Class: Chef::Knife::Core::EncryptedAttributeBase

Inherits:

Chef::Knife

• Object
• Chef::Knife
• Chef::Knife::Core::EncryptedAttributeBase

Defined in:

lib/chef/knife/core/encrypted_attribute_base.rb

Overview

knife encrypted attribute commands base class.

All encrypted attribute knife commands inherit some common method from this class.

Direct Known Subclasses

EncryptedAttributeCreate, EncryptedAttributeDelete, EncryptedAttributeEdit, EncryptedAttributeShow, EncryptedAttributeUpdate

Instance Method Summary

• #assert_attribute_does_not_exist(node_name, attr_ary) ⇒ Object

  Asserts that an encrypted attribute does not exist.

• #assert_attribute_exists(node_name, attr_ary) ⇒ Object

  Asserts that an encrypted attribute exists.

• #assert_attribute_readable(node_name, attr_ary) ⇒ Object

  Asserts that I can decrypt an encrypted attribute from a remote node.

• #assert_valid_args ⇒ Object

  Asserts that the arguments are valid.

• #attribute_path_to_ary(str, delim = '.', escape = '\\') ⇒ Array<String>

  Parses an array path in or escaped string notation.

• #attribute_path_to_ary_read_escape(str, i, delim) ⇒ String private

  Parses the escape character from an array path string.

• #die(msg) ⇒ Object

  Prints a fatal error and exits without success.

• #option_assert(option, msg) ⇒ Object

  Asserts that the option value is not nil.

• #parse_args ⇒ Object

  Parses knife arguments.

Instance Method Details

#assert_attribute_does_not_exist(node_name, attr_ary) ⇒ Object

Asserts that an encrypted attribute does not exist.

Exits with error if the attribute exist.

Parameters:

• node_name (String) —

  Chef node name.

• attr_ary (Array<String>) —

  node attribute path as Array.

Returns:

• void

Raises:

• (ArgumentError) —

  if the attribute path format is wrong.

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 73

def assert_attribute_does_not_exist(node_name, attr_ary)
  return unless
    Chef::EncryptedAttribute.exist_on_node?(node_name, attr_ary)
  die('Encrypted attribute already exists')
end

#assert_attribute_exists(node_name, attr_ary) ⇒ Object

Asserts that an encrypted attribute exists.

Exits with error if the attribute does no exist.

Parameters:

• node_name (String) —

  Chef node name.

• attr_ary (Array<String>) —

  node attribute path as Array.

Returns:

• void

Raises:

• (ArgumentError) —

  if the attribute path format is wrong.

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 60

def assert_attribute_exists(node_name, attr_ary)
  return if Chef::EncryptedAttribute.exist_on_node?(node_name, attr_ary)
  die('Encrypted attribute not found')
end

#assert_attribute_readable(node_name, attr_ary) ⇒ Object

Asserts that I can decrypt an encrypted attribute from a remote node.

Exists with an error if the attribute cannot be decrypted.

Parameters:

• node_name (String) —

  Chef node name.

• attr_ary (Array<String>) —

  node attribute path as Array.

Returns:

• void

Raises:

• (ArgumentError) —

  if the attribute path format is wrong.

• (UnacceptableEncryptedAttributeFormat) —

  if encrypted attribute format is wrong.

• (UnsupportedEncryptedAttributeFormat) —

  if encrypted attribute format is not supported or unknown.

• (SearchFailure) —

  if there is a Chef search error.

• (SearchFatalError) —

  if the Chef search response is wrong.

• (InvalidSearchKeys) —

  if search keys structure is wrong.

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 121

def assert_attribute_readable(node_name, attr_ary)
  # try to read the attribute
  Chef::EncryptedAttribute.load_from_node(node_name, attr_ary)
end

#assert_valid_args ⇒ Object

Asserts that the arguments are valid.

Exits with error if arguments are wrong.

Returns:

• void

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 102

def assert_valid_args
  # nop
end

#attribute_path_to_ary(str, delim = '.', escape = '\\') ⇒ Array<String>

Parses an array path in or escaped string notation.

Literal delimiter values can be escaped using the escape character.

Uses dot notation by default, using '.' as delimiter and '\' as escape character.

For example, for 'encrypted.attr\.ibute' will return %w(encrypted attr.ibute).

Parameters:

• str (String) —

  array path in dot notation.

• delim (String) (defaults to: '.') —

  delimiter used for string notation.

• escape (String) (defaults to: '\\') —

  escape character to use.

Returns:

• (Array<String>) —

  attribute path as array.

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 156

def attribute_path_to_ary(str, delim = '.', escape = '\\')
  # cool, but doesn't work for some edge cases
  # return str.scan(/(?:[^.\\]|\\.)+/).map {|x| x.gsub('\\.', '.') }
  result = []
  current = ''
  i = 0
  until str[i].nil?
    if str[i] == escape
      current << attribute_path_to_ary_read_escape(str, i, delim)
      i += 1 # skip the next char
    elsif str[i] == delim
      result << current
      current = ''
    else
      current << str[i]
    end
    i += 1
  end
  result << current
end

#attribute_path_to_ary_read_escape(str, i, delim) ⇒ String

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Parses the escape character from an array path string.

see #attribute_path_to_ary

Parameters:

• str (String) —

  the full string to parse.

• i (String) —

  string position that contains the escape character.

• delim (String) —

  delimiter used for string notation.

Returns:

• (String) —

  the character unscaped.

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 134

def attribute_path_to_ary_read_escape(str, i, delim)
  if str[i + 1] == delim
    str[i + 1]
  else
    str[i] + (str[i + 1].nil? ? '' : str[i + 1])
  end
end

#die(msg) ⇒ Object

Prints a fatal error and exits without success.

Parameters:

• msg (String) —

  message to print.

Returns:

• void

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 34

def die(msg)
  ui.fatal(msg)
  exit 1
end

#option_assert(option, msg) ⇒ Object

Asserts that the option value is not nil.

Shows usage and exists if nil.

Parameters:

• option (Mixed) —

  value to check.

• msg (String) —

  error message to print in case value is nil.

Returns:

• void

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 46

def option_assert(option, msg)
  return unless option.nil?
  show_usage
  die(msg)
end

#parse_args ⇒ Object

Parses knife arguments.

Exits with error if the arguments are wrong.

Returns:

• void

See Also:

• #assert_valid_args

# File 'lib/chef/knife/core/encrypted_attribute_base.rb', line 85

def parse_args
  @node_name = @name_args[0]
  @attr_path = @name_args[1]
  option_assert(@node_name, 'You must specify a node name')
  option_assert(
    @attr_path, 'You must specify an encrypted attribute name'
  )
  @attr_ary = attribute_path_to_ary(@attr_path)

  assert_valid_args
end