secure_data_bag 2.1.2 → 2.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b3fa2bcb163807c1cd3ded495102d5711ec22383
4
- data.tar.gz: acc0b6a7480657ff56fa24811f8f4d85c83e0907
3
+ metadata.gz: 1a9feeb1dfc414c24ff0245dd5942cef163e5d4c
4
+ data.tar.gz: 89258e6b058db11c62d7dbd39af9eba58eef2700
5
5
  SHA512:
6
- metadata.gz: ef0d7f6f356e4ad37ea91944e61cb92fe7c5a05d48f44f8cb13b01d25f45ba8366bba272b2f2929afdff13a05543fbd413163adbf68eab70d62cace0927a4757
7
- data.tar.gz: 60385f682a64fec2e073309a6a1dcdda0db06ba5eefdd73a46e1be23f0d7a9a6fc6ce3fa43f5d5859bf66e0243c8bdaca18ad755e64290f28884a9a817211ea3
6
+ metadata.gz: 0d2aceb5f872a953842a29d00351bd2474696925dad5dda15bf6b09844b09652196f8fcb9e0c8e79f2ec5cb4e07aac152a48813eac87edce6ffea53983995465
7
+ data.tar.gz: d07e7e41cad38f400f64a84892ee03b089a49c88328c812d73433a5d711b067b533de271ae06ffa389db96c4f777f1c8bc72bc68069ee42f76c8a874088c2516
@@ -1,31 +1,4 @@
1
1
 
2
- class Chef
3
- module DSL
4
- module SecureDataBag
5
- def secure_data_bag_item(bag, item, cache: false)
6
- data_bag_item = begin
7
- node.run_state[:secure_data_bag] ||= {}
8
- node.run_state[:secure_data_bag][bag] ||= {}
9
- node.run_state[:secure_data_bag][bag][item]
10
- end if cache
11
-
12
- data_bag_item ||= begin
13
- DataBag.validate_name!(bag.to_s)
14
- ::SecureDataBag::Item.validate_id!(item)
15
- ::SecureDataBag::Item.load(bag, item)
16
- rescue Exception
17
- Log.error("Failed to load secure data bag item: #{bag.inspect} #{item.inspect}")
18
- raise
19
- end
20
- end
21
-
22
- def secure_data_bag_item!(item, fields=[])
23
- secure = ::SecureDataBag::Item.from_item item
24
- secure.encoded_fields.concat(Array(fields))
25
- secure
26
- end
27
- end
28
- end
29
- end
30
-
2
+ require "chef/dsl/data_query"
3
+ Chef::DSL::DataQuery.send(:include, SecureDataBag::DSL::DataQuery)
31
4
 
@@ -11,23 +11,48 @@ class Chef
11
11
  category "secure bag"
12
12
 
13
13
  def load_item(bag, item_name)
14
- item = Chef::DataBagItem.load(bag, item_name)
15
- @raw_data = item.to_hash
16
-
17
- item = SecureDataBag::Item.from_item(item)
14
+ item = SecureDataBag::Item.load(bag, item_name)
18
15
  hash = item.to_hash(encoded: false)
19
16
  hash["_encoded_fields"] = item.encoded_fields
20
17
  hash
21
18
  end
22
19
 
23
- def edit_data(data, *args)
24
- output = super
25
- output = data_for_save(output)
26
-
27
- item = SecureDataBag::Item.from_hash(output)
28
- item.encoded_fields item.delete("_encoded_fields")
29
- raise Exception.new item.encoded_fields
30
- item.to_hash encoded:true
20
+ def run
21
+ if @name_args.length != 2
22
+ stdout.puts "You must supply the data bag and an item to edit!"
23
+ stdout.puts opt_parser
24
+ exit 1
25
+ end
26
+
27
+ # Load the SecureBagItem, EncryptedDataBagItem or DataBagItem
28
+ item = load_item(@name_args[0], @name_args[1])
29
+
30
+ # Allow the user to modify the content
31
+ edited_item = edit_hash(item)
32
+
33
+ # Fetch the fields that are to be encoded
34
+ fields_to_encode = edited_item.delete("_encoded_fields")
35
+ if fields_to_encode and not fields_to_encode.empty?
36
+ ui.info("Saving with secure fields: #{fields_to_encode.join(", ")}")
37
+ else
38
+ ui.info("Saving without any secure fields")
39
+ end
40
+
41
+ # Generate a new SecureBagItem
42
+ item_to_save = SecureDataBag::Item.new(
43
+ data: edited_item,
44
+ fields: fields_to_encode
45
+ )
46
+ item_to_save.data_bag @name_args[0] # Set data_bag to match initial
47
+ item_to_save["id"] = @name_args[1] # Ensure id was not changed
48
+ item_to_save.save
49
+
50
+ stdout.puts("Saved data_bag_item[#{@name_args[1]}]")
51
+
52
+ if config[:print_after]
53
+ data_to_print = item_to_save.to_hash(encoded: true)
54
+ ui.output(Chef::JSONCompat.to_json_pretty(data_to_print))
55
+ end
31
56
  end
32
57
  end
33
58
  end
@@ -17,11 +17,12 @@ class Chef
17
17
  default: false
18
18
 
19
19
  def load_item(bag, item_name)
20
- item = SecureDataBag::Item.load bag, item_name,
20
+ item = SecureDataBag::Item.load(bag, item_name,
21
21
  key: read_secret,
22
22
  fields: encoded_fields
23
+ )
23
24
 
24
- data = item.to_hash
25
+ data = item.to_hash(encoded: config[:encoded])
25
26
  data["_encoded_fields"] = item.encoded_fields
26
27
  data
27
28
  end
@@ -1,8 +1,8 @@
1
1
 
2
- require_relative "chef/config"
3
- require_relative "chef/dsl/data_query"
4
2
  require "secure_data_bag/version"
5
- require "secure_data_bag/secure_data_bag_item"
3
+ require "secure_data_bag/item"
4
+ require "secure_data_bag/dsl/data_query"
6
5
 
7
- Chef::Recipe.send(:include, Chef::DSL::SecureDataBag)
6
+ require_relative "chef/config"
7
+ require_relative "chef/dsl/data_query"
8
8
 
@@ -0,0 +1,31 @@
1
+
2
+ module SecureDataBag
3
+ module DSL
4
+ module DataQuery
5
+ def secure_data_bag_item(bag, item, cache: false)
6
+ data_bag_item = begin
7
+ node.run_state[:secure_data_bag] ||= {}
8
+ node.run_state[:secure_data_bag][bag] ||= {}
9
+ node.run_state[:secure_data_bag][bag][item]
10
+ end if cache
11
+
12
+ data_bag_item ||= begin
13
+ Chef::DataBag.validate_name!(bag.to_s)
14
+ SecureDataBag::Item.validate_id!(item)
15
+ SecureDataBag::Item.load(bag, item)
16
+ rescue Exception
17
+ Chef::Log.error("Failed to load secure data bag item: #{bag.inspect} #{item.inspect}")
18
+ raise
19
+ end
20
+ end
21
+
22
+ def secure_data_bag_item!(item, fields=[])
23
+ secure = SecureDataBag::Item.from_item item
24
+ secure.encoded_fields.concat(Array(fields))
25
+ secure
26
+ end
27
+ end
28
+ end
29
+ end
30
+
31
+
@@ -107,7 +107,7 @@ module SecureDataBag
107
107
  def decode_hash(hash)
108
108
  hash.each do |k,v|
109
109
  v = if encoded_value?(v)
110
- encoded_fields encoded_fields << k
110
+ encoded_fields(encoded_fields + [k])
111
111
  decode_value(v)
112
112
  elsif v.is_a?(Hash)
113
113
  decode_hash(v)
@@ -1,5 +1,5 @@
1
1
 
2
2
  module SecureDataBag
3
- VERSION = "2.1.2"
3
+ VERSION = "2.2.0"
4
4
  end
5
5
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure_data_bag
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.2
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonathan Serafini
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-01 00:00:00.000000000 Z
11
+ date: 2016-03-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef
@@ -87,7 +87,8 @@ files:
87
87
  - lib/chef/knife/secure_bag_from_file.rb
88
88
  - lib/chef/knife/secure_bag_show.rb
89
89
  - lib/secure_data_bag.rb
90
- - lib/secure_data_bag/secure_data_bag_item.rb
90
+ - lib/secure_data_bag/dsl/data_query.rb
91
+ - lib/secure_data_bag/item.rb
91
92
  - lib/secure_data_bag/version.rb
92
93
  - secure_data_bag.gemspec
93
94
  - spec/item_spec.rb
@@ -112,11 +113,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
112
113
  version: '0'
113
114
  requirements: []
114
115
  rubyforge_project:
115
- rubygems_version: 2.4.5
116
+ rubygems_version: 2.4.5.1
116
117
  signing_key:
117
118
  specification_version: 4
118
119
  summary: Per-field data bag item encryption
119
120
  test_files:
120
121
  - spec/item_spec.rb
121
122
  - spec/spec_helper.rb
122
- has_rdoc: