Class: Gitlab::EncryptedConfiguration
- Inherits:
-
Object
- Object
- Gitlab::EncryptedConfiguration
show all
- Defined in:
- lib/gitlab/encrypted_configuration.rb
Defined Under Namespace
Classes: InvalidConfigError, MissingKeyError
Constant Summary
collapse
- CIPHER =
"aes-256-gcm"
- SALT =
"GitLabEncryptedConfigSalt"
Instance Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
Constructor Details
#initialize(content_path: nil, base_key: nil, previous_keys: []) ⇒ EncryptedConfiguration
Returns a new instance of EncryptedConfiguration.
32
33
34
35
36
|
# File 'lib/gitlab/encrypted_configuration.rb', line 32
def initialize(content_path: nil, base_key: nil, previous_keys: [])
@content_path = Pathname.new(content_path).yield_self { |path| path.symlink? ? path.realpath : path } if content_path
@key = self.class.generate_key(base_key) if base_key
@previous_keys = previous_keys
end
|
Instance Attribute Details
#content_path ⇒ Object
Returns the value of attribute content_path.
7
8
9
|
# File 'lib/gitlab/encrypted_configuration.rb', line 7
def content_path
@content_path
end
|
#key ⇒ Object
Returns the value of attribute key.
7
8
9
|
# File 'lib/gitlab/encrypted_configuration.rb', line 7
def key
@key
end
|
#previous_keys ⇒ Object
Returns the value of attribute previous_keys.
7
8
9
|
# File 'lib/gitlab/encrypted_configuration.rb', line 7
def previous_keys
@previous_keys
end
|
Class Method Details
.generate_key(base_key) ⇒ Object
24
25
26
27
28
29
30
|
# File 'lib/gitlab/encrypted_configuration.rb', line 24
def self.generate_key(base_key)
raise 'Base key too small' if base_key.blank? || base_key.length < 16
ActiveSupport::KeyGenerator.new(base_key).generate_key(SALT, ActiveSupport::MessageEncryptor.key_len(CIPHER))
end
|
Instance Method Details
#active? ⇒ Boolean
38
39
40
|
# File 'lib/gitlab/encrypted_configuration.rb', line 38
def active?
content_path&.exist?
end
|
#change(&block) ⇒ Object
73
74
75
|
# File 'lib/gitlab/encrypted_configuration.rb', line 73
def change(&block)
writing(read, &block)
end
|
#config ⇒ Object
63
64
65
66
67
68
69
70
71
|
# File 'lib/gitlab/encrypted_configuration.rb', line 63
def config
return @config if @config
contents = deserialize(read)
raise InvalidConfigError unless contents.is_a?(Hash)
@config = contents.deep_symbolize_keys
end
|
#read ⇒ Object
42
43
44
45
46
47
48
|
# File 'lib/gitlab/encrypted_configuration.rb', line 42
def read
if active?
decrypt(content_path.binread)
else
""
end
end
|
#write(contents) ⇒ Object
50
51
52
53
54
55
56
57
58
59
60
61
|
# File 'lib/gitlab/encrypted_configuration.rb', line 50
def write(contents)
deserialize(contents)
temp_file = Tempfile.new(File.basename(content_path), File.dirname(content_path))
File.open(temp_file.path, 'wb') do |file|
file.write(encrypt(contents))
end
FileUtils.mv(temp_file.path, content_path)
ensure
temp_file&.unlink
end
|