class Secrets::Parser

Constants

SECRETS_FILE_SUFFIX

Public Class Methods

new() click to toggle source
# File lib/secrets_parser/parser.rb, line 25
def initialize
  @config = Configuration.new
  @secret_variables = {}
end

Public Instance Methods

parse(file_to_parse, field_to_parse) click to toggle source
# File lib/secrets_parser/parser.rb, line 36
def parse(file_to_parse, field_to_parse)
  @config.s3 = S3.new(@config.s3_client, @config.kms_client, @config.logger)

  app_json = JSON.parse(IO.read(file_to_parse))
  app_variables = app_json[field_to_parse]

  logger.info "Parsing #{field_to_parse} section of #{file_to_parse}"

  app_json[field_to_parse] = parse_secrets_from app_variables

  app_json
end
set_config() { |config| ... } click to toggle source
# File lib/secrets_parser/parser.rb, line 30
def set_config
  yield(@config)
  @config.logger ||= Logger.new(File::NULL)
  self
end

Private Instance Methods

already_decrypted?(secret_file) click to toggle source
# File lib/secrets_parser/parser.rb, line 80
def already_decrypted?(secret_file)
  @secret_variables.key?(secret_file)
end
logger() click to toggle source
# File lib/secrets_parser/parser.rb, line 104
def logger
  @config.logger
end
parse_secrets_from(variables) click to toggle source
# File lib/secrets_parser/parser.rb, line 64
def parse_secrets_from(variables)
  variables.each_pair do |key, value|
    next unless secret?(value)

    secret_file = secret_file_from(value)
    secret_key = secret_key_from(value)

    @secret_variables[secret_file] = secrets_from(secret_file)

    logger.info "Updating #{key} value"
    variables[key] = secret_value_from(secret_file, secret_key)
  end

  variables
end
secret?(string) click to toggle source
# File lib/secrets_parser/parser.rb, line 51
def secret?(string)
  string.is_a?(String) && string.start_with?('secret:')
end
secret_file_from(secret) click to toggle source
# File lib/secrets_parser/parser.rb, line 84
def secret_file_from(secret)
  Helpers.expand_param_from_env(secret).split(':')[1]
end
secret_key_exists?(secret_file, secret_key) click to toggle source
# File lib/secrets_parser/parser.rb, line 100
def secret_key_exists?(secret_file, secret_key)
  !@secret_variables[secret_file][secret_key].nil?
end
secret_key_from(secret) click to toggle source
# File lib/secrets_parser/parser.rb, line 88
def secret_key_from(secret)
  Helpers.expand_param_from_env(secret).split(':')[2]
end
secret_value_from(secret_file, secret_key) click to toggle source
# File lib/secrets_parser/parser.rb, line 92
def secret_value_from(secret_file, secret_key)
  unless secret_key_exists?(secret_file, secret_key)
    raise Secrets::Errors::NoSuchKey, "Secret key #{secret_key} does not exist in #{secret_file}"
  end

  @secret_variables[secret_file][secret_key]
end
secrets_from(secret_file) click to toggle source
# File lib/secrets_parser/parser.rb, line 55
def secrets_from(secret_file)
  return @secret_variables[secret_file] if already_decrypted?(secret_file)

  encrypted_secrets_io = @config.s3.download(secret_file + SECRETS_FILE_SUFFIX)
  decrypted_secrets = @config.s3.decrypt(encrypted_secrets_io)

  JSON.parse(decrypted_secrets)
end