namespace :secrets do
  desc "Encrypt your secrets - rake secrets:encrypt"
  task :encrypt do
    puts "Attempting to decrypt..."
    if File.file?("config/application_secrets.yml")
      sh("aws kms encrypt --key-id arn:aws:kms:us-west-2:155751353262:alias/properties --plaintext fileb://config/application_secrets.yml --output text --query CiphertextBlob | base64 --decode > config/application_secrets.yml.enc")
    else
      puts "Error: File missing. config/application_secrets.yml is required."
    end
  end

  desc "Decrypt your secrets - rake secrets:decrypt"
  task :decrypt do
    puts "Attempting to decrypt..."
    if File.file?("config/application_secrets.yml.enc")
      sh("aws kms decrypt --ciphertext-blob fileb://config/application_secrets.yml.enc --output text --query Plaintext | base64 --decode > config/application_secrets.yml")
    else
      puts "Error: File missing. config/application_secrets.yml.enc is required."
    end

    if File.file?("config/application_keys.yml") && File.file?("config/application_secrets.yml")
      SuperTopSecret::Injector.generate_config("config/application_keys.yml", "config/application_secrets.yml")
    else
      puts "Error: File(s) missing. config/application_keys.yml && config/application_secrets.yml are both required."
    end
  end

end