Change: Remove Dots And Dashes From Namespaces When Resolving Filenames

Why This Change Is Necessary ======================================================================== Previously dots and dashes were not removed from the namespaces when looking up the filenames for keys. This meant that when looking up filenames for those namespaces, the per-namespace keys were not resolving correctly. How These Changes Address the Issue ======================================================================== This change removes dots and dashes from the namespaces when looking up key filenames. We also alter the script that generates key pairs so that it removes dots and dashes from the filenames it generates. Caveat ======================================================================== It's important to note that this _only_ applies to looking up the key filename. Inside the YAML files, dots and dashes are valid characters and will be used when finding namespaced settings. With a namespace of `example-host.com`, the private key filename would be `.chamber.examplehostcom.pem`, however in the YAML file, you would still do: ```yaml example-host.com: my_setting: 'hello' ``` Side Effects Caused By This Change ======================================================================== Anyone relying on the erroneous functionality will break. ------------------------------------------------------------------------ Actions: * References #56
thekompanee · May 29, 2019 · 10defe1 · 10defe1
1 parent 41360a7
commit 10defe1
Show file tree

Hide file tree

Showing 8 changed files with 44 additions and 16 deletions.
diff --git a/lib/chamber/key_pair.rb b/lib/chamber/key_pair.rb
@@ -77,7 +77,7 @@ def encryption_cipher
   def base_key_filename
     @base_key_filename ||= [
                              '.chamber',
-                             namespace,
+                             namespace.tr('-.', ''),
                            ].
                              compact.
                              join('.')

diff --git a/lib/chamber/keys/base.rb b/lib/chamber/keys/base.rb
@@ -76,7 +76,7 @@ def namespace_from_filename(filename)
 
   def generate_key_filenames
     namespaces.map do |namespace|
-      rootpath + ".chamber.#{namespace}#{key_filename_extension}"
+      rootpath + ".chamber.#{namespace.to_s.tr('.-', '')}#{key_filename_extension}"
     end
   end
 

diff --git a/spec/fixtures/keys/.chamber.examplehostcom.enc b/spec/fixtures/keys/.chamber.examplehostcom.enc
@@ -0,0 +1 @@
+example-host.com encrypted private key
diff --git a/spec/fixtures/keys/.chamber.examplehostcom.pem b/spec/fixtures/keys/.chamber.examplehostcom.pem
@@ -0,0 +1 @@
+example-host.com private key
diff --git a/spec/fixtures/keys/.chamber.examplehostcom.pub.pem b/spec/fixtures/keys/.chamber.examplehostcom.pub.pem
@@ -0,0 +1 @@
+example-host.com public key
diff --git a/spec/lib/chamber/key_pair_spec.rb b/spec/lib/chamber/key_pair_spec.rb
@@ -61,24 +61,31 @@ module   Chamber
   end
 
   it 'can construct a namespaced private key filepath' do
-    key_pair = KeyPair.new(namespace:     'my-namespace',
+    key_pair = KeyPair.new(namespace:     'mynamespace',
                            key_file_path: './tmp/')
 
-    expect(key_pair.unencrypted_private_key_filepath.to_s).to eql './tmp/.chamber.my-namespace.pem'
+    expect(key_pair.unencrypted_private_key_filepath.to_s).to eql './tmp/.chamber.mynamespace.pem'
   end
 
   it 'can construct a namespaced encrypted private key filepath' do
-    key_pair = KeyPair.new(namespace:     'my-namespace',
+    key_pair = KeyPair.new(namespace:     'mynamespace',
                            key_file_path: './tmp/')
 
-    expect(key_pair.encrypted_private_key_filepath.to_s).to eql './tmp/.chamber.my-namespace.enc'
+    expect(key_pair.encrypted_private_key_filepath.to_s).to eql './tmp/.chamber.mynamespace.enc'
   end
 
   it 'can construct a namespaced public key filepath' do
-    key_pair = KeyPair.new(namespace:     'my-namespace',
+    key_pair = KeyPair.new(namespace:     'mynamespace',
                            key_file_path: './tmp/')
 
-    expect(key_pair.public_key_filepath.to_s).to eql './tmp/.chamber.my-namespace.pub.pem'
+    expect(key_pair.public_key_filepath.to_s).to eql './tmp/.chamber.mynamespace.pub.pem'
+  end
+
+  it 'knows to remove special characters from the namespace before adding it to the file' do
+    key_pair = KeyPair.new(namespace:     'my-name.space',
+                           key_file_path: './tmp/')
+
+    expect(key_pair.unencrypted_private_key_filepath.to_s).to eql './tmp/.chamber.mynamespace.pem'
   end
 end
 end
diff --git a/spec/lib/chamber/keys/decryption_spec.rb b/spec/lib/chamber/keys/decryption_spec.rb
@@ -133,14 +133,16 @@ module    Keys
                           'spec/fixtures/keys/.chamber.pem',
                           'spec/fixtures/keys/.chamber.production.pem',
                           'spec/fixtures/keys/.chamber.test.pem',
+                          'spec/fixtures/keys/.chamber.examplehostcom.pem',
                         ],
           )
 
     expect(key).to eql(
-                        __default:   "default private key\n",
-                        development: "development private key\n",
-                        production:  "production private key\n",
-                        test:        "test private key\n",
+                        __default:      "default private key\n",
+                        development:    "development private key\n",
+                        examplehostcom: "example-host.com private key\n",
+                        production:     "production private key\n",
+                        test:           "test private key\n",
                       )
   end
 

diff --git a/spec/lib/chamber/keys/encryption_spec.rb b/spec/lib/chamber/keys/encryption_spec.rb
@@ -54,6 +54,20 @@ module    Keys
     ENV.delete('CHAMBER_DEVELOPMENT_PUBLIC_KEY')
   end
 
+  it 'can find namespaced key files when namespace contains special characters' do
+    key = Encryption.resolve(rootpath:   'spec/fixtures/keys/',
+                             namespaces: %w{example-host.com})
+
+    expect(key).to include(examplehostcom: "example-host.com public key\n")
+  end
+
+  it 'can find namespaced key files when the namespace is a symbol' do
+    key = Encryption.resolve(rootpath:   'spec/fixtures/keys/',
+                             namespaces: [:'example-host.com'])
+
+    expect(key).to include(examplehostcom: "example-host.com public key\n")
+  end
+
   it 'can generate generic key filenames from namespaces' do
     key = Encryption.resolve(rootpath:   'spec/fixtures/keys/',
                              namespaces: %w{test production},
@@ -121,14 +135,16 @@ module    Keys
                           'spec/fixtures/keys/.chamber.pub.pem',
                           'spec/fixtures/keys/.chamber.production.pub.pem',
                           'spec/fixtures/keys/.chamber.test.pub.pem',
+                          'spec/fixtures/keys/.chamber.examplehostcom.pub.pem',
                         ],
           )
 
     expect(key).to eql(
-                        __default:   "default public key\n",
-                        development: "development public key\n",
-                        production:  "production public key\n",
-                        test:        "test public key\n",
+                        __default:      "default public key\n",
+                        development:    "development public key\n",
+                        examplehostcom: "example-host.com public key\n",
+                        production:     "production public key\n",
+                        test:           "test public key\n",
                       )
   end