secret-keeper 0.2.6 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/secret-keeper.rb +18 -14
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a4af085b4a020f82a80ec5e4f2995fc676c6d24497b424ccfe5788d8fa83085b
|
|
4
|
+
data.tar.gz: 4f3c88876416d7dadf20f903338827b52c03ecb1799b5b31b823d5cd484e5513
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 40512c3536a8f2b8824f3d6fbf97df57e8381fb7d5f135ef3ac05771a6ca9b472e52aa1818e35d7699400b688f918b6f534895eef04ff359d4706f99bd24da37
|
|
7
|
+
data.tar.gz: 5aecafc7b60fb43bc34b46744b63761db551b44d428e7fcfdb8afd8ee74e157a51f43903f45e3f8bf925150975d5c80e999344cef824e81e01c3603591f2190e
|
data/lib/secret-keeper.rb
CHANGED
|
@@ -4,7 +4,7 @@ require 'yaml'
|
|
|
4
4
|
class SecretKeeper
|
|
5
5
|
def self.encrypt_files
|
|
6
6
|
sk = SecretKeeper.new
|
|
7
|
-
puts 'Encrypting...'
|
|
7
|
+
puts 'Encrypting...' unless sk.slience
|
|
8
8
|
ok_queue = []
|
|
9
9
|
sk.tasks.each do |task|
|
|
10
10
|
from = task['encrypt_from']
|
|
@@ -12,17 +12,17 @@ class SecretKeeper
|
|
|
12
12
|
|
|
13
13
|
result = sk.encrypt_file(from, to)
|
|
14
14
|
ok_queue << result if result == :ok
|
|
15
|
-
puts " * #{from} --> #{to}, #{result}"
|
|
15
|
+
puts " * #{from} --> #{to}, #{result}" unless sk.slience
|
|
16
16
|
end
|
|
17
17
|
success = ok_queue.count == sk.tasks.count
|
|
18
|
-
puts success ? 'Done!' : 'Failed!'
|
|
18
|
+
puts success ? 'Done!' : 'Failed!' unless sk.slience
|
|
19
19
|
success
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def self.decrypt_files(remove_production=false)
|
|
23
23
|
sk = SecretKeeper.new
|
|
24
|
-
print 'Decrypting...'
|
|
25
|
-
puts remove_production ? '(production config removed)' : nil
|
|
24
|
+
print 'Decrypting...' unless sk.slience
|
|
25
|
+
puts remove_production ? '(production config removed)' : nil unless sk.slience
|
|
26
26
|
|
|
27
27
|
ok_queue = []
|
|
28
28
|
sk.tasks.each do |task|
|
|
@@ -36,10 +36,10 @@ class SecretKeeper
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
ok_queue << result if result == :ok
|
|
39
|
-
puts " * #{from} --> #{to}, #{result}"
|
|
39
|
+
puts " * #{from} --> #{to}, #{result}" unless sk.slience
|
|
40
40
|
end
|
|
41
41
|
success = ok_queue.count == sk.tasks.count
|
|
42
|
-
puts success ? 'Done!' : 'Failed!'
|
|
42
|
+
puts success ? 'Done!' : 'Failed!' unless sk.slience
|
|
43
43
|
success
|
|
44
44
|
end
|
|
45
45
|
|
|
@@ -52,15 +52,21 @@ class SecretKeeper
|
|
|
52
52
|
ev_name = config['ev_name'] || 'SECRET_KEEPER'
|
|
53
53
|
fail "environment variable #{ev_name} not exist" if ENV[ev_name].nil?
|
|
54
54
|
|
|
55
|
-
@cipher_digest = ENV[ev_name]
|
|
56
55
|
@tasks = config['tasks']
|
|
57
|
-
@using_cipher = OpenSSL::Cipher.new(config['cipher'])
|
|
56
|
+
@using_cipher = OpenSSL::Cipher.new(config['cipher'] || 'AES-256-CBC')
|
|
57
|
+
@cipher_key = Digest::SHA2.hexdigest(ENV[ev_name])[0...@using_cipher.key_len]
|
|
58
|
+
|
|
59
|
+
@slience = config['slience'] || false
|
|
58
60
|
end
|
|
59
61
|
|
|
60
62
|
def tasks
|
|
61
63
|
@tasks
|
|
62
64
|
end
|
|
63
65
|
|
|
66
|
+
def slience
|
|
67
|
+
@slience
|
|
68
|
+
end
|
|
69
|
+
|
|
64
70
|
def encrypt_file(from_file, to_file)
|
|
65
71
|
encrypted = File.open(from_file, 'rb') { |f| encrypt(f.read) }
|
|
66
72
|
File.open(to_file, 'w:ASCII-8BIT') { |f| f.write(encrypted) }
|
|
@@ -71,7 +77,7 @@ class SecretKeeper
|
|
|
71
77
|
|
|
72
78
|
def decrypt_file(from_file, to_file)
|
|
73
79
|
decrypted = File.open(from_file, 'rb') { |f| decrypt(f.read) }
|
|
74
|
-
File.open(to_file, 'w') { |f| f.write(decrypted) }
|
|
80
|
+
File.open(to_file, 'w') { |f| f.write(decrypted.force_encoding('UTF-8')) }
|
|
75
81
|
:ok
|
|
76
82
|
rescue => e
|
|
77
83
|
e
|
|
@@ -91,15 +97,13 @@ class SecretKeeper
|
|
|
91
97
|
|
|
92
98
|
def encrypt(data)
|
|
93
99
|
cipher = @using_cipher.encrypt
|
|
94
|
-
|
|
95
|
-
cipher.key = Digest::SHA2.hexdigest(@cipher_digest)[key_size_range]
|
|
100
|
+
cipher.key = @cipher_key
|
|
96
101
|
cipher.update(data) + cipher.final
|
|
97
102
|
end
|
|
98
103
|
|
|
99
104
|
def decrypt(data)
|
|
100
105
|
cipher = @using_cipher.decrypt
|
|
101
|
-
|
|
102
|
-
cipher.key = Digest::SHA2.hexdigest(@cipher_digest)[key_size_range]
|
|
106
|
+
cipher.key = @cipher_key
|
|
103
107
|
cipher.update(data) + cipher.final
|
|
104
108
|
end
|
|
105
109
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secret-keeper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ray Lee
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -54,7 +54,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
55
|
version: '0'
|
|
56
56
|
requirements: []
|
|
57
|
-
rubygems_version: 3.
|
|
57
|
+
rubygems_version: 3.1.4
|
|
58
58
|
signing_key:
|
|
59
59
|
specification_version: 4
|
|
60
60
|
summary: Keep all your secret files within openssl
|