From 2a6f64a53e830978e6e818915d2329dda8fd0690 Mon Sep 17 00:00:00 2001 From: Roberto Alsina Date: Tue, 2 Jul 2024 19:03:29 -0300 Subject: [PATCH] Reorg secrets code --- src/daemon/secrets.cr | 38 ++------------------------------------ src/secrets.cr | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 36 deletions(-) create mode 100644 src/secrets.cr diff --git a/src/daemon/secrets.cr b/src/daemon/secrets.cr index 4daa11e..d73e667 100644 --- a/src/daemon/secrets.cr +++ b/src/daemon/secrets.cr @@ -1,44 +1,10 @@ require "kemal" +require "../secrets.cr" module Secrets - SECRETS = Hash(String, String).new - SECRET_PATH = "./secrets/" - + extend self # TODO: sanitize all inputs - # Store secrets in a tree of files - def self.update_secrets - # Save new secrets - SECRETS.map do |_name, value| - funko, name = _name.split("-", 2) - funko_dir = Path.new(SECRET_PATH, funko) - Dir.mkdir_p(funko_dir) - File.write(Path.new(funko_dir, name), value) - end - # Delete secrets not in the hash - Dir.glob(Path.new(SECRET_PATH, "*")).each do |funko_dir| - funko = File.basename(funko_dir) - Dir.glob(Path.new(funko_dir, "*")).each do |secret_file| - name = File.basename(secret_file) - unless SECRETS.has_key?("#{funko}-#{name}") - File.delete(secret_file) - end - end - end - end - - # Load secrets from the disk - def self.load_secrets - Dir.glob(Path.new(SECRET_PATH, "*")).each do |funko_dir| - funko = File.basename(funko_dir) - Dir.glob(Path.new(funko_dir, "*")).each do |secret_file| - name = File.basename(secret_file) - value = File.read(secret_file) - SECRETS["#{funko}-#{name}"] = value - end - end - end - # Gets a secret in form {"name": "funko_name-secret_name", "value": "secret_value"} post "/secrets/" do |env| name = env.params.json["name"].as(String) diff --git a/src/secrets.cr b/src/secrets.cr new file mode 100644 index 0000000..8418144 --- /dev/null +++ b/src/secrets.cr @@ -0,0 +1,42 @@ +module Secrets + extend self + SECRETS = Hash(String, String).new + SECRET_PATH = "./secrets/" + + # TODO: sanitize all inputs + + # Store secrets in a tree of files + def update_secrets + # Save new secrets + SECRETS.map do |_name, value| + funko, name = _name.split("-", 2) + funko_dir = Path.new(SECRET_PATH, funko) + Dir.mkdir_p(funko_dir) + File.write(Path.new(funko_dir, name), value) + end + # Delete secrets not in the hash + Dir.glob(Path.new(SECRET_PATH, "*")).each do |funko_dir| + funko = File.basename(funko_dir) + Dir.glob(Path.new(funko_dir, "*")).each do |secret_file| + name = File.basename(secret_file) + unless SECRETS.has_key?("#{funko}-#{name}") + File.delete(secret_file) + end + end + end + end + + # Load secrets from the disk + def load_secrets + Dir.glob(Path.new(SECRET_PATH, "*")).each do |funko_dir| + funko = File.basename(funko_dir) + Dir.glob(Path.new(funko_dir, "*")).each do |secret_file| + name = File.basename(secret_file) + value = File.read(secret_file) + SECRETS["#{funko}-#{name}"] = value + end + end + end +end + +Secrets.load_secrets