Class: Match::Encrypt

Inherits:
Object
  • Object
show all
Defined in:
match/lib/match/encrypt.rb

Instance Method Summary collapse

Instance Method Details

#clear_password(git_url) ⇒ Object

removes the password from the keychain again



45
46
47
 
# File 'match/lib/match/encrypt.rb', line 45

def clear_password(git_url)
  Security::InternetPassword.delete(server: server_name(git_url))
end

#decrypt_repo(path: nil, git_url: nil, manual_password: nil) ⇒ Object 



58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'match/lib/match/encrypt.rb', line 58

def decrypt_repo(path: nil, git_url: nil, manual_password: nil)
  iterate(path) do |current|
    begin
      decrypt(path: current,
        password: manual_password || password(git_url))
    rescue
      UI.error("Couldn't decrypt the repo, please make sure you enter the right password!")
      UI.user_error!("Invalid password passed via 'MATCH_PASSWORD'") if ENV["MATCH_PASSWORD"]
      clear_password(git_url)
      decrypt_repo(path: path, git_url: git_url)
      return
    end
    UI.success("🔓  Decrypted '#{File.basename(current)}'") if FastlaneCore::Globals.verbose?
  end
  UI.success("🔓  Successfully decrypted certificates repo")
end

#encrypt_repo(path: nil, git_url: nil) ⇒ Object 



49
50
51
52
53
54
55
56
 
# File 'match/lib/match/encrypt.rb', line 49

def encrypt_repo(path: nil, git_url: nil)
  iterate(path) do |current|
    encrypt(path: current,
      password: password(git_url))
    UI.success("🔒  Encrypted '#{File.basename(current)}'") if FastlaneCore::Globals.verbose?
  end
  UI.success("🔒  Successfully encrypted certificates repo")
end

#password(git_url) ⇒ Object 



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'match/lib/match/encrypt.rb', line 16

def password(git_url)
  password = ENV["MATCH_PASSWORD"]
  unless password
    item = Security::InternetPassword.find(server: server_name(git_url))
    password = item.password if item
  end

  unless password
    if !UI.interactive?
      UI.error("Neither the MATCH_PASSWORD environment variable nor the local keychain contained a password.")
      UI.error("Bailing out instead of asking for a password, since this is non-interactive mode.")
      UI.user_error!("Try setting the MATCH_PASSWORD environment variable, or temporarily enable interactive mode to store a password.")
    else
      UI.important("Enter the passphrase that should be used to encrypt/decrypt your certificates")
      UI.important("This passphrase is specific per repository and will be stored in your local keychain")
      UI.important("Make sure to remember the password, as you'll need it when you run match on a different machine")
      password = ChangePassword.ask_password(confirm: true)
      store_password(git_url, password)
    end
  end

  return password
end

#server_name(git_url) ⇒ Object 



12
13
14
 
# File 'match/lib/match/encrypt.rb', line 12

def server_name(git_url)
  ["match", git_url].join("_")
end

#store_password(git_url, password) ⇒ Object 



40
41
42
 
# File 'match/lib/match/encrypt.rb', line 40

def store_password(git_url, password)
  Security::InternetPassword.add(server_name(git_url), "", password)
end