RubyGems - hiera-gpg - Versions diffs - 0.1.0 - Mend

hiera-gpg 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

data/lib/hiera/backend/gpg_backend.rb +63 -0
metadata +64 -0

data/lib/hiera/backend/gpg_backend.rb ADDED Viewed

@@ -0,0 +1,63 @@
+class Hiera
+    module Backend
+        class Gpg_backend
+            def lookup(key, scope, order_override, resolution_type)
+                Hiera.debug("loaded gpg_backend")
+                answer = Backend.empty_answer(resolution_type)
+                Backend.datasources(scope, order_override) do |source|
+                    gpgfile = Backend.datafile(:gpg, scope, source, "gpg") || next
+                    Hiera.debug("Loading file #{gpgfile}")
+                    ## Homedir is the location of our GPG private keys
+                    ## default: ~/.gnupg
+                    homedir = Config[:gpg][:homedir] || ""
+                    plain = decrypt(gpgfile, homedir)
+                    if plain.empty?
+                        Hiera.debug("GPG decrypt returned empty string")
+                        next
+                    end
+                    data = YAML.load(plain)
+                    next if data.empty?
+                    next unless data.include?(key)
+                    case resolution_type
+                        when :array
+                            answer << Backend.parse_answer(data[key], scope)
+                        else
+                            answer = Backend.parse_answer(data[key], scope)
+                            break
+                        end
+                    end
+                    return answer
+            end
+            def decrypt (file, homedir)
+                # This should be tied in with the gpgme API, but for now
+                # we just shell this out to the gpg command, a future todo
+                # is to replace this.
+                #
+                opts = ["--decrypt"]
+                if !homedir.empty?
+                    opts << "--homedir #{homedir}"
+                end
+                data = `/usr/bin/env gpg #{opts.join(" ")} < #{file} 2> /dev/null`
+                Hiera.debug("Return code of gpg command was #{$?}")
+                return data
+            end
+        end
+    end
+end

metadata ADDED Viewed

@@ -0,0 +1,64 @@
+--- !ruby/object:Gem::Specification
+name: hiera-gpg
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Craig Dunn
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2011-10-10 00:00:00 +01:00
+default_executable:
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: hiera
+  type: :runtime
+  version_requirement:
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.2.0
+    version:
+description: Hiera backend for storing secret data and decrypting with GPG
+email: craig@craigdunn.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/hiera
+- lib/hiera/backend
+- lib/hiera/backend/gpg_backend.rb
+has_rdoc: false
+homepage: http://github.com/crayfishx/hiera-gpg
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+requirements: []
+rubyforge_project:
+rubygems_version: 1.3.1
+signing_key:
+specification_version: 2
+summary: GPG backend for Hiera
+test_files: []