Class: Gitlab::EncryptedCommandBase
- Inherits:
-
Object
- Object
- Gitlab::EncryptedCommandBase
show all
- Defined in:
- lib/gitlab/encrypted_command_base.rb
Constant Summary
collapse
- DISPLAY_NAME =
"Base"
- EDIT_COMMAND_NAME =
"base"
Class Method Summary
collapse
Class Method Details
.edit ⇒ Object
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
# File 'lib/gitlab/encrypted_command_base.rb', line 28
def edit
encrypted = encrypted_secrets
return unless validate_config(encrypted)
if ENV["EDITOR"].blank?
warn 'No $EDITOR specified to open file. Please provide one when running the command:'
warn "gitlab-rake #{self::EDIT_COMMAND_NAME} EDITOR=vim"
return
end
temp_file = Tempfile.new(File.basename(encrypted.content_path), File.dirname(encrypted.content_path))
contents_changed = false
encrypted.change do |contents|
contents = encrypted_file_template unless File.exist?(encrypted.content_path)
File.write(temp_file.path, contents)
system(ENV['EDITOR'], temp_file.path)
changes = File.read(temp_file.path)
contents_changed = contents != changes
validate_contents(changes)
changes
end
puts "Contents were unchanged." unless contents_changed
puts "File encrypted and saved."
rescue Interrupt
warn "Aborted changing file: nothing saved."
rescue ActiveSupport::MessageEncryptor::InvalidMessage
warn "Couldn't decrypt #{encrypted.content_path}. Perhaps you passed the wrong key?"
ensure
temp_file&.unlink
end
|
.encrypted_file_template ⇒ Object
99
100
101
|
# File 'lib/gitlab/encrypted_command_base.rb', line 99
def encrypted_file_template
raise NotImplementedError
end
|
.encrypted_secrets ⇒ Object
10
11
12
|
# File 'lib/gitlab/encrypted_command_base.rb', line 10
def encrypted_secrets
raise NotImplementedError
end
|
.show ⇒ Object
61
62
63
64
65
66
67
68
|
# File 'lib/gitlab/encrypted_command_base.rb', line 61
def show
encrypted = encrypted_secrets
return unless validate_config(encrypted)
puts encrypted.read.presence || "File '#{encrypted.content_path}' does not exist. Use `gitlab-rake #{self::EDIT_COMMAND_NAME}` to change that."
rescue ActiveSupport::MessageEncryptor::InvalidMessage
warn "Couldn't decrypt #{encrypted.content_path}. Perhaps you passed the wrong key?"
end
|
.validate_config(encrypted) ⇒ Object
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
# File 'lib/gitlab/encrypted_command_base.rb', line 70
def validate_config(encrypted)
dir_path = File.dirname(encrypted.content_path)
unless File.exist?(dir_path)
warn "Directory #{dir_path} does not exist. Create the directory and try again."
return false
end
if encrypted.key.nil?
warn "Missing encryption key encrypted_settings_key_base."
return false
end
true
end
|
.validate_contents(contents) ⇒ Object
86
87
88
89
90
91
92
93
94
95
96
97
|
# File 'lib/gitlab/encrypted_command_base.rb', line 86
def validate_contents(contents)
begin
config = YAML.safe_load(contents, permitted_classes: [Symbol])
error_contents = "Did not include any key-value pairs" unless config.is_a?(Hash)
rescue Psych::Exception => e
error_contents = e.message
end
puts "WARNING: Content was not a valid #{self::DISPLAY_NAME} secret yml file. #{error_contents}" if error_contents
contents
end
|
.write(contents) ⇒ Object
14
15
16
17
18
19
20
21
22
23
24
25
26
|
# File 'lib/gitlab/encrypted_command_base.rb', line 14
def write(contents)
encrypted = encrypted_secrets
return unless validate_config(encrypted)
validate_contents(contents)
encrypted.write(contents)
puts "File encrypted and saved."
rescue Interrupt
warn "Aborted changing file: nothing saved."
rescue ActiveSupport::MessageEncryptor::InvalidMessage
warn "Couldn't decrypt #{encrypted.content_path}. Perhaps you passed the wrong key?"
end
|