class SecretKeeper

Public Class Methods

decrypt_files(remove_production=false) click to toggle source
# File lib/secret-keeper.rb, line 22
def self.decrypt_files(remove_production=false)
  sk = SecretKeeper.new
  print 'Decrypting...' unless sk.slience
  puts remove_production ? '(production config removed)' : nil unless sk.slience

  ok_queue = []
  sk.tasks.each do |task|
    from = task['decrypt_from'] || task['encrypt_to']
    to = task['decrypt_to'] || task['encrypt_from']

    result = sk.decrypt_file(from, to)

    if result == :ok && remove_production
      result = sk.remove_production_config(to)
    end

    ok_queue << result if result == :ok
    puts "  * #{from} --> #{to}, #{result}" unless sk.slience
  end
  success = ok_queue.count == sk.tasks.count
  puts success ? 'Done!' : 'Failed!' unless sk.slience
  success
end
encrypt_files() click to toggle source
# File lib/secret-keeper.rb, line 5
def self.encrypt_files
  sk = SecretKeeper.new
  puts 'Encrypting...' unless sk.slience
  ok_queue = []
  sk.tasks.each do |task|
    from = task['encrypt_from']
    to = task['encrypt_to']

    result = sk.encrypt_file(from, to)
    ok_queue << result if result == :ok
    puts "  * #{from} --> #{to}, #{result}" unless sk.slience
  end
  success = ok_queue.count == sk.tasks.count
  puts success ? 'Done!' : 'Failed!' unless sk.slience
  success
end
new() click to toggle source
# File lib/secret-keeper.rb, line 46
def initialize
  env = ENV['RAILS_ENV'] || 'development'
  string = File.open('config/secret-keeper.yml', 'rb') { |f| f.read }
  fail 'config/secret-keeper.yml not existed nor not readable' if string.nil?
  config = YAML.load(string)[env]
  fail 'config/secret-keeper.yml incorrect or environment not exist' if config.nil?
  ev_name = config['ev_name'] || 'SECRET_KEEPER'
  fail "environment variable #{ev_name} not exist" if ENV[ev_name].nil?

  @tasks = config['tasks']
  @using_cipher = OpenSSL::Cipher.new(config['cipher'] || 'AES-256-CBC')
  @cipher_key = Digest::SHA2.hexdigest(ENV[ev_name])[0...@using_cipher.key_len]

  @slience = config['slience'] || false
end

Public Instance Methods

decrypt_file(from_file, to_file) click to toggle source
# File lib/secret-keeper.rb, line 78
def decrypt_file(from_file, to_file)
  decrypted = File.open(from_file, 'rb') { |f| decrypt(f.read) }
  File.open(to_file, 'w') { |f| f.write(decrypted.force_encoding('UTF-8')) }
  :ok
rescue => e
  e
end
encrypt_file(from_file, to_file) click to toggle source
# File lib/secret-keeper.rb, line 70
def encrypt_file(from_file, to_file)
  encrypted = File.open(from_file, 'rb') { |f| encrypt(f.read) }
  File.open(to_file, 'w:ASCII-8BIT') { |f| f.write(encrypted) }
  :ok
rescue => e
  e
end
remove_production_config(file_path) click to toggle source
# File lib/secret-keeper.rb, line 86
def remove_production_config(file_path)
  return :ok unless file_path =~ /\.yml/
  hash = YAML.load_file(file_path)
  hash.delete('production')
  File.write(file_path, YAML.dump(hash))
  :ok
rescue => e
  e
end
slience() click to toggle source
# File lib/secret-keeper.rb, line 66
def slience
  @slience
end
tasks() click to toggle source
# File lib/secret-keeper.rb, line 62
def tasks
  @tasks
end

Private Instance Methods

decrypt(data) click to toggle source
# File lib/secret-keeper.rb, line 104
def decrypt(data)
  cipher = @using_cipher.decrypt
  cipher.key = @cipher_key
  cipher.update(data) + cipher.final
end
encrypt(data) click to toggle source
# File lib/secret-keeper.rb, line 98
def encrypt(data)
  cipher = @using_cipher.encrypt
  cipher.key = @cipher_key
  cipher.update(data) + cipher.final
end