Skip to content
Snippets Groups Projects
Commit 6bbcdf11 authored by Dimitris Bozelos's avatar Dimitris Bozelos
Browse files

Issue #3488824 Added Drush commands for all migration tasks

parent 89c8aa5d
No related branches found
No related tags found
No related merge requests found
services:
lockr_to_kms.command.migrate:
class: Drupal\lockr_to_kms\Command\Migrate
arguments:
- '@lockr_to_kms.config_creator'
- '@lockr_to_kms.key_copier'
tags:
- { name: drush.command }
<?php
declare(strict_types=1);
namespace Drupal\lockr_to_kms\Command;
use Drupal\lockr_to_kms\ConfigCreator;
use Drupal\lockr_to_kms\KeyCopier;
use Drush\Commands\DrushCommands;
/**
* Provides commands for migrating encryption keys from Lockr to Encrypt KMS.
*/
class Migrate extends DrushCommands {
/**
* Constructs a new Migrate object.
*
* @param \Drupal\lockr_to_kms\ConfigCreator $configCreator
* The Lockr To AWS KMS configuration creator.
* @param \Drupal\lockr_to_kms\KeyCopier $keyCopier
* The Lockr To AWS KMS key copier.
*/
public function __construct(
protected ConfigCreator $configCreator,
protected KeyCopier $keyCopier,
) {
}
/**
* Creates the configuration needed for a KMS key.
*
* @param string $kms_key_id
* The ID to give to the KMS key.
* @param string $kms_key_label
* The label to give to the KMS key.
* @param string $kms_profile_id
* The ID to give to the KMS profile.
* @param string $kms_profile_label
* The label to give to the KMS profile.
* @param string $kms_data_key_id
* The ID to give to the KMS data key.
* @param string $kms_data_key_label
* The label to give to the KMS data key.
* @param string $kms_data_profile_id
* The ID to give to the KMS data profile.
* @param string $kms_data_profile_label
* The label to give to the KMS data profile.
*
* @command lockr_to_kms:create-config
*
* @usage drush lockr_to_kms:create-config 'kms_key' 'AWS KMS key' 'kms_profile' 'AWS KMS encryption profile' 'kms_data_key' 'AWS KMS data key' 'kms_data_profile' 'AWS KMS data encryption profile'
* Creates the configuration required for storing the wrapper and data
* encryption profile required for encrypting and decrypting data with AWS
* KMS.
*
* @see \Drupal\lockr_to_kms\ConfigCreator::create()
*/
public function createConfig(
string $kms_key_id,
string $kms_key_label,
string $kms_profile_id,
string $kms_profile_label,
string $kms_data_key_id,
string $kms_data_key_label,
string $kms_data_profile_id,
string $kms_data_profile_label,
): void {
$this->configCreator->create(
$kms_key_id,
$kms_key_label,
$kms_profile_id,
$kms_profile_label,
$kms_data_key_id,
$kms_data_key_label,
$kms_data_profile_id,
$kms_data_profile_label,
);
}
/**
* Copies the Lockr key to the KMS secret.
*
* @param string $lockr_profile_id
* The ID of the Lockr encryption profile.
* @param string $kms_data_profile_id
* The ID of the KMS data encryption profile.
*
* @command lockr_to_kms:copy-key
*
* @usage drush lockr_to_kms:copy-key 'my_lockr_profile' 'my_kms_data_profile'
* Copies the data encryption key stored in Lockr via the key referenced by
* the 'my_lockr_profile' encryption profile, into the secret stored via the
* key referenced by the 'my_kms_data_profile' encryption profile.
*
* @see \Drupal\lockr_to_kms\KeyCopier::copy()
*/
public function copyKey(
string $lockr_profile_id,
string $kms_data_profile_id,
): void {
$this->keyCopier->copy($lockr_profile_id, $kms_data_profile_id);
}
/**
* Validates data encryption with the given source/target encryption profiles.
*
* @param string $source_profile_id
* The ID of the source encryption profile.
* @param string $target_profile_id
* The ID of the target data encryption profile.
*
* @command lockr_to_kms:test-migration
*
* @usage drush lockr_to_kms:test-migration 'my_lockr_profile' 'my_kms_data_profile'
* Validates that data encrypted with the source profile can be decrypted
* using the target profile.
*
* @see \Drupal\lockr_to_kms\KeyCopier::test()
*/
public function testMigration(
string $source_profile_id,
string $target_profile_id,
): void {
$this->keyCopier->test($source_profile_id, $target_profile_id);
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment