sanctum 0.8.6.rc2 → 0.8.6.rc3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ba4b9d50924b59fe4a6365a89832acc020c03652f9e13328884ef9eb9aa13243
4
- data.tar.gz: e9d50c2a7ca6bb056fede8c907f7d6d76dac120882573080840d2bd789a2682e
3
+ metadata.gz: 46c1275f8059a02fc701ef91c2e4a8ddab9e5d7221f832ad5d4112d42c13d091
4
+ data.tar.gz: f06b1944d320cf3a0a1df7f78e928fd1fab95f39f29d422fb53ac5ef0962b86b
5
5
  SHA512:
6
- metadata.gz: d77c68c98546c98277e19ee8b6342cf9de622c9961502450d38a7ea3c2484bc6f65bf372c8a9bad75b3c977721bda24d08d4e22c7e80e46b6dcd0c0ad36da21b
7
- data.tar.gz: 78a5cb4094ee395fb9660eb62a78bab20778968179f389180818df04d4774bc88e30a3bd9a9de99b17f44a4453a4d89161820076294ea0a57b84851b1deef2a8
6
+ metadata.gz: 283bb7fd1215cc8284da0ef3288791b3008feab3c29e9d3f45d302a0d57371ddb7098e8d98ebacedc988e8753e6bee12a5fbb47de945939fb9fa80b51fae64f4
7
+ data.tar.gz: 3d070fbbc2cbee3e0ad9150b1d1da64dd7767f48c1968e216f9cc5e08123418b7edf3877866498669a1299f1eaa027e7884048e5f174adcaad47c2d12142d163
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- sanctum (0.8.6.rc2)
4
+ sanctum (0.8.6.rc3)
5
5
  gli (~> 2.18)
6
6
  hashdiff (~> 0.3)
7
7
  tty-editor (~> 0.5)
@@ -11,7 +11,9 @@ GEM
11
11
  remote: https://rubygems.org/
12
12
  specs:
13
13
  ast (2.4.0)
14
- aws-sigv4 (1.0.3)
14
+ aws-eventstream (1.0.2)
15
+ aws-sigv4 (1.1.0)
16
+ aws-eventstream (~> 1.0, >= 1.0.2)
15
17
  coderay (1.1.2)
16
18
  diff-lcs (1.3)
17
19
  equatable (0.5.0)
data/README.md CHANGED
@@ -76,6 +76,7 @@ sanctum pull - Pull vault secrets to local files (encrypted).
76
76
  sanctum config - Generate an example config file.
77
77
  sanctum create - Create an encrypted local file.
78
78
  sanctum edit - Edit an encrypted local file.
79
+ sanctum import - Import an existing plaintext YAML file.
79
80
  sanctum view - View an encrypted local file.
80
81
  sanctum update - Update secrets backend to v2 API.
81
82
  ```
data/lib/sanctum/cli.rb CHANGED
@@ -73,6 +73,15 @@ module Sanctum
73
73
  end
74
74
  end
75
75
 
76
+ desc 'Import a plaintext YAML file'
77
+ arg_name 'path/to/file path/to/encryptedfile'
78
+ command :import do |c|
79
+ common_options c, :targets, :config, :force
80
+ c.action do |_,_,args|
81
+ Command::Import.new(@options_hash, args).run
82
+ end
83
+ end
84
+
76
85
  desc 'View encrypted file[s]'
77
86
  arg_name 'path/to/file'
78
87
  command :view do |c|
@@ -10,6 +10,7 @@ require 'sanctum/command/base'
10
10
  require 'sanctum/command/check'
11
11
  require 'sanctum/command/config'
12
12
  require 'sanctum/command/create'
13
+ require 'sanctum/command/import'
13
14
  require 'sanctum/command/edit'
14
15
  require 'sanctum/command/pull'
15
16
  require 'sanctum/command/push'
@@ -0,0 +1,56 @@
1
+ require 'fileutils'
2
+ require 'tempfile'
3
+ require 'yaml'
4
+ require 'json'
5
+
6
+ module Sanctum
7
+ module Command
8
+ class Import < Base
9
+
10
+ def run(&block)
11
+ if args.count != '2'
12
+ source_path,dest_path = args
13
+ transit_key = determine_transit_key(dest_path, targets)
14
+
15
+ if options[:cli][:force]
16
+ force = options[:cli][:force]
17
+ end
18
+
19
+ import_file(source_path, dest_path, transit_key, force)
20
+ else
21
+ raise ArgumentError, red('Please pass the path to both the source and the destination file')
22
+ end
23
+ end
24
+
25
+ private
26
+ def import_file(source_path, dest_path, transit_key, force=nil)
27
+ begin
28
+ tmp_file = Tempfile.new(File.basename(source_path))
29
+ FileUtils.cp(source_path, tmp_file)
30
+
31
+ previous_contents = File.read(tmp_file.path)
32
+ TTY::Editor.open(tmp_file.path) unless force
33
+ contents = File.read(tmp_file.path)
34
+
35
+ # Encrypt the data
36
+ data_hash = {"#{tmp_file.path}" => validate(contents)}
37
+ write_encrypted_data(vault_client, data_hash, transit_key)
38
+ tmp_file.close
39
+
40
+ FileUtils.cp(tmp_file.path, dest_path)
41
+
42
+ rescue Exception => e
43
+ # If write_encrypted_data failed, data would fail to write to disk
44
+ # It would be sad to lose that data, at least this would print the contents to the console.
45
+ puts red("Contents may have failed to write\nError: #{e}")
46
+ puts yellow("Contents: \n#{contents}")
47
+ ensure
48
+ tmp_file.close
49
+ secure_erase(tmp_file.path, tmp_file.length)
50
+ tmp_file.unlink
51
+ end
52
+ end
53
+
54
+ end
55
+ end
56
+ end
@@ -1,3 +1,3 @@
1
1
  module Sanctum
2
- VERSION = "0.8.6.rc2"
2
+ VERSION = "0.8.6.rc3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sanctum
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.6.rc2
4
+ version: 0.8.6.rc3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Corban Raun
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-12 00:00:00.000000000 Z
11
+ date: 2019-03-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gli
@@ -180,6 +180,7 @@ files:
180
180
  - lib/sanctum/command/diff_helper.rb
181
181
  - lib/sanctum/command/edit.rb
182
182
  - lib/sanctum/command/editor_helper.rb
183
+ - lib/sanctum/command/import.rb
183
184
  - lib/sanctum/command/paths_helper.rb
184
185
  - lib/sanctum/command/pull.rb
185
186
  - lib/sanctum/command/push.rb