secret-keeper 0.2.6 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/secret-keeper.rb +18 -14
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a4af085b4a020f82a80ec5e4f2995fc676c6d24497b424ccfe5788d8fa83085b
|
|
4
|
+
data.tar.gz: 4f3c88876416d7dadf20f903338827b52c03ecb1799b5b31b823d5cd484e5513
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 40512c3536a8f2b8824f3d6fbf97df57e8381fb7d5f135ef3ac05771a6ca9b472e52aa1818e35d7699400b688f918b6f534895eef04ff359d4706f99bd24da37
|
|
7
|
+
data.tar.gz: 5aecafc7b60fb43bc34b46744b63761db551b44d428e7fcfdb8afd8ee74e157a51f43903f45e3f8bf925150975d5c80e999344cef824e81e01c3603591f2190e
|
data/lib/secret-keeper.rb
CHANGED
|
@@ -4,7 +4,7 @@ require 'yaml'
|
|
|
4
4
|
class SecretKeeper
|
|
5
5
|
def self.encrypt_files
|
|
6
6
|
sk = SecretKeeper.new
|
|
7
|
-
puts 'Encrypting...'
|
|
7
|
+
puts 'Encrypting...' unless sk.slience
|
|
8
8
|
ok_queue = []
|
|
9
9
|
sk.tasks.each do |task|
|
|
10
10
|
from = task['encrypt_from']
|
|
@@ -12,17 +12,17 @@ class SecretKeeper
|
|
|
12
12
|
|
|
13
13
|
result = sk.encrypt_file(from, to)
|
|
14
14
|
ok_queue << result if result == :ok
|
|
15
|
-
puts " * #{from} --> #{to}, #{result}"
|
|
15
|
+
puts " * #{from} --> #{to}, #{result}" unless sk.slience
|
|
16
16
|
end
|
|
17
17
|
success = ok_queue.count == sk.tasks.count
|
|
18
|
-
puts success ? 'Done!' : 'Failed!'
|
|
18
|
+
puts success ? 'Done!' : 'Failed!' unless sk.slience
|
|
19
19
|
success
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def self.decrypt_files(remove_production=false)
|
|
23
23
|
sk = SecretKeeper.new
|
|
24
|
-
print 'Decrypting...'
|
|
25
|
-
puts remove_production ? '(production config removed)' : nil
|
|
24
|
+
print 'Decrypting...' unless sk.slience
|
|
25
|
+
puts remove_production ? '(production config removed)' : nil unless sk.slience
|
|
26
26
|
|
|
27
27
|
ok_queue = []
|
|
28
28
|
sk.tasks.each do |task|
|
|
@@ -36,10 +36,10 @@ class SecretKeeper
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
ok_queue << result if result == :ok
|
|
39
|
-
puts " * #{from} --> #{to}, #{result}"
|
|
39
|
+
puts " * #{from} --> #{to}, #{result}" unless sk.slience
|
|
40
40
|
end
|
|
41
41
|
success = ok_queue.count == sk.tasks.count
|
|
42
|
-
puts success ? 'Done!' : 'Failed!'
|
|
42
|
+
puts success ? 'Done!' : 'Failed!' unless sk.slience
|
|
43
43
|
success
|
|
44
44
|
end
|
|
45
45
|
|
|
@@ -52,15 +52,21 @@ class SecretKeeper
|
|
|
52
52
|
ev_name = config['ev_name'] || 'SECRET_KEEPER'
|
|
53
53
|
fail "environment variable #{ev_name} not exist" if ENV[ev_name].nil?
|
|
54
54
|
|
|
55
|
-
@cipher_digest = ENV[ev_name]
|
|
56
55
|
@tasks = config['tasks']
|
|
57
|
-
@using_cipher = OpenSSL::Cipher.new(config['cipher'])
|
|
56
|
+
@using_cipher = OpenSSL::Cipher.new(config['cipher'] || 'AES-256-CBC')
|
|
57
|
+
@cipher_key = Digest::SHA2.hexdigest(ENV[ev_name])[0...@using_cipher.key_len]
|
|
58
|
+
|
|
59
|
+
@slience = config['slience'] || false
|
|
58
60
|
end
|
|
59
61
|
|
|
60
62
|
def tasks
|
|
61
63
|
@tasks
|
|
62
64
|
end
|
|
63
65
|
|
|
66
|
+
def slience
|
|
67
|
+
@slience
|
|
68
|
+
end
|
|
69
|
+
|
|
64
70
|
def encrypt_file(from_file, to_file)
|
|
65
71
|
encrypted = File.open(from_file, 'rb') { |f| encrypt(f.read) }
|
|
66
72
|
File.open(to_file, 'w:ASCII-8BIT') { |f| f.write(encrypted) }
|
|
@@ -71,7 +77,7 @@ class SecretKeeper
|
|
|
71
77
|
|
|
72
78
|
def decrypt_file(from_file, to_file)
|
|
73
79
|
decrypted = File.open(from_file, 'rb') { |f| decrypt(f.read) }
|
|
74
|
-
File.open(to_file, 'w') { |f| f.write(decrypted) }
|
|
80
|
+
File.open(to_file, 'w') { |f| f.write(decrypted.force_encoding('UTF-8')) }
|
|
75
81
|
:ok
|
|
76
82
|
rescue => e
|
|
77
83
|
e
|
|
@@ -91,15 +97,13 @@ class SecretKeeper
|
|
|
91
97
|
|
|
92
98
|
def encrypt(data)
|
|
93
99
|
cipher = @using_cipher.encrypt
|
|
94
|
-
|
|
95
|
-
cipher.key = Digest::SHA2.hexdigest(@cipher_digest)[key_size_range]
|
|
100
|
+
cipher.key = @cipher_key
|
|
96
101
|
cipher.update(data) + cipher.final
|
|
97
102
|
end
|
|
98
103
|
|
|
99
104
|
def decrypt(data)
|
|
100
105
|
cipher = @using_cipher.decrypt
|
|
101
|
-
|
|
102
|
-
cipher.key = Digest::SHA2.hexdigest(@cipher_digest)[key_size_range]
|
|
106
|
+
cipher.key = @cipher_key
|
|
103
107
|
cipher.update(data) + cipher.final
|
|
104
108
|
end
|
|
105
109
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secret-keeper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ray Lee
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -54,7 +54,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
55
|
version: '0'
|
|
56
56
|
requirements: []
|
|
57
|
-
rubygems_version: 3.
|
|
57
|
+
rubygems_version: 3.1.4
|
|
58
58
|
signing_key:
|
|
59
59
|
specification_version: 4
|
|
60
60
|
summary: Keep all your secret files within openssl
|