Class: Aspera::Keychain::Factory

Inherits:
Object
  • Object
show all
Defined in:
lib/aspera/keychain/factory.rb

Overview

Manage secrets in a Hashicorp Vault

Constant Summary collapse

LIST = 
%i[file system vault].freeze

Class Method Summary collapse

Class Method Details

.create(info, name, folder, password) ⇒ Object

Create a vault instance

Parameters:

  • info (Hash)

    vault options

  • name (String)

    name of the vault

  • folder (String)

    folder to store the vault (if needed)

  • password (String)

    password to open the vault



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/aspera/keychain/factory.rb', line 14

def create(info, name, folder, password)
  Aspera.assert_type(info, Hash)
  Aspera.assert(info.values.all?(String)){'vault info shall have only string values'}
  info = info.symbolize_keys
  vault_type = info.delete(:type)
  Aspera.assert_values(vault_type, LIST.map(&:to_s)){'vault.type'}
  case vault_type
  when 'file'
    info[:file] = name || 'vault.bin'
    info[:file] = File.join(folder, info[:file]) unless File.absolute_path?(info[:file])
    Aspera.assert(!password.nil?){'please provide password'}
    info[:password] = password
    # this module requires compilation, so it is optional
    require 'aspera/keychain/encrypted_hash'
    @vault = Keychain::EncryptedHash.new(**info)
  when 'system'
    case Environment.instance.os
    when Environment::OS_MACOS
      info[:name] ||= name
      @vault = Keychain::MacosSystem.new(**info)
    else
      raise Error, 'not implemented for this OS'
    end
  when 'vault'
    require 'aspera/keychain/hashicorp_vault'
    info[:token] ||= password
    @vault = Keychain::HashicorpVault.new(**info)
  else Aspera.error_unexpected_value(vault_type)
  end
end