-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #283 from betadots/issue-264
Allow doing lookups
- Loading branch information
Showing
38 changed files
with
825 additions
and
287 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
class LookupsController < ApplicationController | ||
before_action :load_environments | ||
before_action :load_nodes | ||
before_action :load_keys | ||
|
||
def show | ||
@result = @key.lookup(@node) | ||
rescue Hdm::Error => e | ||
@error = e | ||
|
||
render action: "error" | ||
end | ||
|
||
private | ||
|
||
def load_keys | ||
@keys = Key.all_for(@node, environment: @environment) | ||
@keys.select! { |k| current_user.may_access?(k) } | ||
@key = Key.new(environment: @environment, name: params[:key_id]) | ||
authorize! :show, @key | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
class HieraData | ||
class EYamlFile < YamlFile | ||
ENCRYPTED_PATTERN = /.*ENC\[.*\]/ | ||
|
||
def self.encrypted?(value) | ||
value.is_a?(String) && !!value.match(ENCRYPTED_PATTERN) | ||
end | ||
|
||
def self.decrypt_value(value, public_key:, private_key:) | ||
Hiera::Backend::Eyaml::Options["pkcs7_private_key"] = private_key | ||
Hiera::Backend::Eyaml::Options["pkcs7_public_key"] = public_key | ||
parser = Hiera::Backend::Eyaml::Parser::Parser.new([Hiera::Backend::Eyaml::Parser::EncHieraTokenType.new, Hiera::Backend::Eyaml::Parser::EncBlockTokenType.new]) | ||
tokens = parser.parse(value) | ||
tokens.map(&:to_plain_text).join | ||
end | ||
|
||
def self.encrypt_value(value, public_key:, private_key:) | ||
Hiera::Backend::Eyaml::Options["pkcs7_private_key"] = private_key | ||
Hiera::Backend::Eyaml::Options["pkcs7_public_key"] = public_key | ||
encryptor = Hiera::Backend::Eyaml::Encryptor.find | ||
ciphertext = encryptor.encode(encryptor.encrypt(value)) | ||
token = Hiera::Backend::Eyaml::Parser::EncToken.new(:block, value, encryptor, ciphertext, nil, ' ') | ||
token.to_encrypted format: :string | ||
end | ||
|
||
def content | ||
@content ||= | ||
begin | ||
super | ||
decrypt_content if @content && decrypt? | ||
@content | ||
end | ||
end | ||
|
||
private | ||
|
||
def decrypt_content | ||
public_key = @options[:public_key] | ||
private_key = @options[:private_key] | ||
@content.transform_values! do |value| | ||
if self.class.encrypted?(value) | ||
self.class.decrypt_value(value, public_key:, private_key:) | ||
else | ||
value | ||
end | ||
end | ||
end | ||
|
||
def decrypt? | ||
@options[:decrypt] && | ||
@options[:public_key] && | ||
@options[:private_key] | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
class HieraData | ||
class Lookup | ||
def initialize(hashes) | ||
@hashes = hashes | ||
end | ||
|
||
def lookup(key, merge_strategy: :first) | ||
applicable_values = extract_key_from_hashes(key) | ||
merge_values(applicable_values, merge_strategy) | ||
end | ||
|
||
private | ||
|
||
def extract_key_from_hashes(key) | ||
@hashes | ||
.select { |h| h.key?(key) } | ||
.pluck(key) | ||
end | ||
|
||
def merge_values(values, strategy) | ||
case strategy | ||
when :first | ||
values.first | ||
when :unique | ||
unique_array_merge(values) | ||
when :hash | ||
flat_hash_merge(values) | ||
when :deep | ||
deep_merge(values) | ||
end | ||
end | ||
|
||
def unique_array_merge(values) | ||
values.inject([]) do |memo, value| | ||
raise Hdm::Error, "Merge strategy `unique` is not applicable to a hash." if value.is_a?(Hash) | ||
|
||
memo + Array(value) | ||
end.uniq | ||
end | ||
|
||
def flat_hash_merge(values) | ||
values.inject({}) do |memo, value| | ||
raise Hdm::Error, "Merge strategy `hash` can only be used with hashes." unless value.is_a?(Hash) | ||
|
||
value.merge(memo) | ||
end | ||
end | ||
|
||
def deep_merge(values) | ||
values.inject do |memo, value| | ||
memo ||= {} | ||
|
||
DeepMerge.deep_merge!(memo, value, merge_hash_arrays: true) | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
class HieraData | ||
module Util | ||
module_function | ||
|
||
def yaml_format(value) | ||
value.to_yaml.sub(/\A---(\n| )/, '').chomp | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.