module Chef::Knife::SecureDataBag::SecretsMixin

Public Class Methods

included(base) click to toggle source

Steps to execute when the mixin is include. In this case specifically, add additional command line options related to exporting. @since 3.0.0

# File lib/chef/knife/secure_data_bag/secrets_mixin.rb, line 9
def self.included(base)
  base.option :secret,
    description: 'The secret key used to (de)encrypt data bag item values',
    short: '-s SECRET',
    long: '--secret '

  base.option :secret_file,
    description: 'The secret key file used to (de)encrypt data bag item values',
    long: '--secret-file SECRET_FILE'
end

Public Instance Methods

secret() click to toggle source

The shared secret used to encrypt / decrypt data bag items @return [String] the shared secret @since 3.0.0

# File lib/chef/knife/secure_data_bag/secrets_mixin.rb, line 23
def secret
  @secret ||= begin
    secret = load_secret
    unless secret
      ui.fatal('A secret or secret_file must be specified')
      show_usage
      exit 1
    end
    secret
  end
end

Private Instance Methods

load_secret() click to toggle source

Load the shared secret, either from command line parameters or from a file on the filesystem. @return [String] the shared secret @since 3.0.0

# File lib/chef/knife/secure_data_bag/secrets_mixin.rb, line 49
def load_secret
  if config[:secret] then config[:secret]
  else ::SecureDataBag::Item.load_secret(secret_file)
  end
end
secret_file() click to toggle source

Path to the secret_file @return [String] @since 3.0.0

# File lib/chef/knife/secure_data_bag/secrets_mixin.rb, line 40
def secret_file
  config[:secret_file] ||
    Chef::Config[:knife][:secure_data_bag][:secret_file]
end