Class: Veil::CredentialCollection::ChefSecretsFile
- Defined in:
- lib/veil/credential_collection/chef_secrets_file.rb
Constant Summary collapse
- CURRENT_VERSION =
2.freeze
Instance Attribute Summary collapse
-
#group ⇒ Object
readonly
Returns the value of attribute group.
-
#key ⇒ Object
readonly
Returns the value of attribute key.
-
#path ⇒ Object
Returns the value of attribute path.
-
#user ⇒ Object
readonly
Returns the value of attribute user.
Attributes inherited from Base
#credentials, #decryptor, #encryptor, #hasher, #version
Class Method Summary collapse
Instance Method Summary collapse
- #existing ⇒ Object
-
#initialize(opts = {}) ⇒ ChefSecretsFile
constructor
Create a new ChefSecretsFile.
-
#save ⇒ Object
Save the CredentialCollection to file, encrypt it.
-
#secrets_hash ⇒ Object
Return the instance as a secrets style hash.
Methods inherited from Base
#add, #add_from_file, create, #credentials_as_hash, #credentials_for_export, #exist?, #get, #remove, #rotate, #rotate_credentials, #rotate_hasher, #to_hash
Constructor Details
#initialize(opts = {}) ⇒ ChefSecretsFile
Create a new ChefSecretsFile
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 27 def initialize(opts = {}) @path = (opts[:path] && File.(opts[:path])) || "/etc/opscode/private-chef-secrets.json" import_existing = File.exists?(path) && (File.size(path) != 0) legacy = true if import_existing begin hash = JSON.parse(IO.read(path), symbolize_names: true) rescue JSON::ParserError, Errno::ENOENT => e raise InvalidCredentialCollectionFile.new("#{path} is not a valid credentials file:\n #{e.}") end if hash.key?(:veil) && hash[:veil][:type] == "Veil::CredentialCollection::ChefSecretsFile" opts = Veil::Utils.symbolize_keys(hash[:veil]).merge(opts) legacy = false end end @user = opts[:user] @group = opts[:group] || @user opts[:version] = CURRENT_VERSION super(opts) import_credentials_hash(hash) if import_existing && legacy end |
Instance Attribute Details
#group ⇒ Object (readonly)
Returns the value of attribute group.
21 22 23 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 21 def group @group end |
#key ⇒ Object (readonly)
Returns the value of attribute key.
21 22 23 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 21 def key @key end |
#path ⇒ Object
Returns the value of attribute path.
21 22 23 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 21 def path @path end |
#user ⇒ Object (readonly)
Returns the value of attribute user.
21 22 23 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 21 def user @user end |
Class Method Details
.from_file(path, opts = {}) ⇒ Object
10 11 12 13 14 15 16 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 10 def from_file(path, opts = {}) unless File.exists?(path) raise InvalidCredentialCollectionFile.new("#{path} does not exist") end new(opts.merge(path: path)) end |
Instance Method Details
#existing ⇒ Object
87 88 89 90 91 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 87 def existing @existing ||= File.stat(path) rescue Errno::ENOENT nil end |
#save ⇒ Object
Save the CredentialCollection to file, encrypt it
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 63 def save FileUtils.mkdir_p(File.dirname(path)) f = Tempfile.new("veil") # defaults to mode 0600 if existing @user ||= existing.uid @group ||= existing.gid end FileUtils.chown(user, group, f.path) if user f.puts(JSON.pretty_generate(secrets_hash)) f.flush f.close FileUtils.mv(f.path, path) true end |
#secrets_hash ⇒ Object
Return the instance as a secrets style hash
83 84 85 |
# File 'lib/veil/credential_collection/chef_secrets_file.rb', line 83 def secrets_hash { "veil" => to_h } end |