Skip to content

Commit

Permalink
add tasks for purging plain secrets
Browse files Browse the repository at this point in the history
  • Loading branch information
stempler committed Sep 15, 2017
1 parent 3f5b3cb commit f3d48b4
Showing 1 changed file with 30 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -256,6 +256,17 @@ class SwarmComposerPlugin implements Plugin<Project> {
// sc.config
// }

def vaultGroup = 'Configuration vault'

def purgeSecretsName = 'purgeSecrets'
def purgeSecretsTask = project.tasks.findByPath(purgeSecretsName)
if (!purgeSecretsTask) {
purgeSecretsTask = project.task(purgeSecretsName) {
group = vaultGroup
description = 'Delete all plain text secret files'
}
}

def decryptTask
if (sc.setupDir) {
// encryption / decryption tasks
Expand All @@ -270,7 +281,8 @@ class SwarmComposerPlugin implements Plugin<Project> {
def encryptName = "encrypt-${sc.setupName}"
if (!project.tasks.findByPath(encryptName)) {
def encryptTask = project.task(encryptName) {
group = 'Encrypt setup configuration'
group = vaultGroup
description = "Create encrypted vault files from plain text secret files for setup ${sc.setupName}"
}.doFirst {
ConfigCryptor cryptor = new SimpleConfigCryptor(new AliceCryptor())

Expand Down Expand Up @@ -321,7 +333,8 @@ class SwarmComposerPlugin implements Plugin<Project> {
def decryptName = "decrypt-${sc.setupName}"
if (!project.tasks.findByPath(decryptName)) {
decryptTask = project.task(decryptName) {
group = 'Decrypt setup configuration'
group = vaultGroup
description = "Create plain text secret files from encrypted vault files for setup ${sc.setupName}"
}.doFirst {
ConfigCryptor cryptor = new SimpleConfigCryptor(new AliceCryptor())

Expand All @@ -348,6 +361,21 @@ class SwarmComposerPlugin implements Plugin<Project> {
}
}

// purge task
def purgeName = "purgeSecrets-${sc.setupName}"
if (!project.tasks.findByPath(purgeName)) {
def purgeTask = project.task(purgeName) {
group = vaultGroup
description = "Delete all plain text secret files for setup ${sc.setupName}"
}.doLast {
project.fileTree(dir: sc.setupDir,
includes: ["*.${PLAIN_FILE_IDENTIFIER}.*"]).each { File file ->
file.delete()
}
}
purgeSecretsTask.dependsOn(purgeTask)
}

}
}

Expand Down

0 comments on commit f3d48b4

Please sign in to comment.