36
|
|
|
39
37
|
def self.hidden?
|
|
40
38
|
true
|
|
41
39
|
end
|
|
42
|
-
|
|
43
40
|
end
|
|
44
|
-
|
|
45
41
|
end
|
|
46
42
|
end
|
|
47
43
|
end
|
|
@@ -5,15 +5,13 @@ class Hiera
|
|
|
5
5
|
module Backend
|
|
6
6
|
module Eyaml
|
|
7
7
|
module Subcommands
|
|
8
|
-
|
|
9
8
|
class Version < Subcommand
|
|
10
|
-
|
|
11
9
|
def self.options
|
|
12
10
|
[]
|
|
13
11
|
end
|
|
14
12
|
|
|
15
13
|
def self.description
|
|
16
|
-
|
|
14
|
+
'show version information'
|
|
17
15
|
end
|
|
18
16
|
|
|
19
17
|
def self.execute
|
|
@@ -22,21 +20,18 @@ class Hiera
|
|
|
22
20
|
Eyaml::LoggingHelper.info "hiera-eyaml (core): #{Eyaml::VERSION}"
|
|
23
21
|
|
|
24
22
|
Plugins.plugins.each do |plugin|
|
|
25
|
-
plugin_shortname = plugin.name.split(
|
|
23
|
+
plugin_shortname = plugin.name.split('hiera-eyaml-').last
|
|
26
24
|
plugin_version = begin
|
|
27
25
|
Encryptor.find(plugin_shortname)::VERSION.to_s
|
|
28
|
-
rescue
|
|
29
|
-
|
|
26
|
+
rescue StandardError
|
|
27
|
+
'unknown (is plugin compatible with eyaml 2.0+ ?)'
|
|
30
28
|
end
|
|
31
29
|
Eyaml::LoggingHelper.info "hiera-eyaml-#{plugin_shortname} (gem): #{plugin_version}"
|
|
32
30
|
end
|
|
33
31
|
|
|
34
32
|
nil
|
|
35
|
-
|
|
36
33
|
end
|
|
37
|
-
|
|
38
34
|
end
|
|
39
|
-
|
|
40
35
|
end
|
|
41
36
|
end
|
|
42
37
|
end
|