module Chef::Knife::VaultBase
Public Class Methods
included(includer)
click to toggle source
# File lib/chef/knife/vault_base.rb, line 23 def self.included(includer) includer.class_eval do deps do require "chef/search/query" require File.expand_path("mixin/helper", __dir__) include ChefVault::Mixin::Helper end option :vault_mode, short: "-M MODE", long: "--mode MODE", description: "Chef mode to run in default - solo", proc: proc { |i| Chef::Config[:knife][:vault_mode] = i } end end
Public Instance Methods
configure_chef()
click to toggle source
Calls superclass method
# File lib/chef/knife/vault_base.rb, line 44 def configure_chef super ChefVault::Log.logger = Chef::Log.logger end
show_usage()
click to toggle source
Calls superclass method
# File lib/chef/knife/vault_base.rb, line 39 def show_usage super exit 1 end
Private Instance Methods
bag_is_vault?(bagname)
click to toggle source
# File lib/chef/knife/vault_base.rb, line 51 def bag_is_vault?(bagname) bag = Chef::DataBag.load(bagname) # a data bag is a vault if and only if: # - it has at least one item with item_keys # - every item has a matching item_keys # - item_keys has zero or more keys in sparse mode # vaults have a number of keys >= 2 return false unless bag.keys.size >= 2 # partition into those that end in _keys keylike, notkeylike = split_vault_keys(bag) # there must be an equal number of keyline and not-keylike items return false unless keylike.size == notkeylike.size # strip the _keys suffix and check if the sets match keylike.map! { |k| k.gsub(/_keys$/, "") } return false unless keylike.sort == notkeylike.sort # it's (probably) a vault true end
split_vault_keys(bag)
click to toggle source
# File lib/chef/knife/vault_base.rb, line 73 def split_vault_keys(bag) items = [] keys = ::Set.new possible_sparses = ::Set.new # spread bag keys into 3 categories: items, keys or possible sparse items bag.each_key do |key| next keys << key if key.end_with?("_keys") next possible_sparses << key if key.include?("_key_") items << key end # 2nd pass "sparse" items to avoid false positive when items have "_key" in their name possible_sparses.each { |key| items << key if keys.include?("#{key}_keys") } # return item keys and items [keys, items] end