Class: Chef::Knife::HitoriDataBagEnc

Inherits:
Chef::Knife show all
Includes:
HitoriBase
Defined in:
lib/chef/knife/hitori_data_bag_enc.rb

Instance Method Summary collapse

Methods included from HitoriBase

#update_environment

Instance Method Details

#check_data(data) ⇒ Object 



40
41
42
43
44
45
46
 
# File 'lib/chef/knife/hitori_data_bag_enc.rb', line 40

def check_data(data)
  unless data['id'] == config[:item]
    ui.error ui.color(%Q|ITEM=#{config[:item]} must have {"id": "#{config[:item]}"}, but #{config[:json_file]} does not.|)
    return false
  end
  return true
end

#create_data_bagObject 



27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'lib/chef/knife/hitori_data_bag_enc.rb', line 27

def create_data_bag
  data_bag_path = Chef::Config[:data_bag_path]
  secret = Chef::EncryptedDataBagItem.load_secret(secret_file_path)
  data = JSON.parse(File.read(config[:json_file]))
  exit 1 unless check_data(data)
  encrypted_data = Chef::EncryptedDataBagItem.encrypt_data_bag_item(data, secret)
  bag_dir = "#{data_bag_path}/#{config[:bag]}"
  FileUtils.mkpath(bag_dir)
  write_path = "#{bag_dir}/#{config[:item]}.json"
  File.write(write_path, encrypted_data.to_json)
  ui.info ui.color("Created encrypted data bag item at #{write_path}", :green)
end

#runObject 



19
20
21
22
23
24
25
 
# File 'lib/chef/knife/hitori_data_bag_enc.rb', line 19

def run
  update_environment(config[:environment]) if config[:environment]
  config[:bag], config[:item] = @name_args
  exit 1 unless validate

  create_data_bag
end

#secret_file_pathObject 



48
49
50
 
# File 'lib/chef/knife/hitori_data_bag_enc.rb', line 48

def secret_file_path
  config[:secret_file] || Chef::Config[:encrypted_data_bag_secret]
end

#validateObject 



52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/chef/knife/hitori_data_bag_enc.rb', line 52

def validate
  if config[:bag].nil? || config[:item].nil?
    ui.error('Please specify BAG and ITEM')
    return false
  end

  if config[:json_file].nil?
    ui.error('You have not provided a json file for encryption')
    return false
  end

  unless secret_file_path
    ui.error('Please specify EncryptKey by Chef Config "encrypted_data_bag_secret" or --secret-file')
    return false
  end

  return true
end