class CICI::Decrypt
Public Class Methods
new(ui, config)
click to toggle source
# File lib/cici/decrypt.rb, line 18 def initialize(ui, config) @ui = ui @config = config @util = CICI::Util.new(@ui) end
Public Instance Methods
decrypt(key, iv)
click to toggle source
# File lib/cici/decrypt.rb, line 40 def decrypt(key, iv) @ui.verbose('Decrypting secrets encrypted file.') decipher = OpenSSL::Cipher.new('AES-256-CBC') decipher.decrypt decipher.key = key decipher.iv = iv plain = decipher.update(File.read(@config.output_file_encrypted)) + decipher.final plain end
start(set)
click to toggle source
# File lib/cici/decrypt.rb, line 24 def start(set) @set = set assert_encrypted_secret_exist plain = decrypt(Base64.decode64(@util.get_env(CICI::DECRYPT_KEY_ENV_VAR)), Base64.decode64(@util.get_env(CICI::DECRYPT_IV_ENV_VAR))) if !plain.empty? File.write(@config.output_file, plain) else @ui.fail('Wrong key/iv pair for decryption.') end decompress copy_files @ui.success('Files successfully decrypted and copied to their destination!') end
Private Instance Methods
assert_encrypted_secret_exist()
click to toggle source
# File lib/cici/decrypt.rb, line 55 def assert_encrypted_secret_exist @ui.fail("Encrypted secrets file, #{@config.output_file_encrypted}, does not exist") unless File.file?(@config.output_file_encrypted) end
copy_files()
click to toggle source
# File lib/cici/decrypt.rb, line 65 def copy_files @ui.verbose('Copying files to their final destination') copy_file = lambda { |path, secrets_path| source = Pathname.new(secrets_path).join(path).to_s destination = path @ui.verbose("Copying file from #{source} to #{destination}") parent_directory = Pathname.new(destination).expand_path.dirname.to_s @ui.debug("mkdir -p for: #{parent_directory}") FileUtils.mkdir_p(parent_directory) @ui.debug("cp -r for, source: #{source}, destination: #{destination}") FileUtils.cp_r(source, destination) } if @set.nil? @config.default_secrets_without_base_path.each do |secret| copy_file.call(secret, @config.base_path) end else @config.secrets_for_set_without_base_path(@set).each do |secret| copy_file.call(secret, @config.path_for_set(@set)) end end end
decompress()
click to toggle source
# File lib/cici/decrypt.rb, line 59 def decompress @ui.verbose('Decompressing compressed file.') @util.run_command("tar xvf #{@config.output_file}") end