yaml_recrypt 0.1.7 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/yaml_recrypt.rb +21 -10
- data/lib/yaml_recrypt/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 993dd38106efacbb1c8c4731530e26c1371e54f8
|
|
4
|
+
data.tar.gz: 49b122c98081b5652a28d04bc25804e99140fb9b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 590e02f006361e4615faa34f2ae5d2ee006d8a2449412478f6395a974c470096d431c4d4a24ac930acc1e819695e2275a361d329a245d1046902d7a150dfb94a
|
|
7
|
+
data.tar.gz: 29be00a39d71597ded0cd1f20c2090ad278b0cb750a256b9b4983a90765ac26ee0bb787f83227aaf37717e238a70326b59d9b2329d0c6512f6c2f2ea07fd531f
|
data/README.md
CHANGED
|
@@ -50,6 +50,13 @@ A conversion workflow should look something like this:
|
|
|
50
50
|
5. Check results and commit changed data back to git
|
|
51
51
|
6. When happy with conversion results, don't forget to remove the old GPG keychain files from your system - it's a security risk, to leave they lying around
|
|
52
52
|
|
|
53
|
+
## Cleaning up the `.orig` files
|
|
54
|
+
`yaml_recrypt` will create a `.orig` file for every file it changes "just in case" (TM). Once your happy everything worked correctly, the following command will delete them all from the current directory downwards:
|
|
55
|
+
|
|
56
|
+
```shell
|
|
57
|
+
find . -name '*.orig' -exec rm {} \;
|
|
58
|
+
```
|
|
59
|
+
|
|
53
60
|
## Development and Contributing
|
|
54
61
|
There are a few additional things this codebase could be extended to cover if there's interest:
|
|
55
62
|
* hiera-gpg (whole file encrypted) to hiera-eyaml
|
data/lib/yaml_recrypt.rb
CHANGED
|
@@ -22,7 +22,8 @@ module YamlRecrypt
|
|
|
22
22
|
Escort::Logger.output.puts "Processing #{filename}"
|
|
23
23
|
|
|
24
24
|
# load the yaml into a hash
|
|
25
|
-
|
|
25
|
+
raw_data = File.open(filename, 'r') { |f| f.read }
|
|
26
|
+
hash_wip = YAML.load(raw_data)
|
|
26
27
|
|
|
27
28
|
# descend every key until a string (or terminal) is reached
|
|
28
29
|
replaced, converted = descend(gpg_home, eyaml_pub_key, hash_wip)
|
|
@@ -78,18 +79,28 @@ module YamlRecrypt
|
|
|
78
79
|
|
|
79
80
|
def self.process_value(value, gpg_home, eyaml_pub_key)
|
|
80
81
|
changed = 0
|
|
82
|
+
|
|
83
|
+
# fix ascii text blocks that have been corrupted by extra newlines
|
|
84
|
+
|
|
85
|
+
#end
|
|
81
86
|
if value.class == String and ! value.empty?
|
|
82
87
|
split = value.split("\n")
|
|
83
88
|
|
|
84
|
-
#
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
89
|
+
# scan the entire block looking for the magic marker to fix variable
|
|
90
|
+
# leading whitespace breaking detection
|
|
91
|
+
gpg_value = false
|
|
92
|
+
i = 0
|
|
93
|
+
while ! gpg_value and i < split.size
|
|
94
|
+
if split[i].strip == GPG_MAGIC
|
|
95
|
+
gpg_value = true
|
|
96
|
+
elsif split[i] =~ /[^\s]+/
|
|
97
|
+
# we found non-whitespace before our magic marker, this isn't GPG data
|
|
98
|
+
# so break out of the loop
|
|
99
|
+
i = split.size
|
|
100
|
+
end
|
|
101
|
+
i += 1
|
|
102
|
+
end
|
|
103
|
+
if gpg_value
|
|
93
104
|
value = recrypt(value, gpg_home, eyaml_pub_key)
|
|
94
105
|
changed = 1
|
|
95
106
|
end
|
data/lib/yaml_recrypt/version.rb
CHANGED