forked from kuzzleio/kourou
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest.ts
50 lines (39 loc) · 1.21 KB
/
test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
import { flags } from '@oclif/command'
import _ from 'lodash'
import { Vault } from 'kuzzle-vault'
import { Kommand } from '../../common'
export class VaultTest extends Kommand {
static initSdk = false
static description = `
Tests if an encrypted secrets file can be decrypted.
See https://github.com/kuzzleio/kuzzle-vault/ for more information.
`
static examples = [
'kourou vault:test config/secrets.enc.json --vault-key <vault-key>'
]
static flags = {
'vault-key': flags.string({
description: 'Kuzzle Vault Key (or KUZZLE_VAULT_KEY)',
default: process.env.KUZZLE_VAULT_KEY,
}),
}
static args = [
{ name: 'secrets-file', description: 'Encrypted secrets file', required: true }
]
async runSafe() {
if (_.isEmpty(this.flags['vault-key'])) {
throw new Error('A vault key must be provided')
}
if (_.isEmpty(this.args['secrets-file'])) {
throw new Error('A secrets file must be provided')
}
const vault = new Vault(this.flags['vault-key'])
try {
vault.decrypt(this.args['secrets-file'])
this.logOk('Secrets file can be decrypted')
}
catch (error) {
this.logKo(`Secrets file cannot be decrypted: ${error.message}`)
}
}
}