Class: Secretmgr::Secretmgr

Inherits:

Object

• Object
• Secretmgr::Secretmgr

Defined in:

lib/secretmgr/secretmgr.rb

Overview

秘匿情報マネージャ

Constant Summary

JSON_FILE_DIR =

"JSON_FILE"

SETTING_KEY =

"key"

SETTING_IV =

"iv"

FORMAT_JSON =

"JSON_FILE"

FORMAT_YAML =

"YAML"

YML =

"yml"

DEFAULT_PRIVATE_KEYFILE =

".ssh/id_rsa"

DEFAULT_PUBLIC_KEYFILE =

".ssh/id_rsa.pub"

Instance Attribute Summary

• #decrypted_text ⇒ Object readonly

  Returns the value of attribute decrypted_text.

• #secret ⇒ Object readonly

  Returns the value of attribute secret.

Class Method Summary

• .log_init(log_level) ⇒ Object
• .reset_init_count ⇒ Object

Instance Method Summary

• #create_private_key(private_keyfile_pn) ⇒ Object
• #create_public_key(public_keyfile_pn) ⇒ Object
• #initialize(seting, secret_dir_pn, secret_key_dir_pn, ope, public_keyfile_pn: nil, private_keyfile_pn: nil) ⇒ Secretmgr constructor

  A new instance of Secretmgr.

• #load ⇒ Object
• #load_and_decrypt ⇒ Object
• #load_setting ⇒ Object
• #make(_target, _sub_target) ⇒ Object
• #output_private_key(private_keyfile_pn) ⇒ Object
• #output_public_key(public_keyfile_pn) ⇒ Object
• #remove_last_extension(pathn) ⇒ Object
• #set_setting_for_encrypted(encrypted_setting_file_pn, encrypted_secret_file_pn) ⇒ Object
• #set_setting_for_plain(plain_setting_file_pn, plain_secret_file_pn) ⇒ Object
• #set_setting_for_query(*dirs) ⇒ Object
• #setup ⇒ Object
• #setup_secret ⇒ Object
• #setup_secret_for_json_file ⇒ Object
• #setup_setting ⇒ Object
• #valid? ⇒ Boolean
• #valid_pathname(path, default_path) ⇒ Object
• #valid_private_keyfile(path, default_path = DEFAULT_PRIVATE_KEYFILE) ⇒ Object
• #valid_public_keyfile(path, default_path = DEFAULT_PUBLIC_KEYFILE) ⇒ Object

Constructor Details

#initialize(seting, secret_dir_pn, secret_key_dir_pn, ope, public_keyfile_pn: nil, private_keyfile_pn: nil) ⇒ Secretmgr

Returns a new instance of Secretmgr.

# File 'lib/secretmgr/secretmgr.rb', line 39

def initialize(seting, secret_dir_pn, secret_key_dir_pn, ope,
               public_keyfile_pn: nil, private_keyfile_pn: nil)
  log_level = :info
  # log_level = :debug
  Secretmgr.log_init(log_level)

  @setting = seting
  home_pn = Pathname.new(Dir.home)
  secret_dir_pn = Pathname.new(secret_dir_pn) unless secret_dir_pn.instance_of?(Pathname)
  secret_key_dir_pn = Pathname.new(secret_key_dir_pn) unless secret_key_dir_pn.instance_of?(Pathname)
  secret_key_dir_pn.mkdir unless secret_key_dir_pn.exist?
  default_public_keyfile_pn = secret_key_dir_pn + "id_rsa.pub"
  default_private_keyfile_pn = secret_key_dir_pn + "id_rsa"
  public_keyfile_pn = Pathname.new(public_keyfile_pn) if public_keyfile_pn
  private_keyfile_pn = Pathname.new(private_keyfile_pn) if private_keyfile_pn

  @secret = Secret.new(@setting, home_pn, secret_dir_pn, ope,
                       default_public_keyfile_pn,
                       default_private_keyfile_pn,
                       public_keyfile_pn: public_keyfile_pn,
                       private_keyfile_pn: private_keyfile_pn)
end

Instance Attribute Details

#decrypted_text ⇒ Object (readonly)

Returns the value of attribute decrypted_text.

# File 'lib/secretmgr/secretmgr.rb', line 9

def decrypted_text
  @decrypted_text
end

#secret ⇒ Object (readonly)

Returns the value of attribute secret.

# File 'lib/secretmgr/secretmgr.rb', line 9

def secret
  @secret
end

Class Method Details

.log_init(log_level) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 26

def log_init(log_level)
  return unless @log_level.nil?

  @log_level = log_level
  Loggerxs.init("log_", "log.txt", ".", true, log_level) if @init_count.zero?
  @init_count += 1
end

.reset_init_count ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 34

def reset_init_count
  @init_count = 0
end

Instance Method Details

#create_private_key(private_keyfile_pn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 80

def create_private_key(private_keyfile_pn)
  @secret.create_private_key(private_keyfile_pn)
end

#create_public_key(public_keyfile_pn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 72

def create_public_key(public_keyfile_pn)
  @secret.create_public_key(public_keyfile_pn)
end

#load ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 214

def load
  load_setting
  load_and_decrypt
end

#load_and_decrypt ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 190

def load_and_decrypt
  Loggerxs.debug("@encrypted_secret_file_pn=#{@encrypted_secret_file_pn}")
  base64_text = File.read(@encrypted_secret_file_pn)
  encrypted_content = Base64.decode64(base64_text)
  begin
    @decrpyted_content = @secret.decrypt_with_common_key(encrypted_content, @key, @iv)
    @content = case @file_format
               when FORMAT_JSON
                 @decrpyted_content
               when FORMAT_YAML
                 @secret_content = YAML.safe_load(@decrpyted_content)
                 @sub_target ? @secret_content[@target][@sub_target] : @secret_content[@target]
               else
                 ""
               end
  rescue StandardError => e
    Loggerxs.error e
    Loggerxs.error e.message
    Loggerxs.error e.backtrace
    Loggerxs.error "Can't dencrypt #{@encrypted_setting_file_pn}"
  end
  @content
end

#load_setting ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 178

def load_setting
  Loggerxs.debug "load_setting @encrypted_setting_file_pn=#{@encrypted_setting_file_pn}"
  encrypted_text = File.read(@encrypted_setting_file_pn)
  Loggerxs.debug "load_setting encrypted_text=#{encrypted_text}"
  decrypted_text = @secret.decrypt_with_private_key(encrypted_text)
  setting = YAML.safe_load(decrypted_text)
  @key = setting[SETTING_KEY]
  Loggerxs.debug "load_setting @key=#{@key}"
  @iv = setting[SETTING_IV]
  Loggerxs.debug "load_setting @iv=#{@iv}"
end

#make(_target, _sub_target) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 219

def make(_target, _sub_target)
  case @file_format
  when FORMAT_JSON
    @content
  when FORMAT_YAML
    @content.map do |item|
      %(export #{item[0]}=#{item[1]})
    end.flatten
  else
    ""
  end
end

#output_private_key(private_keyfile_pn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 76

def output_private_key(private_keyfile_pn)
  @secret.output_private_key(private_keyfile_pn)
end

#output_public_key(public_keyfile_pn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 68

def output_public_key(public_keyfile_pn)
  @secret.output_public_key(public_keyfile_pn)
end

#remove_last_extension(pathn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 145

def remove_last_extension(pathn)
  parent = pathn.parent
  basename = pathn.basename
  ext = basename.extname
  base = basename.basename(ext)
  parent + base
end

#set_setting_for_encrypted(encrypted_setting_file_pn, encrypted_secret_file_pn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 94

def set_setting_for_encrypted(encrypted_setting_file_pn, encrypted_secret_file_pn)
  @encrypted_setting_file_pn = Pathname.new(encrypted_setting_file_pn)
  @encrypted_secret_file_pn = Pathname.new(encrypted_secret_file_pn)
end

#set_setting_for_plain(plain_setting_file_pn, plain_secret_file_pn) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 84

def set_setting_for_plain(plain_setting_file_pn, plain_secret_file_pn)
  @plain_setting_file_pn = Pathname.new(@plain_setting_file_pn) if @plain_setting_file_pn
  @plain_setting_file_pn ||= Pathname.new(plain_setting_file_pn)
  @plain_secret_file_pn = Pathname.new(@plain_secret_file_pn) if @plain_secret_file_pn
  @plain_secret_file_pn ||= Pathname.new(plain_secret_file_pn)
  @plain_dir_pn = @plain_setting_file_pn.parent
  @encrypted_setting_file_pn = @secret.encrypted_setting_file_pn
  @encrypted_secret_file_pn = @secret.encrypted_secret_file_pn
end

#set_setting_for_query(*dirs) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 166

def set_setting_for_query(*dirs)
  @valid_dirs = dirs.flatten.compact
  @target, @sub_target, _tmp = @valid_dirs
  # p "@valid_dirs=#{@valid_dirs}"
  @file_format = @secret.file_format(@target, @sub_target)
  Loggerxs.debug "@secret_dir_pn=#{@secret_dir_pn}"
  Loggerxs.debug "dirs=#{dirs}"
  Loggerxs.debug "@encrypted_secret_file_pn=#{@encrypted_secret_file_pn}"

  @encrypted_secret_file_pn = @secret.get_file_path(dirs)
end

#setup ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 99

def setup
  # p "###### setup_setting"
  setup_setting
  # p "###### setup_secret"
  setup_secret
  # p "###### setup_secret_for_json_file"
  setup_secret_for_json_file
end

#setup_secret ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 134

def setup_secret
  plaintext = File.read(@plain_secret_file_pn)
  # puts "setup_secret @setting=#{@setting}"
  encrypted_text = @secret.encrypt_with_common_key(plaintext,
                                                   @setting[SETTING_KEY],
                                                   @setting[SETTING_IV])
  dest_secret_file_pn = @secret.make_pair_file_pn(@plain_secret_file_pn, YML)
  Loggerxs.debug "setup_secret dest_secret_file_pn=#{dest_secret_file_pn}"
  File.write(dest_secret_file_pn, encrypted_text)
end

#setup_secret_for_json_file ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 153

def setup_secret_for_json_file
  top_pn = @plain_dir_pn + JSON_FILE_DIR
  top_pn.find do |x|
    next if x.directory?

    relative_path = x.relative_path_from(@plain_dir_pn)
    new_relative_path = remove_last_extension(relative_path)
    Loggerxs.debug("################ relative_path=#{relative_path}")
    Loggerxs.debug("################ new_relative_path=#{new_relative_path}")
    @secret.encrypt_and_copy(x, new_relative_path, @setting[SETTING_KEY], @setting[SETTING_IV])
  end
end

#setup_setting ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 108

def setup_setting
  content = File.read(@plain_setting_file_pn)
  # p "setup_setting content.size=#{content.size}"
  # p "setup_setting content=#{content}"

  @setting = YAML.safe_load(content)
  # p "setup_setting @setting=#{@setting}"

  Loggerxs.debug @setting
  # pp "@setting=#{@setting}"
  # puts "setup_setting    @setting=#{@setting}"
  encrypted_text = @secret.encrypt_with_public_key(content)
  # puts "setup_setting encrypted_text.size=#{encrypted_text.size}"
  # puts "setup_setting encrypted_text=#{encrypted_text}"
  #
  @secret.decrypt_with_private_key(encrypted_text)
  # puts "setup_setting decrypted_text=#{decrypted_text}"
  # puts "setup_setting decrypted_text.size=#{decrypted_text.size}"

  dest_setting_file_pn = @secret.make_pair_file_pn(@plain_setting_file_pn, YML)

  Loggerxs.debug "setup_setting dest_setting_file_pn=#{dest_setting_file_pn}"
  File.write(dest_setting_file_pn, encrypted_text)
  # p "dest_setting_file_pn=#{dest_setting_file_pn}"
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/secretmgr/secretmgr.rb', line 62

def valid?
  @secret.valid
  # Loggerxs.debug "1 ret=#{ret}"
  # p  "2 ret=#{ret}"
end

#valid_pathname(path, default_path) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 240

def valid_pathname(path, default_path)
  pathn = path
  pathn = Pathname.new(Dir.home) + default_path if Util.nil_or_dontexist?(path)
  pathn = nil if Util.nil_or_dontexist?(pathn)
  pathn
end

#valid_private_keyfile(path, default_path = DEFAULT_PRIVATE_KEYFILE) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 232

def valid_private_keyfile(path, default_path = DEFAULT_PRIVATE_KEYFILE)
  valid_pathname(path, default_path)
end

#valid_public_keyfile(path, default_path = DEFAULT_PUBLIC_KEYFILE) ⇒ Object

# File 'lib/secretmgr/secretmgr.rb', line 236

def valid_public_keyfile(path, default_path = DEFAULT_PUBLIC_KEYFILE)
  valid_pathname(path, default_path)
end