class Sanctum::Command::Create
Public Instance Methods
run(&block)
click to toggle source
# File lib/sanctum/command/create.rb, line 11 def run(&block) if args.one? path = args.first validate_path(path) transit_key = determine_transit_key(path, targets) create_file(path, transit_key, &block) else raise ArgumentError, red('Please pass only one path argument') end end
Private Instance Methods
create_file(path, transit_key) { |tmp_file| ... }
click to toggle source
# File lib/sanctum/command/create.rb, line 23 def create_file(path, transit_key) # Calling vault_client will help prevent a race condition where the token is expired # and contents fail to encrypt vault_client tmp_file = Tempfile.new(File.basename(path)) begin if block_given? yield tmp_file else TTY::Editor.open(tmp_file.path) end contents = File.read(tmp_file.path) data_hash = {"#{tmp_file.path}" => validate(contents)} write_encrypted_data(vault_client, data_hash, transit_key) tmp_file.close FileUtils.cp(tmp_file.path, path) rescue Exception => e # If write_encrypted_data failed, data would fail to write to disk # It would be sad to lose that data, at least this would print the contents to the console. puts red("Contents may have failed to write\nError: #{e}") puts yellow("Contents: \n#{contents}") ensure tmp_file.close secure_erase(tmp_file.path, tmp_file.length) tmp_file.unlink end end
validate_path(path)
click to toggle source
# File lib/sanctum/command/create.rb, line 54 def validate_path(path) path = Pathname.new(path) raise yellow("File exists, use edit command") if path.exist? path.dirname.mkpath unless path.dirname.exist? end