# export generated files
manager.export_nodes(nodes)
- manager.export_secrets
+ manager.export_secrets(nodes.nil?) # only do a "clean" export if we are examining all the nodes
end
def update_compiled_ssh_configs
end
end
- def export_secrets(destination_file = nil)
+ def export_secrets(clean_unused_secrets = false)
if @secrets.any?
- file_path = destination_file || Path.named_path(:secrets_config, @provider_dir)
- Util.write_file!(file_path, @secrets.dump_json + "\n")
+ Util.write_file!([:secrets_config, @provider_dir], @secrets.dump_json(clean_unused_secrets) + "\n")
end
end
self[key] ||= value
end
- def dump_json
- self.each_key do |key|
- unless @discovered_keys[key]
- self.delete(key)
+ #
+ # if only_discovered_keys is true, then we will only export
+ # those secrets that have been discovered and the prior ones will be cleaned out.
+ #
+ # this should only be triggered when all nodes have been processed, otherwise
+ # secrets that are actually in use will get mistakenly removed.
+ #
+ #
+ def dump_json(only_discovered_keys=false)
+ if only_discovered_keys
+ self.each_key do |key|
+ unless @discovered_keys[key]
+ self.delete(key)
+ end
end
end
- super
+ super()
end
end
projects / leap / leap_cli.git / commitdiff