hiera-eyaml 3.2.1 → 3.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -0
- data/Gemfile +1 -1
- data/lib/hiera/backend/eyaml.rb +1 -1
- data/lib/hiera/backend/eyaml/parser/encrypted_tokens.rb +52 -54
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5bfbd5d31fef9569be60fa1914e921a042203d41c83925cb908173d74963df05
|
|
4
|
+
data.tar.gz: f93f91ef3fa2c34cef964e7e5b5a3b64dde0e1cc2ddb4ad06a0ea94b251bbf4e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e060aeb86e2f48506413629c9664441c4d1b0fa9862be7c7136e414df7e015a477a399b0453893b2b68d92751b6a2893cf5bbb898fdd6aea0d18b91611678761
|
|
7
|
+
data.tar.gz: de656da85d672bdc7b950c21663140cba2eb5c980abdeed0e7f44961f881ac5193c5e394c5e202b5a32dc78086b0e40bda73ada9b6615add4a7640c717934ee9
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,19 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
|
|
5
|
+
## [v3.2.2](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.2) (2021-05-03)
|
|
6
|
+
|
|
7
|
+
[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.1...v3.2.2)
|
|
8
|
+
|
|
9
|
+
**Fixed bugs:**
|
|
10
|
+
|
|
11
|
+
- Using `3.2.1` for editing an eyaml created with `3.2.0` will mess up formatting [\#318](https://github.com/voxpupuli/hiera-eyaml/issues/318)
|
|
12
|
+
- Fix block formatting when editing [\#319](https://github.com/voxpupuli/hiera-eyaml/pull/319) ([kenyon](https://github.com/kenyon))
|
|
13
|
+
|
|
14
|
+
**Closed issues:**
|
|
15
|
+
|
|
16
|
+
- Concerns about the encrypted? method [\#316](https://github.com/voxpupuli/hiera-eyaml/issues/316)
|
|
17
|
+
|
|
5
18
|
## [v3.2.1](https://github.com/voxpupuli/hiera-eyaml/tree/v3.2.1) (2021-02-16)
|
|
6
19
|
|
|
7
20
|
[Full Changelog](https://github.com/voxpupuli/hiera-eyaml/compare/v3.2.0...v3.2.1)
|
data/Gemfile
CHANGED
|
@@ -8,7 +8,7 @@ group :development do
|
|
|
8
8
|
gem "rspec-expectations", '~> 3.1.0'
|
|
9
9
|
gem "hiera-eyaml-plaintext"
|
|
10
10
|
gem "puppet", ENV['PUPPET_VERSION'] || '>= 7'
|
|
11
|
-
gem 'github_changelog_generator'
|
|
11
|
+
gem 'github_changelog_generator'
|
|
12
12
|
gem "activesupport"
|
|
13
13
|
end
|
|
14
14
|
|
data/lib/hiera/backend/eyaml.rb
CHANGED
|
@@ -4,34 +4,36 @@ require 'hiera/backend/eyaml/encryptor'
|
|
|
4
4
|
require 'hiera/backend/eyaml'
|
|
5
5
|
require 'base64'
|
|
6
6
|
|
|
7
|
-
|
|
8
7
|
class Hiera
|
|
9
8
|
module Backend
|
|
10
9
|
module Eyaml
|
|
11
10
|
module Parser
|
|
12
11
|
class EncToken < Token
|
|
13
|
-
@@tokens_map =
|
|
12
|
+
@@tokens_map = {}
|
|
14
13
|
@@encrypt_unchanged = true
|
|
15
14
|
attr_reader :format, :cipher, :encryptor, :indentation, :plain_text, :id
|
|
15
|
+
|
|
16
16
|
def self.encrypted_value(format, encryption_scheme, cipher, match, indentation = '')
|
|
17
17
|
decryptor = Encryptor.find encryption_scheme
|
|
18
|
-
plain_text = decryptor.decrypt(
|
|
18
|
+
plain_text = decryptor.decrypt(decryptor.decode(cipher))
|
|
19
19
|
EncToken.new(format, plain_text, decryptor, cipher, match, indentation)
|
|
20
20
|
end
|
|
21
|
+
|
|
21
22
|
def self.decrypted_value(format, plain_text, encryption_scheme, match, id, indentation = '')
|
|
22
23
|
encryptor = Encryptor.find encryption_scheme
|
|
23
|
-
cipher = encryptor.encode(
|
|
24
|
-
id_number = id.nil? ? nil : id.gsub(/\(|\)/,
|
|
24
|
+
cipher = encryptor.encode(encryptor.encrypt(plain_text))
|
|
25
|
+
id_number = id.nil? ? nil : id.gsub(/\(|\)/, '').to_i
|
|
25
26
|
EncToken.new(format, plain_text, encryptor, cipher, match, indentation, id_number)
|
|
26
27
|
end
|
|
28
|
+
|
|
27
29
|
def self.plain_text_value(format, plain_text, encryption_scheme, match, id, indentation = '')
|
|
28
30
|
encryptor = Encryptor.find encryption_scheme
|
|
29
|
-
id_number = id.gsub(/\(|\)/,
|
|
30
|
-
EncToken.new(format, plain_text, encryptor,
|
|
31
|
+
id_number = id.gsub(/\(|\)/, '').to_i unless id.nil?
|
|
32
|
+
EncToken.new(format, plain_text, encryptor, '', match, indentation, id_number)
|
|
31
33
|
end
|
|
32
34
|
|
|
33
35
|
def self.tokens_map
|
|
34
|
-
|
|
36
|
+
@@tokens_map
|
|
35
37
|
end
|
|
36
38
|
|
|
37
39
|
def self.set_encrypt_unchanged(encrypt_unchanged)
|
|
@@ -39,12 +41,12 @@ class Hiera
|
|
|
39
41
|
end
|
|
40
42
|
|
|
41
43
|
def self.encrypt_unchanged
|
|
42
|
-
|
|
44
|
+
@@encrypt_unchanged
|
|
43
45
|
end
|
|
44
46
|
|
|
45
47
|
def initialize(format, plain_text, encryptor, cipher, match = '', indentation = '', id = nil)
|
|
46
48
|
@format = format
|
|
47
|
-
@plain_text = Utils.convert_to_utf_8(
|
|
49
|
+
@plain_text = Utils.convert_to_utf_8(plain_text)
|
|
48
50
|
@encryptor = encryptor
|
|
49
51
|
@cipher = cipher
|
|
50
52
|
@indentation = indentation
|
|
@@ -52,65 +54,64 @@ class Hiera
|
|
|
52
54
|
super(match)
|
|
53
55
|
end
|
|
54
56
|
|
|
55
|
-
def to_encrypted(args={})
|
|
57
|
+
def to_encrypted(args = {})
|
|
56
58
|
label = args[:label]
|
|
57
59
|
label_string = label.nil? ? '' : "#{label}: "
|
|
58
60
|
format = args[:format].nil? ? @format : args[:format]
|
|
59
61
|
encryption_method = args[:change_encryption]
|
|
60
|
-
|
|
62
|
+
unless encryption_method.nil?
|
|
61
63
|
@encryptor = Encryptor.find encryption_method
|
|
62
64
|
@cipher = Base64.strict_encode64(@encryptor.encrypt(@plain_text))
|
|
63
65
|
end
|
|
64
66
|
case format
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
67
|
+
when :block
|
|
68
|
+
@cipher = @cipher.gsub(/\s/, '')
|
|
69
|
+
chevron = args[:use_chevron].nil? || args[:use_chevron] ? ">\n" : ''
|
|
70
|
+
"#{label_string}#{chevron}" + @indentation + "ENC[#{@encryptor.tag},#{@cipher}]".scan(/.{1,60}/).join("\n" + @indentation)
|
|
71
|
+
when :string
|
|
72
|
+
ciphertext = @cipher.gsub(/[\n\r]/, '')
|
|
73
|
+
"#{label_string}ENC[#{@encryptor.tag},#{ciphertext}]"
|
|
74
|
+
else
|
|
75
|
+
raise "#{@format} is not a valid format"
|
|
73
76
|
end
|
|
74
77
|
end
|
|
75
78
|
|
|
76
|
-
def to_decrypted(args={})
|
|
79
|
+
def to_decrypted(args = {})
|
|
77
80
|
label = args[:label]
|
|
78
81
|
label_string = label.nil? ? '' : "#{label}: "
|
|
79
82
|
format = args[:format].nil? ? @format : args[:format]
|
|
80
83
|
index = args[:index].nil? ? '' : "(#{args[:index]})"
|
|
81
|
-
if @@encrypt_unchanged == false
|
|
82
|
-
EncToken.tokens_map[index] = @plain_text
|
|
83
|
-
end
|
|
84
|
+
EncToken.tokens_map[index] = @plain_text if @@encrypt_unchanged == false
|
|
84
85
|
|
|
85
86
|
case format
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
87
|
+
when :block
|
|
88
|
+
chevron = args[:use_chevron].nil? || args[:use_chevron] ? ">\n" : ''
|
|
89
|
+
"#{label_string}#{chevron}" + indentation + "DEC#{index}::#{@encryptor.tag}[" + @plain_text + ']!'
|
|
90
|
+
when :string
|
|
91
|
+
"#{label_string}DEC#{index}::#{@encryptor.tag}[" + @plain_text + ']!'
|
|
92
|
+
else
|
|
93
|
+
raise "#{@format} is not a valid format"
|
|
93
94
|
end
|
|
94
95
|
end
|
|
95
96
|
|
|
96
97
|
def to_plain_text
|
|
97
98
|
@plain_text
|
|
98
99
|
end
|
|
99
|
-
|
|
100
100
|
end
|
|
101
101
|
|
|
102
102
|
class EncTokenType < TokenType
|
|
103
103
|
def create_enc_token(match, type, enc_comma, cipher, indentation = '')
|
|
104
|
-
encryption_scheme = enc_comma.nil? ? Eyaml.default_encryption_scheme : enc_comma.split(
|
|
104
|
+
encryption_scheme = enc_comma.nil? ? Eyaml.default_encryption_scheme : enc_comma.split(',').first
|
|
105
105
|
EncToken.encrypted_value(type, encryption_scheme, cipher, match, indentation)
|
|
106
106
|
end
|
|
107
107
|
end
|
|
108
108
|
|
|
109
109
|
class EncHieraTokenType < EncTokenType
|
|
110
110
|
def initialize
|
|
111
|
-
@regex =
|
|
112
|
-
@string_token_type = EncStringTokenType.new
|
|
111
|
+
@regex = %r{ENC\[(\w+,)?([a-zA-Z0-9+/ =\n]+?)\]}
|
|
112
|
+
@string_token_type = EncStringTokenType.new
|
|
113
113
|
end
|
|
114
|
+
|
|
114
115
|
def create_token(string)
|
|
115
116
|
@string_token_type.create_token(string.gsub(/\s/, ''))
|
|
116
117
|
end
|
|
@@ -118,58 +119,55 @@ class Hiera
|
|
|
118
119
|
|
|
119
120
|
class EncStringTokenType < EncTokenType
|
|
120
121
|
def initialize
|
|
121
|
-
@regex =
|
|
122
|
+
@regex = %r{ENC\[(\w+,)?([a-zA-Z0-9+/=]+?)\]}
|
|
122
123
|
end
|
|
124
|
+
|
|
123
125
|
def create_token(string)
|
|
124
126
|
md = @regex.match(string)
|
|
125
|
-
|
|
127
|
+
create_enc_token(string, :string, md[1], md[2])
|
|
126
128
|
end
|
|
127
129
|
end
|
|
128
130
|
|
|
129
131
|
class EncBlockTokenType < EncTokenType
|
|
130
132
|
def initialize
|
|
131
|
-
@regex =
|
|
133
|
+
@regex = %r{>\n(\s*)ENC\[(\w+,)?([a-zA-Z0-9+/=\s]+?)\]}
|
|
132
134
|
end
|
|
135
|
+
|
|
133
136
|
def create_token(string)
|
|
134
137
|
md = @regex.match(string)
|
|
135
|
-
|
|
138
|
+
create_enc_token(string, :block, md[2], md[3], md[1])
|
|
136
139
|
end
|
|
137
140
|
end
|
|
138
141
|
|
|
139
142
|
class DecStringTokenType < TokenType
|
|
140
143
|
def initialize
|
|
141
|
-
@regex = /DEC(\(\d+\))?::(\w+)\[(.+?)\]
|
|
144
|
+
@regex = /DEC(\(\d+\))?::(\w+)\[(.+?)\]!/m
|
|
142
145
|
end
|
|
146
|
+
|
|
143
147
|
def create_token(string)
|
|
144
148
|
md = @regex.match(string)
|
|
145
|
-
if
|
|
146
|
-
|
|
147
|
-
if md[3] == EncToken.tokens_map[md[1]]
|
|
148
|
-
return EncToken.plain_text_value(:string, md[3], md[2], string, md[1])
|
|
149
|
-
end
|
|
150
|
-
end
|
|
149
|
+
if EncToken.encrypt_unchanged == false && !md[1].nil? && (md[3] == EncToken.tokens_map[md[1]])
|
|
150
|
+
return EncToken.plain_text_value(:string, md[3], md[2], string, md[1])
|
|
151
151
|
end
|
|
152
|
+
|
|
152
153
|
EncToken.decrypted_value(:string, md[3], md[2], string, md[1])
|
|
153
154
|
end
|
|
154
155
|
end
|
|
155
156
|
|
|
156
157
|
class DecBlockTokenType < TokenType
|
|
157
158
|
def initialize
|
|
158
|
-
@regex = />\n(\s*)DEC(\(\d+\))?::(\w+)\[(.+?)\]
|
|
159
|
+
@regex = />\n(\s*)DEC(\(\d+\))?::(\w+)\[(.+?)\]!/m
|
|
159
160
|
end
|
|
161
|
+
|
|
160
162
|
def create_token(string)
|
|
161
163
|
md = @regex.match(string)
|
|
162
|
-
if
|
|
163
|
-
|
|
164
|
-
if md[4] == EncToken.tokens_map[md[2]]
|
|
165
|
-
return EncToken.plain_text_value(:string, md[4], md[3], string, md[2])
|
|
166
|
-
end
|
|
167
|
-
end
|
|
164
|
+
if EncToken.encrypt_unchanged == false && !md[2].nil? && (md[4] == EncToken.tokens_map[md[2]])
|
|
165
|
+
return EncToken.plain_text_value(:string, md[4], md[3], string, md[2])
|
|
168
166
|
end
|
|
167
|
+
|
|
169
168
|
EncToken.decrypted_value(:block, md[4], md[3], string, md[2], md[1])
|
|
170
169
|
end
|
|
171
170
|
end
|
|
172
|
-
|
|
173
171
|
end
|
|
174
172
|
end
|
|
175
173
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hiera-eyaml
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tom Poulton
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-05-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: optimist
|
|
@@ -106,7 +106,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
106
106
|
- !ruby/object:Gem::Version
|
|
107
107
|
version: '0'
|
|
108
108
|
requirements: []
|
|
109
|
-
rubygems_version: 3.1.
|
|
109
|
+
rubygems_version: 3.1.6
|
|
110
110
|
signing_key:
|
|
111
111
|
specification_version: 4
|
|
112
112
|
summary: OpenSSL Encryption backend for Hiera
|