github.com/upcmd/up@v0.8.1-0.20230108151705-ad8b797bf04f/tests/functests/p0193.yml (about) 1 doc_meta: | 2 folder: security 3 title: use env var to encrypt and decrypt 4 5 scopes: 6 - name: nonprod 7 members: [dev, staging] 8 dvars: 9 - name: ENC_KEY_NP 10 value: this_str_is_my_nonprod_enc_key 11 flags: 12 - envVar 13 - name: enc_key 14 value: '{{ env "ENC_KEY_NP" |validateMandatoryFailIfNone "enc_key"}}' 15 16 - name: prod 17 members: [prod] 18 dvars: 19 - name: ENC_KEY_PROD 20 value: this_str_is_my_prod_enc_key 21 flags: 22 - envVar 23 - name: enc_key 24 value: '{{ env "ENC_KEY_PROD" |validateMandatoryFailIfNone "enc_key"}}' 25 26 tasks: 27 - 28 name: task 29 task: 30 - func: call 31 dvars: 32 - name: choice 33 desc: choose 1 to encrypt or anyting else to decrypt 34 flags: [prompt] 35 do: encrypt 36 if: '{{eq .choice "1"}}' 37 else: 38 - func: call 39 do: decrypt 40 41 - 42 name: encrypt 43 task: 44 - 45 func: cmd 46 dvars: 47 - name: raw 48 flags: 49 - prompt 50 - name: encrypted 51 value: '{{ .raw | encryptAES .enc_key}}' 52 - name: decrypted 53 value: '{{ .encrypted | decryptAES .enc_key}}' 54 do: 55 - name: print 56 cmd: '{{ .raw }}' 57 - name: print 58 cmd: '{{ .encrypted }}' 59 - name: print 60 cmd: '{{ .decrypted }}' 61 62 - 63 name: decrypt 64 task: 65 - 66 func: cmd 67 dvars: 68 - name: encrypted 69 desc: please input the encrypted value 70 flags: 71 - prompt 72 - name: decrypted 73 value: '{{ .encrypted | decryptAES .enc_key}}' 74 do: 75 - name: print 76 cmd: '{{ .encrypted }}' 77 - name: print 78 cmd: '{{ .decrypted }}'