class Conjur::Env
Public Class Methods
new(options={})
click to toggle source
# File lib/conjur/conjurenv.rb, line 64 def initialize(options={}) raise ":file and :yaml options can not be provided together" if ( options.has_key?(:file) and options.has_key?(:yaml) ) yaml = if options.has_key?(:yaml) raise ":yaml option should be non-empty string" unless options[:yaml].kind_of?(String) raise ":yaml option should be non-empty string" if options[:yaml].empty? options[:yaml] elsif options.has_key?(:file) raise ":file option should be non-empty string" unless options[:file].kind_of?(String) raise ":file option should be non-empty string" if options[:file].empty? File.read(options[:file]) else raise "either :file or :yaml option is mandatory" end parse_arguments = [ yaml ] parse_arguments << options[:substitutions] if options[:substitutions] @definition = parse(*parse_arguments) end
Public Instance Methods
check(api)
click to toggle source
# File lib/conjur/conjurenv.rb, line 123 def check(api) Hash[ @definition.map.each do |k,v| if v.respond_to? :conjur_id if api.resource(v.conjur_id).permitted?(:execute) status = :available else status = :unavailable end else status = :literal end [ k, status ] end ] end
obtain(api)
click to toggle source
# File lib/conjur/conjurenv.rb, line 106 def obtain(api) runtime_environment = {} @definition.each do |environment_name, v| value = if v.conjur_id api.resource(v.conjur_id).value else v end if v.respond_to?(:evaluate) runtime_environment[environment_name] = v.evaluate(value) else runtime_environment[environment_name] = v # is a literal value end end return runtime_environment end
parse(yaml, substitutions = {})
click to toggle source
# File lib/conjur/conjurenv.rb, line 83 def parse(yaml, substitutions = {}) YAML.add_tag("!var", ConjurVariable) YAML.add_tag("!tmp", ConjurTempfile) fix_safeyaml! %w(!tmp !var) definition = YAML.load(yaml) raise "Definition should be a Hash" unless definition.kind_of?(Hash) # convert fixnums to literals -- to make definitions of e.g. ports more convenient definition.keys.select { |k| definition[k].kind_of? Fixnum }.each { |k| definition[k]="#{definition[k]}" } bad_types = definition.values.select { |v| not (v.kind_of?(String) or v.kind_of?(CustomTag)) }.map {|v| v.class}.uniq raise "Definition can not include values of types: #{bad_types}" unless bad_types.empty? definition.inject({}) do |memo,e| key, value = e substitutions.each do |k,v| value.gsub! k, v end memo[key] = value memo end definition end
Private Instance Methods
fix_safeyaml!(tags)
click to toggle source
# File lib/conjur/conjurenv.rb, line 142 def fix_safeyaml! tags # Including `conjur-asset-policy` adds the safe_yaml gem, which patches # YAML.load to do so without deserializing objects with custom tags. if defined?(SafeYAML) SafeYAML::OPTIONS[:whitelisted_tags] = SafeYAML::OPTIONS[:whitelisted_tags].concat(tags).uniq end end