diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4321fa2a..74111022 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -35,6 +35,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - uses: actions/setup-python@v2 with: python-version: "3.10" diff --git a/CHANGELOG.md b/CHANGELOG.md index a0cf709b..8268643e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1 +1,18 @@ # CHANGELOG + + + +## v1.0.1 (2024-01-29) + +### Fix + +* fix: duplicate blocks in the same file causes errors (#28) + +When an encrypted block is present more than one time in a file it causes errors since the first replacement replaces both instances and the second then fails. ([`21b8543`](https://github.com/raddessi/salt-gnupg-rotate/commit/21b85430313d4e9923773d03a5f9dab0c033281a)) + + +## v1.0.0 (2024-01-29) + +### Breaking + +* feat!: initial release ([`7eefa6a`](https://github.com/raddessi/salt-gnupg-rotate/commit/7eefa6a9c262bcd5e36f68af2a7bafb752cbce4e)) diff --git a/pyproject.toml b/pyproject.toml index 937e6c22..48ae5d73 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,7 +1,7 @@ # Poetry package config [tool.poetry] name = "salt-gnupg-rotate" -version = "0.2.2" +version = "1.0.1" description = "Easily rotate gnupg encryption keys of fully or partially encrypted files." authors = ["Ryan Addessi "] license = "BSD 2-Clause 'Simplified' License" diff --git a/salt_gnupg_rotate/__init__.py b/salt_gnupg_rotate/__init__.py index 6006abeb..868e6146 100644 --- a/salt_gnupg_rotate/__init__.py +++ b/salt_gnupg_rotate/__init__.py @@ -3,4 +3,4 @@ Easily rotate gnupg encryption keys of fully or partially encrypted files. """ -__version__ = "0.2.2" +__version__ = "1.0.1" diff --git a/salt_gnupg_rotate/rotate.py b/salt_gnupg_rotate/rotate.py index 019ccafa..824b3c86 100644 --- a/salt_gnupg_rotate/rotate.py +++ b/salt_gnupg_rotate/rotate.py @@ -178,7 +178,7 @@ def encrypt(self) -> None: ) proposed_change = new_contents.replace( - encrypted_block, reencrypted_padded_block + encrypted_block, reencrypted_padded_block, 1 ) # check if nothing was changed incorrectly if proposed_change == new_contents: diff --git a/tests/conftest.py b/tests/conftest.py index 5497df55..a3eb5b85 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -76,6 +76,7 @@ def gnupg_keyring_dirpath() -> str: "multiple_keys_in_yaml.sls", "one_key_in_yaml.sls", "nonconforming_file_type.txt", + "duplicate_blocks_in_yaml.sls", ], ) def salt_pillar_fpath_fixture( diff --git a/tests/data/salt_pillar/duplicate_blocks_in_yaml.sls b/tests/data/salt_pillar/duplicate_blocks_in_yaml.sls new file mode 100644 index 00000000..37acfab2 --- /dev/null +++ b/tests/data/salt_pillar/duplicate_blocks_in_yaml.sls @@ -0,0 +1,30 @@ +this-value: | + -----BEGIN PGP MESSAGE----- + + hF4Dv6kh6n/3RV4SAQdAfdDaT1ktkS3ktXnEG50DlmouWC5DGCZzBKzY/bR42hUw + R8Nvh06CDXJKwst4WxvLM72aOIjOnTL3KZtDqiWi4e8wuPCbvh1c2K+D5YwIVC4Y + 1FcBCQIQqw/ziVZigFuWV/CWlGz7kqYWRiKP0ZnGcENhcQTYseYeEjThHyYA0Mki + fB6t85QuRuIANeR2SrMeKVhI1AU1hoH0UAzrrDeFzdMz0mVxFEWbQhc= + =QPmN + -----END PGP MESSAGE----- + +gets repeated in the same file: | + -----BEGIN PGP MESSAGE----- + + hF4Dv6kh6n/3RV4SAQdAfdDaT1ktkS3ktXnEG50DlmouWC5DGCZzBKzY/bR42hUw + R8Nvh06CDXJKwst4WxvLM72aOIjOnTL3KZtDqiWi4e8wuPCbvh1c2K+D5YwIVC4Y + 1FcBCQIQqw/ziVZigFuWV/CWlGz7kqYWRiKP0ZnGcENhcQTYseYeEjThHyYA0Mki + fB6t85QuRuIANeR2SrMeKVhI1AU1hoH0UAzrrDeFzdMz0mVxFEWbQhc= + =QPmN + -----END PGP MESSAGE----- + +and sometimes: + at different indentation: | + -----BEGIN PGP MESSAGE----- + + hF4Dv6kh6n/3RV4SAQdAfdDaT1ktkS3ktXnEG50DlmouWC5DGCZzBKzY/bR42hUw + R8Nvh06CDXJKwst4WxvLM72aOIjOnTL3KZtDqiWi4e8wuPCbvh1c2K+D5YwIVC4Y + 1FcBCQIQqw/ziVZigFuWV/CWlGz7kqYWRiKP0ZnGcENhcQTYseYeEjThHyYA0Mki + fB6t85QuRuIANeR2SrMeKVhI1AU1hoH0UAzrrDeFzdMz0mVxFEWbQhc= + =QPmN + -----END PGP MESSAGE-----