From f3d48b4be81c6dbb9f1e839f32d0f6d4bfe171bc Mon Sep 17 00:00:00 2001
From: Simon Templer <simon@wetransform.to>
Date: Fri, 15 Sep 2017 10:39:57 +0200
Subject: [PATCH] add tasks for purging plain secrets

---
 .../gradle/swarm/SwarmComposerPlugin.groovy   | 32 +++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/src/main/groovy/to/wetransform/gradle/swarm/SwarmComposerPlugin.groovy b/src/main/groovy/to/wetransform/gradle/swarm/SwarmComposerPlugin.groovy
index 7d60d99..8edb8e8 100644
--- a/src/main/groovy/to/wetransform/gradle/swarm/SwarmComposerPlugin.groovy
+++ b/src/main/groovy/to/wetransform/gradle/swarm/SwarmComposerPlugin.groovy
@@ -256,6 +256,17 @@ class SwarmComposerPlugin implements Plugin<Project> {
 //      sc.config
 //    }
 
+    def vaultGroup = 'Configuration vault'
+
+    def purgeSecretsName = 'purgeSecrets'
+    def purgeSecretsTask = project.tasks.findByPath(purgeSecretsName)
+    if (!purgeSecretsTask) {
+      purgeSecretsTask = project.task(purgeSecretsName) {
+        group = vaultGroup
+        description = 'Delete all plain text secret files'
+      }
+    }
+
     def decryptTask
     if (sc.setupDir) {
       // encryption / decryption tasks
@@ -270,7 +281,8 @@ class SwarmComposerPlugin implements Plugin<Project> {
         def encryptName = "encrypt-${sc.setupName}"
         if (!project.tasks.findByPath(encryptName)) {
           def encryptTask = project.task(encryptName) {
-            group = 'Encrypt setup configuration'
+            group = vaultGroup
+            description = "Create encrypted vault files from plain text secret files for setup ${sc.setupName}"
           }.doFirst {
             ConfigCryptor cryptor = new SimpleConfigCryptor(new AliceCryptor())
 
@@ -321,7 +333,8 @@ class SwarmComposerPlugin implements Plugin<Project> {
         def decryptName = "decrypt-${sc.setupName}"
         if (!project.tasks.findByPath(decryptName)) {
           decryptTask = project.task(decryptName) {
-            group = 'Decrypt setup configuration'
+            group = vaultGroup
+            description = "Create plain text secret files from encrypted vault files for setup ${sc.setupName}"
           }.doFirst {
             ConfigCryptor cryptor = new SimpleConfigCryptor(new AliceCryptor())
 
@@ -348,6 +361,21 @@ class SwarmComposerPlugin implements Plugin<Project> {
           }
         }
 
+        // purge task
+        def purgeName = "purgeSecrets-${sc.setupName}"
+        if (!project.tasks.findByPath(purgeName)) {
+          def purgeTask = project.task(purgeName) {
+            group = vaultGroup
+            description = "Delete all plain text secret files for setup ${sc.setupName}"
+          }.doLast {
+            project.fileTree(dir: sc.setupDir,
+                includes: ["*.${PLAIN_FILE_IDENTIFIER}.*"]).each { File file ->
+              file.delete()
+            }
+          }
+          purgeSecretsTask.dependsOn(purgeTask)
+        }
+
       }
     }