Class: Ironclad::KeyStore

Inherits:

Object

Object
Ironclad::KeyStore

show all

Defined in:: lib/ironclad/key_store.rb

Overview

Read-through cache: keys are read from the local OS keystore and pulled from the source only on a miss, so repeated calls don’t round-trip to it.

Instance Method Summary collapse

#initialize(config, cache: nil, source: nil) ⇒ KeyStore constructor

A new instance of KeyStore.
#key(environment, refresh: false) ⇒ Object

Return the key for an environment.

Constructor Details

#initialize(config, cache: nil, source: nil) ⇒ `KeyStore`

Returns a new instance of KeyStore.

# File 'lib/ironclad/key_store.rb', line 7

def initialize(config, cache: nil, source: nil)
  @config = config
  @cache = cache || Cache.for_platform(config.app)
  # Defaults to 1Password; inject another source to use a different manager.
  @source = source || Source::OnePassword.new(config.account)
end

Instance Method Details

#key(environment, refresh: false) ⇒ `Object`

Return the key for an environment. With refresh: true, skip the cache and re-seed it from the source (use after a key rotation).

# File 'lib/ironclad/key_store.rb', line 16

def key(environment, refresh: false)
  name = @config.cache_key(environment)

  unless refresh
    cached = @cache.read(name)
    return cached if cached && !cached.empty?
  end

  fetched = @source.read(@config.reference(environment))
  @cache.write(name, fetched)
  fetched
end