summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2013-01-30 22:25:37 -0800
committerelijah <elijah@riseup.net>2013-01-30 22:25:37 -0800
commit62dfe5a61b547179babb815245bb8a0e3ea14f6f (patch)
treed594c83dafc9c3d2c80ea3e8e32878468d509076
parentf688b404c7f1dbcd3650314d5b5279cf2a6657b7 (diff)
fix bug with vanishing secrets
-rw-r--r--lib/leap_cli/commands/compile.rb2
-rw-r--r--lib/leap_cli/config/manager.rb5
-rw-r--r--lib/leap_cli/config/secrets.rb20
3 files changed, 18 insertions, 9 deletions
diff --git a/lib/leap_cli/commands/compile.rb b/lib/leap_cli/commands/compile.rb
index df2149d..0e645d6 100644
--- a/lib/leap_cli/commands/compile.rb
+++ b/lib/leap_cli/commands/compile.rb
@@ -15,7 +15,7 @@ module LeapCli
# export generated files
manager.export_nodes(nodes)
- manager.export_secrets
+ manager.export_secrets(nodes.nil?) # only do a "clean" export if we are examining all the nodes
end
def update_compiled_ssh_configs
diff --git a/lib/leap_cli/config/manager.rb b/lib/leap_cli/config/manager.rb
index 5fc4499..5a82526 100644
--- a/lib/leap_cli/config/manager.rb
+++ b/lib/leap_cli/config/manager.rb
@@ -90,10 +90,9 @@ module LeapCli
end
end
- def export_secrets(destination_file = nil)
+ def export_secrets(clean_unused_secrets = false)
if @secrets.any?
- file_path = destination_file || Path.named_path(:secrets_config, @provider_dir)
- Util.write_file!(file_path, @secrets.dump_json + "\n")
+ Util.write_file!([:secrets_config, @provider_dir], @secrets.dump_json(clean_unused_secrets) + "\n")
end
end
diff --git a/lib/leap_cli/config/secrets.rb b/lib/leap_cli/config/secrets.rb
index 00d0cd6..491870d 100644
--- a/lib/leap_cli/config/secrets.rb
+++ b/lib/leap_cli/config/secrets.rb
@@ -20,13 +20,23 @@ module LeapCli; module Config
self[key] ||= value
end
- def dump_json
- self.each_key do |key|
- unless @discovered_keys[key]
- self.delete(key)
+ #
+ # if only_discovered_keys is true, then we will only export
+ # those secrets that have been discovered and the prior ones will be cleaned out.
+ #
+ # this should only be triggered when all nodes have been processed, otherwise
+ # secrets that are actually in use will get mistakenly removed.
+ #
+ #
+ def dump_json(only_discovered_keys=false)
+ if only_discovered_keys
+ self.each_key do |key|
+ unless @discovered_keys[key]
+ self.delete(key)
+ end
end
end
- super
+ super()
end
end