Skip to content

GitLab

Commit 6bb7c3a3 authored by Hendrik Heneke's avatar Hendrik Heneke
Browse files

Added simple functions to decrypt secrets.

parent fb85923c
Pipeline #397 passed with stage
in 31 seconds
Hide whitespace changes
Inline Side-by-side
Showing with 40 additions and 4 deletions
composer.json
View file @ 6bb7c3a3
...@@ -33,7 +33,8 @@ ...@@ -33,7 +33,8 @@
"autoload": { "autoload": {
"psr-4": { "psr-4": {
"HHIT\\ConfigGenerator\\": "src/" "HHIT\\ConfigGenerator\\": "src/"
} },
"files": ["src/functions.php"]
}, },
"autoload-dev": { "autoload-dev": {
"psr-4": { "psr-4": {
......
src/Generator/Factory.php
View file @ 6bb7c3a3
...@@ -11,6 +11,8 @@ use HHIT\ConfigGenerator\Generator\Values\ValuesLoaderFactory; ...@@ -11,6 +11,8 @@ use HHIT\ConfigGenerator\Generator\Values\ValuesLoaderFactory;
use Symfony\Bundle\FrameworkBundle\Secrets\DotenvVault; use Symfony\Bundle\FrameworkBundle\Secrets\DotenvVault;
use Symfony\Bundle\FrameworkBundle\Secrets\SodiumVault; use Symfony\Bundle\FrameworkBundle\Secrets\SodiumVault;
use Symfony\Component\Dotenv\Dotenv; use Symfony\Component\Dotenv\Dotenv;
use function HHIT\ConfigGenerator\cfgen_private_key_path;
use function HHIT\ConfigGenerator\cfgen_secrets_directory;
class Factory class Factory
{ {
...@@ -36,7 +38,7 @@ class Factory ...@@ -36,7 +38,7 @@ class Factory
public function dumpPrivateKey() public function dumpPrivateKey()
{ {
$file = $this->projectDir . '/config/secrets/' . $this->env . '/' . $this->env . '.decrypt.private.php'; $file = cfgen_private_key_path($this->projectDir, $this->env);
if (!file_exists($file)) { if (!file_exists($file)) {
throw new \RuntimeException("Key file {$file} does not exist!"); throw new \RuntimeException("Key file {$file} does not exist!");
} }
...@@ -48,7 +50,7 @@ class Factory ...@@ -48,7 +50,7 @@ class Factory
public function savePrivateKey(string $key) public function savePrivateKey(string $key)
{ {
$file = $this->projectDir . '/config/secrets/' . $this->env . '/' . $this->env . '.decrypt.private.php'; $file = cfgen_private_key_path($this->projectDir, $this->env);
$dirname = dirname($file); $dirname = dirname($file);
if (file_exists($file)) { if (file_exists($file)) {
throw new \RuntimeException("Key file {$file} already exists!"); throw new \RuntimeException("Key file {$file} already exists!");
...@@ -68,7 +70,7 @@ class Factory ...@@ -68,7 +70,7 @@ class Factory
public function createSodiumVault(): SodiumVault public function createSodiumVault(): SodiumVault
{ {
return $this->createSodiumVaultInternal($this->projectDir . '/config/secrets/' . $this->env); return $this->createSodiumVaultInternal(cfgen_secrets_directory($this->projectDir, $this->env));
} }
private function createSodiumVaultInternal(string $secretsDir, $decryptionKey = null): SodiumVault private function createSodiumVaultInternal(string $secretsDir, $decryptionKey = null): SodiumVault
......
src/functions.php 0 → 100644
View file @ 6bb7c3a3
<?php
declare(strict_types=1);
namespace HHIT\ConfigGenerator;
use HHIT\ConfigGenerator\Generator\Factory;
function cfgen_secrets_directory(string $projectDir, string $env)
{
return $projectDir . '/config/secrets/' . $env;
}
function cfgen_private_key_path(string $projectDir, string $env)
{
return cfgen_secrets_directory($projectDir, $env) . '/' . $env . '.decrypt.private.php';
}
function cfgen_decrypt_secret(string $projectDir, string $env, string $name)
{
$privateKeyFile = cfgen_private_key_path($projectDir, $env);
if (!file_exists($privateKeyFile)) {
throw new \RuntimeException("Private key file $privateKeyFile does not exist!");
}
$factory = new Factory($projectDir, $env);
$vault = $factory->createSodiumVault();
$secret = $vault->reveal($name);
if ($secret === null) {
throw new \RuntimeException("Secret $name does not exist!");
} else {
return $secret;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment