class Sanctum::Command::Check
Public Instance Methods
run()
click to toggle source
# File lib/sanctum/command/check.rb, line 5 def run targets.each do |target| # Recursively get local files for each prefix specified in sanctum.yaml local_paths = get_local_paths(File.join(File.dirname(config_file), target[:path])) # Read each file local_secrets = read_local_files(local_paths) # Decrypt each secret local_secrets = VaultTransit.decrypt(vault_client, local_secrets, target[:transit_key]) # Recursively get vault secrets for each prefix specified in sanctum.yaml secrets_list = VaultSecrets.new(vault_client, target[:prefix], target[:secrets_version]).get_all # Only one entry in this hash (which will be the target). tree = secrets_list.values.first # Build local paths based on prefix and paths specified in sanctum.yaml vault_secrets = build_path(tree, [target[:path]]) # Join the path array to create a path vault_secrets = join_path(vault_secrets, config_file) compare_secrets(vault_secrets, local_secrets, target[:name]) end end