opstack 0.0.2 → 0.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1befb324fe3a090a3c934f743e9a92438be3af13
-  data.tar.gz: c05e4e87f713a7b171b441d13a7136c489996fac
+  metadata.gz: 93b9749eecad15a9ff103140978d681239391390
+  data.tar.gz: bcd39f355a1cdf8531648a0057cf001dcee905fa
 SHA512:
-  metadata.gz: 01e158994faaa9a4abd031bc49fb9be7b2f2f059901906a7315dcb0f306dc9fe4e3da99226b236627e0f5334a7038860c733f80e356b1d56cfaf0c0aac7efd27
-  data.tar.gz: cd34361ac7e42a320019700e40a737a42fbd3f87907e1ed3807be8050a54ff8b1ab0f2a3a197e24b2aecddb3fb094a455a59c515f357c4d610bc9e795b4a1912
+  metadata.gz: daab96cd408a5645450ff8130d97080942f8ed17e4d7f84601ec4030e70ca3be9b9379e850d02fe6cdca56019634fa264fd8e652a09370d52add78d04e57f072
+  data.tar.gz: 8f24f562e9f0985ae45bed376b6821ed5256c197003803ea12ca7d5fa939d6aa5708138dd52ecb4dc3695c627c4d1fc6a60fdcd288b8b42a8a3cea3ae183f8be

data/README.md

@@ -4,8 +4,11 @@
 
 ----------
 
+## Installing OpStack ##
+`gem install opstack`
+
 ##Importing an environment
-``opstack env import demo demo/accounts.json)`` will read the json file with your config variables and save them as an encrypted json file in the opstack config directory (~/.opstack)
+``opstack env import demo demo/accounts.json`` will read the json file with your config variables and save them as an encrypted json file in the opstack config directory (~/.opstack)
 
 ##Export an environment to bash
 ``eval $(opstack env export demo `` will export the environment variables for the demo enviornment

data/lib/opstack.rb

@@ -1,4 +1,5 @@
 require 'opstack/config'
+require 'opstack/encryption'
 require 'opstack/exporter'
 require 'opstack/environment'
 require 'opstack/version'

data/lib/opstack/cli.rb

@@ -1,5 +1,5 @@
 require 'thor'
-require 'opstack/logger'
+require 'opstack/logging'
 require 'opstack/commands'
 
 module OpStack
@@ -17,11 +17,7 @@ module OpStack
       true
     end
 
-    desc "hello NAME", "say hello to NAME"
-    def hello(name)
-      puts "Hello #{name}"
-    end
-    desc "env SUBCOMMAND ...ARGS", "stuff"
+    desc "env SUBCOMMAND ...ARGS", "environment comands"
     subcommand "env", OpStack::Commands::Env
   end
 end

data/lib/opstack/encryption.rb

@@ -0,0 +1,98 @@
+# This code is derived from the chef encrypted data bag code found at
+# https://github.com/chef/chef/tree/master/lib/chef/encrypted_data_bag_item
+#
+# Original Author:: Seth Falcon (<seth@opscode.com>)
+# Original Copyright:: Copyright 2010-2011 Opscode, Inc.
+# Original License:: Apache License, Version 2.0
+
+module OpStack
+  class Encryption
+    attr_reader :key
+    attr_reader :plaintext_data
+    attr_reader :encrypted_data
+    attr_reader :cipher
+
+    require 'openssl'
+    require 'base64'
+    require 'digest/sha2'
+    require 'ffi_yajl'
+
+    ALGORITHM = 'aes-256-cbc'
+
+    def encryptor(plaintext_data, key, iv=nil, cipher=nil)
+      @plaintext_data = plaintext_data
+      @key = key
+      @iv = iv && Base64.decode64(iv)
+      @cipher = cipher || ALGORITHM
+      self
+    end
+
+    def decryptor(encrypted_hash, key)
+      @encrypted_data = Base64.decode64(encrypted_hash["encrypted_data"])
+      @cipher = encrypted_hash["cipher"] || ALGORITHM
+      @iv = Base64.decode64(encrypted_hash["iv"])
+      @key = key
+      self
+    end
+
+    def iv
+      openssl_encryptor if @iv.nil? and @plaintext_data
+      @iv
+    end
+
+    def openssl_encryptor
+      @openssl_encryptor ||= begin
+        encryptor = OpenSSL::Cipher.new(cipher)
+        encryptor.encrypt
+        @iv ||= encryptor.random_iv
+        encryptor.iv = @iv
+        encryptor.key = Digest::SHA256.digest(key)
+        encryptor
+      end
+    end
+
+    def openssl_decryptor
+      @openssl_decryptor ||= begin
+        decryptor = OpenSSL::Cipher.new(cipher)
+        decryptor.decrypt
+        decryptor.key = OpenSSL::Digest::SHA256.digest(key)
+        decryptor.iv = iv
+        decryptor
+      end
+    end
+
+    def encrypted_data
+      @encrypted_data ||= begin
+        enc_data = openssl_encryptor.update(serialized_data)
+        enc_data << openssl_encryptor.final
+        Base64.encode64(enc_data)
+      end
+    end
+
+    def decrypted_data
+      @decrypted_data ||= begin
+        plaintext = openssl_decryptor.update(@encrypted_data)
+        plaintext << openssl_decryptor.final
+      rescue OpenSSL::Cipher::CipherError => e
+        raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect"
+      end
+    end
+
+    def encrypted_hash
+      {
+        "encrypted_data" => encrypted_data,
+        "iv" => Base64.encode64(iv),
+        "cipher" => cipher
+      }
+    end
+
+    def serialized_data
+      FFI_Yajl::Encoder.encode(:json_wrapper => plaintext_data)
+    end
+
+    def decrypted_hash
+      FFI_Yajl::Parser.parse(decrypted_data)["json_wrapper"]
+    end
+
+  end
+end

data/lib/opstack/environment/chef.rb

@@ -10,13 +10,11 @@ module OpStack
 
         begin
           encrypted_data = JSON.parse(File.read(databag_file))
-          data_bag = ::Chef::EncryptedDataBagItem.new(encrypted_data, secret).to_hash
+          data_bag = OpStack::Encryption.new().decryptor(encrypted_data,secret).decrypted_hash
         rescue Errno::ENOENT
           OpStack.logger.error("Environment #{environment} Not Found."); return nil
         rescue JSON::ParserError
           OpStack.logger.error("Could not Parse #{databag_file}"); return nil
-        rescue ::Chef::EncryptedDataBagItem::DecryptionFailure
-          OpStack.logger.error("Could not decrypt #{databag_file}"); return nil
         end
         
       end
@@ -29,12 +27,11 @@ module OpStack
 
         begin
           data = JSON.parse(File.read(file))
-          encrypted_data = ::Chef::EncryptedDataBagItem.encrypt_data_bag_item(data, secret)
+          encrypted_data = OpStack::Encryption.new().encryptor(data,secret).encrypted_hash
+          FileUtils.mkdir_p("#{config[:config_dir]}/environments/#{environment}")
           File.write(databag_file, JSON.pretty_generate(encrypted_data))
         rescue Errno::ENOENT
           OpStack.logger.error("File #{file} Not Found."); return nil
-        rescue ::Chef::EncryptedDataBagItem::EncryptionFailure
-          OpStack.logger.error("Could not encrypt the data"); return nil
         end
       end
 

data/lib/opstack/version.rb

@@ -1,3 +1,3 @@
 module OpStack
-  VERSION = '0.0.2'
+  VERSION = '0.0.3'
 end

data/opstack.gemspec

@@ -14,10 +14,10 @@ Gem::Specification.new do |spec|
   spec.licenses       = ['MIT', 'GPL-2']
 
   spec.add_runtime_dependency 'ansi'
-  spec.add_runtime_dependency 'chef', '>= 11.0'
   spec.add_runtime_dependency 'thor'
 
   spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'chef'
   spec.add_development_dependency 'coveralls'
   spec.add_development_dependency 'guard', '~> 2.8'
   spec.add_development_dependency 'guard-rspec', '~> 4.3'

data/spec/spec_helper.rb

@@ -1,6 +1,6 @@
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib', 'opstack'))
 require 'rspec'
-require 'chef/encrypted_data_bag_item'
+require 'chef'
 require 'coveralls'
 require 'simplecov'
 require 'simplecov-console'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: opstack
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Salvatore Poliandro
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-09-11 00:00:00.000000000 Z
+date: 2015-09-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ansi
@@ -24,20 +24,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: chef
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '11.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '11.0'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -66,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: chef
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: coveralls
   requirement: !ruby/object:Gem::Requirement
@@ -198,10 +198,11 @@ files:
 - lib/opstack/cli.rb
 - lib/opstack/commands.rb
 - lib/opstack/config.rb
+- lib/opstack/encryption.rb
 - lib/opstack/environment.rb
 - lib/opstack/environment/chef.rb
 - lib/opstack/exporter.rb
-- lib/opstack/logger.rb
+- lib/opstack/logging.rb
 - lib/opstack/version.rb
 - opstack.gemspec
 - spec/fixtures/environments/test/accounts.json