class DynamoSecret::Secret
Public Class Methods
new(config)
click to toggle source
# File lib/dynamo_secret/secret.rb, line 8 def initialize(config) @config = config end
Public Instance Methods
delete()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 12 def delete resp = ask("Really delete #{site}? (y/N) ") return unless resp.casecmp('y') dynamodb.delete $stdout.puts "#{site} deleted" end
get(fields)
click to toggle source
# File lib/dynamo_secret/secret.rb, line 19 def get(fields) secret = dynamodb.fetch_secret return decrypt(secret, fields) if secret $stderr.puts "Could not find record for #{site}" exit 1 end
put()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 26 def put if gpg.key.nil? && kms.key.nil? $stderr.puts 'Refusing to store secrets in plain text' exit 1 elsif dynamodb.fetch_secret $stderr.puts "Site #{site} already exists" exit 1 else secret = encrypt dynamodb.put_secret(secret) end end
setup()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 39 def setup dynamodb.create_table kms.create_key unless @config.fetch(:enable_kms, nil).nil? end
update()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 44 def update secret = dynamodb.fetch_secret.merge(encrypt) dynamodb.put_secret(secret) end
Private Instance Methods
decode(data)
click to toggle source
# File lib/dynamo_secret/secret.rb, line 51 def decode(data) data = Base64.decode64(data) data = kms.decrypt(data) if kms.key data = gpg.decrypt(data) if gpg.key data end
decrypt(data, fields)
click to toggle source
# File lib/dynamo_secret/secret.rb, line 58 def decrypt(data, fields) headers = [['Key', 'Value'], ['---', '-----']] fields ||= [['Site', data['Site']]] + data.map { |k, v| [k, decode(v)] unless k == 'Site' }.compact output = if fields.is_a?(Array) headers + fields else headers + data.map { |k, v| [k, decode(v)] if fields.include?(k) }.compact end widths = output.transpose.map { |x| x.map(&:length).max }.map { |w| "%-#{w}s" }.join(' ') output.each { |line| $stdout.puts widths % line } end
dynamodb()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 76 def dynamodb @dynamodb ||= DynamoDB.new(@config) end
encode(data)
click to toggle source
# File lib/dynamo_secret/secret.rb, line 70 def encode(data) data = gpg.encrypt(data) if gpg.key data = kms.encrypt(data) if kms.key Base64.encode64(data) end
encrypt()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 80 def encrypt encrypted_data = { 'Site' => site } @config[:secret_data][site].each do |kv| kv.map { |k, v| encrypted_data[k] = encode(v) } end encrypted_data end
gpg()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 90 def gpg @gpg ||= Gpg.new end
kms()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 94 def kms @kms ||= Kms.new(@config) end
site()
click to toggle source
# File lib/dynamo_secret/secret.rb, line 98 def site @config[:secret_data].map { |k, _v| k }.first end