hiera-gpg 1.0.1 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/hiera/backend/gpg_backend.rb +18 -10
- metadata +2 -2
@@ -21,22 +21,31 @@ class Hiera
|
|
21
21
|
debug("Lookup called, key #{key} resolution type is #{resolution_type}")
|
22
22
|
answer = Backend.empty_answer(resolution_type)
|
23
23
|
|
24
|
-
|
25
|
-
|
24
|
+
# This should compute ~ on both *nix and *doze
|
25
|
+
homes = ["HOME", "HOMEPATH"]
|
26
|
+
real_home = homes.detect { |h| ENV[h] != nil }
|
26
27
|
|
27
|
-
|
28
|
-
|
29
|
-
|
28
|
+
## key_dir is the location of our GPG private keys
|
29
|
+
## default: ~/.gnupg
|
30
|
+
key_dir = Config[:gpg][:key_dir] || "#{ENV[real_home]}/.gnupg"
|
30
31
|
|
31
|
-
|
32
|
-
|
33
|
-
|
32
|
+
|
33
|
+
Backend.datasources(scope, order_override) do |source|
|
34
|
+
gpgfile = Backend.datafile(:gpg, scope, source, "gpg") || next
|
34
35
|
|
35
36
|
plain = decrypt(gpgfile, key_dir)
|
36
37
|
next if !plain
|
37
38
|
next if plain.empty?
|
39
|
+
debug("GPG decrypt returned valid data")
|
38
40
|
|
39
41
|
data = YAML.load(plain)
|
42
|
+
next if !data
|
43
|
+
next if data.empty?
|
44
|
+
debug ("Data contains valid YAML")
|
45
|
+
|
46
|
+
next unless data.include?(key)
|
47
|
+
debug ("Key #{key} found in YAML document, Passing answer to hiera")
|
48
|
+
|
40
49
|
|
41
50
|
case resolution_type
|
42
51
|
when :array
|
@@ -47,9 +56,8 @@ class Hiera
|
|
47
56
|
answer = Backend.parse_answer(data[key], scope)
|
48
57
|
end
|
49
58
|
|
50
|
-
return answer
|
51
|
-
|
52
59
|
end
|
60
|
+
return answer
|
53
61
|
end
|
54
62
|
|
55
63
|
def decrypt(file, gnupghome)
|