Class: Veil::CredentialCollection::ChefSecretsFile

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 25

def initialize(opts = {})
  @path = (opts[:path] && File.expand_path(opts[:path])) || "/etc/opscode/private-chef-secrets.json"

  import_existing = File.exists?(path) && (File.size(path) != 0)
  legacy = true

  if import_existing
    begin
      hash = JSON.parse(IO.read(path), symbolize_names: true)
    rescue JSON::ParserError, Errno::ENOENT => e
      raise InvalidCredentialCollectionFile.new("#{path} is not a valid credentials file:\n #{e.message}")
    end

    if hash.key?(:veil) && hash[:veil][:type] == "Veil::CredentialCollection::ChefSecretsFile"
      opts = Veil::Utils.symbolize_keys(hash[:veil]).merge(opts)
      legacy = false
    end
  end

  @user    = opts[:user]
  @group   = opts[:group] || @user
  @version = opts[:version] || 1
  super(opts)

  import_legacy_credentials(hash) if import_existing && legacy
end

Instance Attribute Details

#group ⇒ `Object` (readonly)

Returns the value of attribute group.



19
20
21

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 19

def group
  @group
end

#path ⇒ `Object`

Returns the value of attribute path.



19
20
21

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 19

def path
  @path
end

#user ⇒ `Object` (readonly)

Returns the value of attribute user.



19
20
21

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 19

def user
  @user
end

Class Method Details

.from_file(path, opts = {}) ⇒ `Object`

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 10

def from_file(path, opts = {})
  unless File.exists?(path)
    raise InvalidCredentialCollectionFile.new("#{path} does not exist")
  end

  new(opts.merge(path: path))
end

Instance Method Details

#import_legacy_credentials(hash) ⇒ `Object`

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 91

def import_legacy_credentials(hash)
  hash.each do |namespace, creds_hash|
    credentials[namespace.to_s] ||= Hash.new
    creds_hash.each do |cred, value|
      credentials[namespace.to_s][cred.to_s] = Veil::Credential.new(
        name: cred.to_s,
        value: value,
        length: value.length
      )
    end
  end
end

#legacy_credentials_hash ⇒ `Object`

Return the credentials in a legacy chef secrets hash

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 80

def legacy_credentials_hash
  hash = Hash.new

  to_h[:credentials].each do |namespace, creds|
    hash[namespace] = {}
    creds.each { |name, cred| hash[namespace][name] = cred[:value] }
  end

  hash
end

#save ⇒ `Object`

Save the CredentialCollection to file

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 61

def save
  FileUtils.mkdir_p(File.dirname(path)) unless File.directory?(File.dirname(path))

  f = Tempfile.new("veil") # defaults to mode 0600
  FileUtils.chown(user, group, f.path) if user
  f.puts(JSON.pretty_generate(secrets_hash))
  f.flush
  f.close

  FileUtils.mv(f.path, path)
  true
end

#secrets_hash ⇒ `Object`

Return the instance as a secrets style hash



75
76
77

# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 75

def secrets_hash
  { "veil" => to_h }.merge(legacy_credentials_hash)
end

Class: Veil::CredentialCollection::ChefSecretsFile

Instance Attribute Summary collapse

Attributes inherited from Base

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Base

Constructor Details

#initialize(opts = {}) ⇒ ChefSecretsFile

Instance Attribute Details

#group ⇒ Object (readonly)

#path ⇒ Object

#user ⇒ Object (readonly)

Class Method Details

.from_file(path, opts = {}) ⇒ Object

Instance Method Details

#import_legacy_credentials(hash) ⇒ Object

#legacy_credentials_hash ⇒ Object

#save ⇒ Object

#secrets_hash ⇒ Object

#initialize(opts = {}) ⇒ `ChefSecretsFile`