module SecureDataBag::CheckEncrypted

Common code for checking if a data bag appears encrypted

Public Instance Methods

partially_encrypted?(raw_data) click to toggle source

Autodetect whether the item's raw hash appears to be encrypted

# File lib/secure_data_bag/check_encrypted.rb, line 9
def partially_encrypted?(raw_data)
  data = raw_data.reject { |k, _| k == 'id' }

  # Detect whether any of the raw hash keys, or their nested structures
  # contain encrypted values.
  data.any? do |_, v|
    looks_like_partially_encrypted?(v)
  end
end

Private Instance Methods

looks_like_partially_encrypted?(data) click to toggle source

Chef if any of the nested data structures look like they have been encrypted in a manner compatible with Chef::EncryptedDataBagItem::Encryptor::VersionXEncryptor.

# File lib/secure_data_bag/check_encrypted.rb, line 24
def looks_like_partially_encrypted?(data)
  return false unless data.is_a?(Hash)
  looks_like_encrypted?(data) || partially_encrypted?(data)
end