Class: Sanctum::Command::Check

Inherits:
Base
  • Object
show all
Defined in:
lib/sanctum/command/check.rb

Instance Attribute Summary

Attributes inherited from Base

#args, #config_file, #options, #targets, #transit_key

Instance Method Summary collapse

Methods inherited from Base

#initialize, #vault_client

Methods included from PathsHelper

#build_path, #get_local_paths, #join_path, #read_local_files

Methods included from EditorHelper

#decrypt_data, #secure_erase, #validate, #validate_json, #validate_yaml, #write_encrypted_data, #write_random_data

Methods included from Sanctum::Colorizer

#blue, #colorize, colorize=, colorize?, #green, #light_blue, #pink, #red, #yellow

Methods included from DiffHelper

#compare_secrets, #confirmed_with_user?, #hash_diff, #only_changes

Constructor Details

This class inherits a constructor from Sanctum::Command::Base

Instance Method Details

#runObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/sanctum/command/check.rb', line 5

def run
  targets.each do |target|
    # Recursively get local files for each prefix specified in sanctum.yaml
    local_paths = get_local_paths(File.join(File.dirname(config_file), target[:path]))
    # Read each file
    local_secrets = read_local_files(local_paths)
    # Decrypt each secret
    local_secrets = VaultTransit.decrypt(vault_client, local_secrets, transit_key)

    # Recursively get vault secrets for each prefix specified in sanctum.yaml
    secrets_list = VaultSecrets.new(vault_client, target[:prefix]).get

    # Only one entry in this hash (which will be the target).
    tree = secrets_list.values.first
    # Build local paths based on prefix and paths specified in sanctum.yaml
    vault_secrets = build_path(tree, [target[:path]])
    # Join the path array to create a path
    vault_secrets = join_path(vault_secrets, config_file)
    compare_secrets(vault_secrets, local_secrets, target[:name])
  end
end