From 89da880dc2ae9aff184d81a5edc702a5c0f1cd87 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Mon, 28 Jan 2013 02:45:36 -0800
Subject: remove old secrets from secrets.json if they are not defined
 anywhere.

---
 lib/leap_cli.rb                |  1 +
 lib/leap_cli/config/manager.rb |  2 +-
 lib/leap_cli/config/object.rb  |  2 +-
 lib/leap_cli/config/secrets.rb | 33 +++++++++++++++++++++++++++++++++
 4 files changed, 36 insertions(+), 2 deletions(-)
 create mode 100644 lib/leap_cli/config/secrets.rb

diff --git a/lib/leap_cli.rb b/lib/leap_cli.rb
index 31a9d8f..384a5f2 100644
--- a/lib/leap_cli.rb
+++ b/lib/leap_cli.rb
@@ -20,6 +20,7 @@ require 'leap_cli/ssh_key'
 require 'leap_cli/config/object'
 require 'leap_cli/config/node'
 require 'leap_cli/config/tag'
+require 'leap_cli/config/secrets'
 require 'leap_cli/config/object_list'
 require 'leap_cli/config/manager'
 
diff --git a/lib/leap_cli/config/manager.rb b/lib/leap_cli/config/manager.rb
index c860b5c..5fc4499 100644
--- a/lib/leap_cli/config/manager.rb
+++ b/lib/leap_cli/config/manager.rb
@@ -35,7 +35,7 @@ module LeapCli
         @nodes    = load_all_json(Path.named_path([:node_config, '*'],    @provider_dir), Config::Node)
         @common   = load_json(common_path, Config::Object)
         @provider = load_json(provider_path, Config::Object)
-        @secrets  = load_json(Path.named_path(:secrets_config,  @provider_dir), Config::Object)
+        @secrets  = load_json(Path.named_path(:secrets_config,  @provider_dir), Config::Secrets)
 
         # inherit
         @services.inherit_from! base_services
diff --git a/lib/leap_cli/config/object.rb b/lib/leap_cli/config/object.rb
index ef5133f..e039660 100644
--- a/lib/leap_cli/config/object.rb
+++ b/lib/leap_cli/config/object.rb
@@ -270,7 +270,7 @@ module LeapCli
       # manager.export_secrets should be called later to capture any newly generated secrets.
       #
       def secret(name, length=32)
-        @manager.secrets[name.to_s] ||= Util::Secret.generate(length)
+        @manager.secrets.set(name, Util::Secret.generate(length))
       end
 
       #
diff --git a/lib/leap_cli/config/secrets.rb b/lib/leap_cli/config/secrets.rb
new file mode 100644
index 0000000..00d0cd6
--- /dev/null
+++ b/lib/leap_cli/config/secrets.rb
@@ -0,0 +1,33 @@
+#
+#
+# A class for the secrets.json file
+#
+#
+
+module LeapCli; module Config
+
+  class Secrets < Object
+    attr_reader :node_list
+
+    def initialize(manager=nil)
+      super(manager)
+      @discovered_keys = {}
+    end
+
+    def set(key, value)
+      key = key.to_s
+      @discovered_keys[key] = true
+      self[key] ||= value
+    end
+
+    def dump_json
+      self.each_key do |key|
+        unless @discovered_keys[key]
+          self.delete(key)
+        end
+      end
+      super
+    end
+  end
+
+end; end
-- 
cgit v1.2.3