class Interprete

This command line processor extends the Thor gem CLI tools in order to

Public Instance Methods

delete(entity_id) click to toggle source

The delete use case can delete a single line (key/value pair), or a verse, chapter and even a book

@param entity_id [String] the ID of the entity to delete (line, verse, chapter or book)

# File lib/interprete.rb, line 248
def delete entity_id
  log.info(x) { "[usecase] ~> delete a safe entity with a key id [#{entity_id}]." }
  delete_uc = OpenSecret::DeleteMe.new
  delete_uc.entity_id = entity_id
  delete_uc.flow_of_events
end
docker( command = "login" ) click to toggle source

This docker use case .…

safe docker login
safe docker logout

@param command [String]

the action to be taken which is currently limited to either
login or logout
# File lib/interprete.rb, line 421
def docker( command = "login" )

  log.info(x) { "[usecase] ~> request to #{command} into or out of a docker repository." }
  docker_uc = OpenSecret::Docker.new
  docker_uc.command = command
  docker_uc.flow_of_events

end
eject(file_key) click to toggle source

The eject use case writes out a file that was previously ingested and coccooned inside the safe typically with the file command.

@param file_key [String] the key that the file was ingested against

# File lib/interprete.rb, line 232
def eject file_key
  log.info(x) { "[usecase] ~> eject file at chapter/verse against specified key." }
  eject_uc = OpenSecret::Eject.new
  eject_uc.file_key = file_key
  eject_uc.flow_of_events
end
export() click to toggle source

Export the entire book if no chapter and verse is specified (achieved with a safe close), or the chapter if only the chapter is open (safe shut or safe open <<chapter>>, or the mini-dictionary at the verse if both chapter and verse are open.

# File lib/interprete.rb, line 181
def export
  log.info(x) { "[usecase] ~> export book chapter content or dictionary at verse in JSON format." }
  OpenSecret::Export.new.flow_of_events
end
file(file_key, file_url) click to toggle source

The file use case pulls a read in from either an accessible readsystem or from a remote http, https, git, S3, GoogleDrive and/or ssh source.

@param file_key [String] keyname representing the file that is being read in @param file_url [String] url of file to ingest and assimilate into the safe

# File lib/interprete.rb, line 214
def file file_key, file_url
  log.info(x) { "[usecase] ~> file read against key [[ #{file_key} ]]" }
  log.info(x) { "[usecase] ~> file read from url [[ #{file_url} ]]" }
  file_uc = OpenSecret::FileMe.new
  file_uc.file_key = file_key
  file_uc.file_url = file_url
  file_uc.flow_of_events
end
goto(index) click to toggle source

Goto is a shortcut (or alias even) for the open command that takes an integer index that effectively specifies which <envelope> and <key> to open.

@param index [Number]

the integer index chosen from the list procured by the view command.
# File lib/interprete.rb, line 330
def goto index
  log.info(x) { "[usecase] ~> opens the chapter and verse at index [#{index}]." }
  goto_uc = OpenSecret::Goto.new
  goto_uc.index = index
  goto_uc.flow_of_events

end
id() click to toggle source

Put out the multiple formats of the current timestamp.

# File lib/interprete.rb, line 454
def id
  log.info(x) { "[usecase] ~> prints out the current timestamp identifiers." }
  id_uc = OpenSecret::Id.new
  id_uc.flow_of_events
end
init( domain_name, base_path = nil ) click to toggle source

Initialize the credentials manager, collect the human password and manufacture the strong asymmetric public / private keypair.

@param domain_name [String] the domain the software operates under @param base_path [String] the path to the base operating directory

# File lib/interprete.rb, line 66
def init( domain_name, base_path = nil )
  log.info(x) { "initialize the safe book on this device." }
  init_uc = OpenSecret::Init.new
  init_uc.master_p4ss = options[:with] if options[:with]
  init_uc.domain_name = domain_name
  init_uc.base_path = base_path unless base_path.nil?
  init_uc.flow_of_events
end
jenkins( command, service, url ) click to toggle source

This Jenkins use case injects for example the AWS IAM user access key, secret key and region key into a running Jenkins CI (Continuous Integration) service at the specified (url) location.

safe jenkins post aws http://localhost:8080

@param command [String]

the action to be taken which is currently limited to be [post].

@param service [String]

Which service do the credentials being posted originate from? The crrent list includes

  - aws      ( the 3 IAM user credentials )
  - docker   ( the username / password of docker repository )
  - git      ( the username/password of Git repository )
  - rubygems ( the username / password of RubyGems package manager account )

@param url [String]

the full url of the jenkins service for example http://localhost:8080
which includes the scheme (http|https) the hostname or ip address and
the port jenkins is listening on (if not the default 80 or 443).
# File lib/interprete.rb, line 395
def jenkins( command, service, url )

  log.info(x) { "[usecase] ~> request to #{command} #{service} credentials to Jenkins at #{url}" }
  jenkins_uc = OpenSecret::Jenkins.new

  jenkins_uc.command = command if command
  jenkins_uc.service = service if service
  jenkins_uc.url     = url     if url

  jenkins_uc.flow_of_events

end
login( domain_name = nil ) click to toggle source

Login in order to securely interact with your data. @param domain_name [String] the domain the software operates under

# File lib/interprete.rb, line 87
def login( domain_name = nil )
  log.info(x) { "[usecase] ~> login to the book before interacting with it." }
  login_uc = OpenSecret::Login.new
  login_uc.domain_name = domain_name unless domain_name.nil?
  login_uc.master_p4ss = options[:with] if options[:with]
  login_uc.flow_of_events
end
open(chapter, verse) click to toggle source

Open up a conduit (path) to the place where we can issue read, create, update, and destroy commands.

The allowed characters that makeup chapter and verse aside from alphanumerics are

  • dollar signs

  • percent signs

  • ampersands

  • hyphens

  • underscores

  • plus signs

  • equal signs

  • @ signs

  • period characters and

  • question marks

Notably whitespace including spaces and tabs are not allowed.

@param chapter [String]

the chapter of the logged in book to open

@param verse [String]

the verse of the logged in book and specified chapter to open
# File lib/interprete.rb, line 165
def open chapter, verse
  log.info(x) { "[usecase] ~> open a chapter and verse to read from or write to." }
  open_uc = OpenSecret::Open.new
  open_uc.env_path = chapter
  open_uc.key_path = verse
  open_uc.flow_of_events
end
print(key_name) click to toggle source

Print the value of the specified key belonging to a dictionary at the opened chapter and verse of the currently logged in book.

@param key_name [String] the key whose value is to be printed

put(secret_id, secret_value) click to toggle source

Put a secret with an id like login/username and a value like joebloggs into the context (eg work/laptop) that was opened with the open command.

@param secret_id [String] the id of the secret to put into the opened context @param secret_value [String] the value of the secret to put into the opened context

# File lib/interprete.rb, line 196
def put secret_id, secret_value
  log.info(x) { "[usecase] ~> put key/value pair into dictionary at open chapter and verse." }
  put_uc = OpenSecret::Put.new
  put_uc.secret_id = secret_id
  put_uc.secret_value = secret_value
  put_uc.flow_of_events
end
read(file_url) click to toggle source

The read use case pulls a read in from either an accessible readsystem or from a remote http, https, git, S3, GoogleDrive and/or ssh source.

This use case expects a @file_url parameter. The actions it takes are to

  • register @in.url to mirror @file_url

  • register @out.url to mirror @file_url

  • check the location of @file_url

  • if no file exists it humbly finishes up

@param file_url [String] url of file to ingest and assimilate into the safe

# File lib/interprete.rb, line 271
def read file_url
  log.info(x) { "[usecase] ~> read (reread) file from optional url [[ #{file_url} ]]" }
  read_uc = OpenSecret::Read.new
  read_uc.file_url = file_url
  read_uc.flow_of_events
end
show() click to toggle source

Show the secrets at the opened path. These secrets are simply written out to the shell console.

# File lib/interprete.rb, line 302
def show
  log.info(x) { "[usecase] ~> show dictionary at the opened chapter and verse." }
  OpenSecret::Show.new.flow_of_events
end
terraform( command = nil ) click to toggle source

This terraform use case exports the AWS IAM user access key, secret key and region key into (very safe) environment variables and then runs terraform plan, apply or destroy.

This is both ultra secure and extremely convenient because the credentials do not leave the safe and exist within (environment variable) memory only for the duration of the terraform command.

It is safe because you do not need to expose your AWS credentials in plain text. It is convenient because switching IAM users and AWS regions is as easy as typing the now ubiquitous safe open command.

safe open <<chapter>> <<verse>>

@param command [String]

the terraform command to run which is currently limited to plan, apply and destroy.
This parameter is optional and if nothing is given then "apply" is assumed.
# File lib/interprete.rb, line 359
def terraform( command = nil )
  log.info(x) { "[usecase] ~> will export IAM credentials then invoke $ terraform #{command}" }
  terraform_uc = OpenSecret::Terraform.new
  terraform_uc.command = command if command
  terraform_uc.flow_of_events
end
token() click to toggle source

Thetoken use cases prints out an encrypted session token tied to the workstation and shell environment.

# File lib/interprete.rb, line 132
def token
  log.info(x) { "[usecase] ~> generate and print out an encrypted (shell bound) session token" }
  OpenSecret::Token.new.flow_of_events
end
verse() click to toggle source

Print the name of the verse at the opened chapter and verse location.

# File lib/interprete.rb, line 118
def verse
  log.info(x) { "[usecase] ~> print the verse name at the opened chapter and verse." }
  verse_uc = OpenSecret::Verse.new
  verse_uc.from_script = options[:script].nil? ? false : options[:script]
  verse_uc.flow_of_events
end
view() click to toggle source

Display a bird's eye view of the domain's database including its envelopes, their keys and imported objects such as files.

# File lib/interprete.rb, line 314
def view
  log.info(x) { "[usecase] ~> print list of chapter and verse combos to console." }
  view_uc = OpenSecret::View.new
  view_uc.flow_of_events
end
vpn( command = nil ) click to toggle source

This VPN use case connects to the VPN whose specifics are recorded within the vpn.ini factfile living in the same directory as the vpn.rb usecase class.

@param command [String]

the vpn command to run which is currently limited to up or down
This parameter is optional and if nothing is given then "up" is assumed.
# File lib/interprete.rb, line 441
def vpn( command = nil )
  log.info(x) { "[usecase] ~> VPN connection command #{command} has been issued." }
  vpn_uc = OpenSecret::Vpn.new
  vpn_uc.command = command if command
  vpn_uc.flow_of_events
end
write( file_url = nil ) click to toggle source

The write use case writes out a file that was previously ingested and coccooned inside the safe.

@param file_url [String] optional file url marking where to write the file

# File lib/interprete.rb, line 287
def write( file_url = nil )
  log.info(x) { "[usecase] ~> write out file at chapter/verse to (optional) file url." }
  write_uc = OpenSecret::Write.new
  write_uc.from_script = options[:script].nil? ? false : options[:script]
  write_uc.file_url = file_url if file_url
  write_uc.flow_of_events
end