chamber 2.10.1 → 2.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/lib/chamber/encryption_methods/none.rb +2 -0
  5. data/lib/chamber/version.rb +1 -1
  6. metadata +22 -99
  7. metadata.gz.sig +0 -0
  8. data/spec/fixtures/settings.yml +0 -28
  9. data/spec/lib/chamber/commands/files_spec.rb +0 -24
  10. data/spec/lib/chamber/commands/heroku/clear_spec.rb +0 -12
  11. data/spec/lib/chamber/commands/heroku/compare_spec.rb +0 -12
  12. data/spec/lib/chamber/commands/heroku/pull_spec.rb +0 -12
  13. data/spec/lib/chamber/commands/heroku/push_spec.rb +0 -12
  14. data/spec/lib/chamber/commands/secure_spec.rb +0 -42
  15. data/spec/lib/chamber/commands/show_spec.rb +0 -59
  16. data/spec/lib/chamber/context_resolver_spec.rb +0 -164
  17. data/spec/lib/chamber/file_set_spec.rb +0 -250
  18. data/spec/lib/chamber/file_spec.rb +0 -241
  19. data/spec/lib/chamber/filters/boolean_conversion_filter_spec.rb +0 -57
  20. data/spec/lib/chamber/filters/decryption_filter_spec.rb +0 -252
  21. data/spec/lib/chamber/filters/encryption_filter_spec.rb +0 -195
  22. data/spec/lib/chamber/filters/environment_filter_spec.rb +0 -48
  23. data/spec/lib/chamber/filters/failed_decryption_filter_spec.rb +0 -54
  24. data/spec/lib/chamber/filters/insecure_filter_spec.rb +0 -82
  25. data/spec/lib/chamber/filters/namespace_filter_spec.rb +0 -92
  26. data/spec/lib/chamber/filters/secure_filter_spec.rb +0 -41
  27. data/spec/lib/chamber/filters/translate_secure_keys_filter_spec.rb +0 -39
  28. data/spec/lib/chamber/namespace_set_spec.rb +0 -129
  29. data/spec/lib/chamber/settings_spec.rb +0 -390
  30. data/spec/lib/chamber/types/secured_spec.rb +0 -70
  31. data/spec/lib/chamber_spec.rb +0 -314
  32. data/spec/rails-2-test/config.ru +0 -0
  33. data/spec/rails-2-test/config/application.rb +0 -6
  34. data/spec/rails-2-test/script/console +0 -0
  35. data/spec/rails-3-test/config.ru +0 -0
  36. data/spec/rails-3-test/config/application.rb +0 -6
  37. data/spec/rails-3-test/script/rails +0 -0
  38. data/spec/rails-4-test/bin/rails +0 -0
  39. data/spec/rails-4-test/config.ru +0 -0
  40. data/spec/rails-4-test/config/application.rb +0 -6
  41. data/spec/rails-engine-test/spec/dummy/config.ru +0 -0
  42. data/spec/rails-engine-test/spec/dummy/config/application.rb +0 -5
  43. data/spec/rails-engine-test/spec/dummy/script/rails +0 -0
  44. data/spec/spec_key +0 -27
  45. data/spec/spec_key.pub +0 -9
data/spec/lib/chamber/settings_spec.rb DELETED
@@ -1,390 +0,0 @@
1
- # frozen_string_literal: true
2
- require 'rspectacular'
3
- require 'chamber/settings'
4
-
5
- module Chamber
6
- describe Settings do
7
- it 'can verify that it is equal to another Settings object' do
8
- settings = Settings.new(settings: { setting: 'value' },
9
- namespaces: ['good'])
10
- other_settings = Settings.new(settings: { setting: 'value' },
11
- namespaces: ['good'])
12
-
13
- expect(settings).to eql other_settings
14
- end
15
-
16
- it 'does not consider itself equal if the namespaces are not equal' do
17
- settings = Settings.new(settings: { setting: 'value' },
18
- namespaces: ['good'])
19
- other_settings = Settings.new(settings: { setting: 'value' },
20
- namespaces: ['bad'])
21
-
22
- expect(settings).not_to eql other_settings
23
- end
24
-
25
- it 'does not consider itself equal if the settings are not equal' do
26
- settings = Settings.new(settings: { setting: 'value' },
27
- namespaces: ['good'])
28
- other_settings = Settings.new(settings: { setting: 'value 1' },
29
- namespaces: ['good'])
30
-
31
- expect(settings).not_to eql other_settings
32
- end
33
-
34
- it 'knows how to convert itself into an environment hash' do
35
- settings = Settings.new(settings: {
36
- my_setting: 'value',
37
- level_1: {
38
- level_2: {
39
- some_setting: 'hello',
40
- another: 'goodbye',
41
- },
42
- body: 'gracias',
43
- },
44
- there: 'was not that easy?',
45
- })
46
-
47
- expect(settings.to_environment).to eql(
48
- 'MY_SETTING' => 'value',
49
- 'LEVEL_1_LEVEL_2_SOME_SETTING' => 'hello',
50
- 'LEVEL_1_LEVEL_2_ANOTHER' => 'goodbye',
51
- 'LEVEL_1_BODY' => 'gracias',
52
- 'THERE' => 'was not that easy?',
53
- )
54
- end
55
-
56
- it 'sorts environment variables by name when converted to an environment hash so ' \
57
- 'that they are easier to parse for humans' do
58
-
59
- settings = Settings.new(settings: {
60
- 'C' => 'value',
61
- 'D' => 'value',
62
- 'A' => 'value',
63
- 'E' => 'value',
64
- 'B' => 'value',
65
- })
66
-
67
- expect(settings.to_environment.to_a).to eql([
68
- %w{A value},
69
- %w{B value},
70
- %w{C value},
71
- %w{D value},
72
- %w{E value},
73
- ])
74
- end
75
-
76
- it 'can convert itself into a string' do
77
- settings = Settings.new(settings: {
78
- my_setting: 'value',
79
- level_1: {
80
- level_2: {
81
- some_setting: 'hello',
82
- another: 'goodbye',
83
- },
84
- body: 'gracias',
85
- },
86
- there: 'was not that easy?',
87
- })
88
-
89
- expect(settings.to_s).to eql %w{
90
- LEVEL_1_BODY="gracias"
91
- LEVEL_1_LEVEL_2_ANOTHER="goodbye"
92
- LEVEL_1_LEVEL_2_SOME_SETTING="hello"
93
- MY_SETTING="value"
94
- THERE="was not that easy?"
95
- }.join(' ')
96
- end
97
-
98
- it 'can convert itself into a string with custom options' do
99
- settings = Settings.new(settings: {
100
- my_setting: 'value',
101
- level_1: {
102
- level_2: {
103
- some_setting: 'hello',
104
- another: 'goodbye',
105
- },
106
- body: 'gracias',
107
- },
108
- there: 'was not that easy?',
109
- })
110
-
111
- settings_string = settings.to_s hierarchical_separator: '/',
112
- pair_separator: "\n",
113
- value_surrounder: "'",
114
- name_value_separator: ': '
115
-
116
- expect(settings_string).to eql <<-HEREDOC.chomp
117
- LEVEL_1/BODY: 'gracias'
118
- LEVEL_1/LEVEL_2/ANOTHER: 'goodbye'
119
- LEVEL_1/LEVEL_2/SOME_SETTING: 'hello'
120
- MY_SETTING: 'value'
121
- THERE: 'was not that easy?'
122
- HEREDOC
123
- end
124
-
125
- it 'can merge itself with a hash' do
126
- settings = Settings.new(settings: { setting: 'value' })
127
- other_settings = { other_setting: 'another value' }
128
-
129
- merged_settings = settings.merge(other_settings)
130
-
131
- expect(merged_settings).to eq('setting' => 'value',
132
- 'other_setting' => 'another value')
133
- end
134
-
135
- it 'can merge itself with Settings' do
136
- settings = Settings.new(settings: { setting: 'value' },
137
- namespaces: ['good'])
138
- other_settings = Settings.new(settings: { other_setting: 'another value' },
139
- namespaces: ['bad'])
140
-
141
- merged_settings = settings.merge(other_settings)
142
-
143
- expect(merged_settings).to eql Settings.new(settings: {
144
- setting: 'value',
145
- other_setting: 'another value',
146
- },
147
- namespaces: %w{good bad})
148
- end
149
-
150
- it 'does not manipulate the existing Settings but instead returns a new one' do
151
- settings = Settings.new(settings: { setting: 'value' })
152
- other_settings = Settings.new(settings: { other_setting: 'another value' })
153
-
154
- merged_settings = settings.merge(other_settings)
155
-
156
- expect(merged_settings.object_id).not_to eql settings.object_id
157
- expect(merged_settings.object_id).not_to eql other_settings.object_id
158
- end
159
-
160
- it 'can convert itself into a hash' do
161
- settings = Settings.new(settings: { setting: 'value' })
162
-
163
- expect(settings.to_hash).to eql('setting' => 'value')
164
- expect(settings.to_hash).to be_a Hash
165
- expect(settings.to_hash).not_to be_a Hashie::Mash
166
- end
167
-
168
- it 'can convert itself into a hash with flattened names' do
169
- settings = Settings.new(settings: {
170
- my_setting: 'value',
171
- level_1: {
172
- level_2: {
173
- some_setting: 'hello',
174
- another: 'goodbye',
175
- },
176
- body: 'gracias',
177
- },
178
- there: 'was not that easy?',
179
- })
180
-
181
- expect(settings.to_flattened_name_hash).to eql(
182
- %w{my_setting} => 'value',
183
- %w{level_1 level_2 some_setting} => 'hello',
184
- %w{level_1 level_2 another} => 'goodbye',
185
- %w{level_1 body} => 'gracias',
186
- %w{there} => 'was not that easy?',
187
- )
188
- expect(settings.to_flattened_name_hash).to be_a Hash
189
- expect(settings.to_flattened_name_hash).not_to be_a Hashie::Mash
190
- end
191
-
192
- it 'does not allow manipulation of the internal setting hash when converted to ' \
193
- 'a Hash' do
194
-
195
- settings = Settings.new(settings: { setting: 'value' })
196
-
197
- settings_hash = settings.to_hash
198
- settings_hash['setting'] = 'foo'
199
-
200
- expect(settings.__send__(:data).object_id).not_to eql settings_hash.object_id
201
- expect(settings.setting).to eql 'value'
202
- end
203
-
204
- it 'allows messages to be passed through to the underlying data' do
205
- settings = Settings.new(settings: { setting: 'value' })
206
-
207
- expect(settings.setting).to eql 'value'
208
- end
209
-
210
- it 'will still raise an error if the underlying data does not respond to it' do
211
- settings = Settings.new(settings: { setting: 'value' })
212
-
213
- expect { settings.unknown }.to raise_error NoMethodError
214
- end
215
-
216
- it 'can notify properly whether it responds to messages if the underlying data does' do
217
- settings = Settings.new(settings: { setting: 'value' })
218
-
219
- expect(settings.respond_to?(:setting)).to be_a TrueClass
220
- end
221
-
222
- it 'only includes namespaced data if any exists' do
223
- settings = Settings.new(settings: {
224
- namespace_value: {
225
- namespace_setting: 'value',
226
- },
227
- other_namespace_value: {
228
- other_namespace_setting: 'value',
229
- },
230
- non_namespace_setting: 'other value',
231
- },
232
- namespaces: %w{namespace_value other_namespace_value})
233
-
234
- expect(settings).to eq('namespace_setting' => 'value',
235
- 'other_namespace_setting' => 'value')
236
- end
237
-
238
- it 'can decrypt a setting if it finds a secure key' do
239
- settings = Settings.new(
240
- settings: {
241
- _secure_my_encrypted_setting: 'cJbFe0NI5wknmsp2fVgpC/YeBD2pvcdVD+p0pUdnMoYTha' \
242
- 'V4mpsspg/ZTBtmjx7kMwcF6cjXFLDVw3FxptTHwzJUd4ak' \
243
- 'un6EZ57m+QzCMJYnfY95gB2/emEAQLSz4/YwsE4LDGydkE' \
244
- 'jY1ZprfXznf+rU31YGDJUTf34ESz7fsQGSc9DjkBb9ao8M' \
245
- 'v4cI7pCXkQZDwS5kLAZDf6agy1GzeL71Z8lrmQzk8QQuf/' \
246
- '1kQzxsWVlzpKNXWS7u2CJ0sN5eINMngJBfv5ZFrZgfXc86' \
247
- 'wdgUKc8aaoX8OQA1kKTcdgbE9NcAhNr1+WfNxMnz84XzmU' \
248
- 'p2Y0H1jPgGkBKQJKArfQ==',
249
- },
250
- decryption_key: './spec/spec_key',
251
- )
252
-
253
- expect(settings).to eq('my_encrypted_setting' => 'hello')
254
- end
255
-
256
- it 'can encrypt a setting if it finds a secure key' do
257
- settings = Settings.new(settings: {
258
- _secure_my_encrypted_setting: 'hello',
259
- },
260
- encryption_key: './spec/spec_key.pub',
261
- pre_filters: [],
262
- post_filters: [Filters::EncryptionFilter])
263
-
264
- expect(settings._secure_my_encrypted_setting).to match \
265
- Filters::EncryptionFilter::BASE64_STRING_PATTERN
266
- end
267
-
268
- it 'can encrypt a settings without explicitly having to have a filter passed' do
269
- settings = Settings.new(settings: {
270
- _secure_my_encrypted_setting: 'hello',
271
- },
272
- decryption_key: './spec/spec_key',
273
- encryption_key: './spec/spec_key.pub')
274
-
275
- expect(settings).to eq('my_encrypted_setting' => 'hello')
276
-
277
- secure_settings = settings.secure
278
-
279
- expect(secure_settings.my_encrypted_setting).to match \
280
- Filters::EncryptionFilter::BASE64_STRING_PATTERN
281
- end
282
-
283
- it 'can check if it is equal to other items which can be converted into hashes' do
284
- settings = Settings.new(settings: { setting: 'value' })
285
-
286
- expect(settings).to eq('setting' => 'value')
287
- end
288
-
289
- it 'can filter securable settings' do
290
- settings = Settings.new(
291
- settings: {
292
- _secure_my_encrypted_setting: 'cJbFe0NI5wknmsp2fVgpC/YeBD2pvcdVD+p0pUdnMoYTha' \
293
- 'V4mpsspg/ZTBtmjx7kMwcF6cjXFLDVw3FxptTHwzJUd4ak' \
294
- 'un6EZ57m+QzCMJYnfY95gB2/emEAQLSz4/YwsE4LDGydkE' \
295
- 'jY1ZprfXznf+rU31YGDJUTf34ESz7fsQGSc9DjkBb9ao8M' \
296
- 'v4cI7pCXkQZDwS5kLAZDf6agy1GzeL71Z8lrmQzk8QQuf/' \
297
- '1kQzxsWVlzpKNXWS7u2CJ0sN5eINMngJBfv5ZFrZgfXc86' \
298
- 'wdgUKc8aaoX8OQA1kKTcdgbE9NcAhNr1+WfNxMnz84XzmU' \
299
- 'p2Y0H1jPgGkBKQJKArfQ==',
300
- _secure_my_unencrypted_setting: 'nifty',
301
- my_insecure_setting: 'goodbye',
302
- },
303
- decryption_key: './spec/spec_key',
304
- )
305
-
306
- secured_settings = settings.securable
307
-
308
- expect(secured_settings.my_encrypted_setting).to eql 'hello'
309
- expect(secured_settings.my_unencrypted_setting).to eql 'nifty'
310
- expect(secured_settings.my_insecure_setting?).to eql false
311
- end
312
-
313
- it 'can filter unencrypted settings' do
314
- settings = Settings.new(
315
- settings: {
316
- _secure_my_encrypted_setting: 'cJbFe0NI5wknmsp2fVgpC/YeBD2pvcdVD+p0pUdnMoYTha' \
317
- 'V4mpsspg/ZTBtmjx7kMwcF6cjXFLDVw3FxptTHwzJUd4ak' \
318
- 'un6EZ57m+QzCMJYnfY95gB2/emEAQLSz4/YwsE4LDGydkE' \
319
- 'jY1ZprfXznf+rU31YGDJUTf34ESz7fsQGSc9DjkBb9ao8M' \
320
- 'v4cI7pCXkQZDwS5kLAZDf6agy1GzeL71Z8lrmQzk8QQuf/' \
321
- '1kQzxsWVlzpKNXWS7u2CJ0sN5eINMngJBfv5ZFrZgfXc86' \
322
- 'wdgUKc8aaoX8OQA1kKTcdgbE9NcAhNr1+WfNxMnz84XzmU' \
323
- 'p2Y0H1jPgGkBKQJKArfQ==',
324
- _secure_my_unencrypted_setting: 'nifty',
325
- my_insecure_setting: 'goodbye',
326
- },
327
- decryption_key: './spec/spec_key',
328
- )
329
-
330
- secured_settings = settings.insecure
331
-
332
- expect(secured_settings.my_encrypted_setting?).to eql false
333
- expect(secured_settings.my_unencrypted_setting).to eql 'nifty'
334
- expect(secured_settings.my_insecure_setting?).to eql false
335
- end
336
-
337
- it 'raises an exception when it accesses a value which cannot be decrypted' do
338
- settings = Settings.new(
339
- settings: {
340
- _secure_my_encrypted_setting: 'cJbFe0NI5wknmsp2fVgpC/YeBD2pvcdVD+p0pUdnMoYTha' \
341
- 'V4mpsspg/ZTBtmjx7kMwcF6cjXFLDVw3FxptTHwzJUd4ak' \
342
- 'un6EZ57m+QzCMJYnfY95gB2/emEAQLSz4/YwsE4LDGydkE' \
343
- 'jY1ZprfXznf+rU31YGDJUTf34ESz7fsQGSc9DjkBb9ao8M' \
344
- 'v4cI7pCXkQZDwS5kLAZDf6agy1GzeL71Z8lrmQzk8QQuf/' \
345
- '1kQzxsWVlzpKNXWS7u2CJ0sN5eINMngJBfv5ZFrZgfXc86' \
346
- 'wdgUKc8aaoX8OQA1kKTcdgbE9NcAhNr1+WfNxMnz84XzmU' \
347
- 'p2Y0H1jPgGkBKQJKArfQ==',
348
- },
349
- )
350
-
351
- expect { settings.my_encrypted_setting }.
352
- to raise_error Chamber::Errors::DecryptionFailure
353
- end
354
-
355
- it 'prefers environment variable values over encrypted values' do
356
- ENV['MY_ENCRYPTED_SETTING'] = 'my env setting'
357
- ENV['ENCRYPTED_GROUP_MY_ENCRYPTED_GROUP_SETTING'] = 'my env group'
358
-
359
- settings = Settings.new(
360
- settings: {
361
- _secure_my_encrypted_setting: 'cJbFe0NI5wknmsp2fVgpC/YeBD2pvcdVD+p0pUdnMoYTha' \
362
- 'V4mpsspg/ZTBtmjx7kMwcF6cjXFLDVw3FxptTHwzJUd4ak' \
363
- 'un6EZ57m+QzCMJYnfY95gB2/emEAQLSz4/YwsE4LDGydkE' \
364
- 'jY1ZprfXznf+rU31YGDJUTf34ESz7fsQGSc9DjkBb9ao8M' \
365
- 'v4cI7pCXkQZDwS5kLAZDf6agy1GzeL71Z8lrmQzk8QQuf/' \
366
- '1kQzxsWVlzpKNXWS7u2CJ0sN5eINMngJBfv5ZFrZgfXc86' \
367
- 'wdgUKc8aaoX8OQA1kKTcdgbE9NcAhNr1+WfNxMnz84XzmU' \
368
- 'p2Y0H1jPgGkBKQJKArfQ==',
369
- encrypted_group: {
370
- _secure_my_encrypted_group_setting: 'cJbFe0NI5wknmsp2fVgpC/YeBD2pvcdVD+p0pUdn' \
371
- 'MoYThaV4mpsspg/ZTBtmjx7kMwcF6cjXFLDVw3Fx' \
372
- 'ptTHwzJUd4akun6EZ57m+QzCMJYnfY95gB2/emEA' \
373
- 'QLSz4/YwsE4LDGydkEjY1ZprfXznf+rU31YGDJUT' \
374
- 'f34ESz7fsQGSc9DjkBb9ao8Mv4cI7pCXkQZDwS5k' \
375
- 'LAZDf6agy1GzeL71Z8lrmQzk8QQuf/1kQzxsWVlz' \
376
- 'pKNXWS7u2CJ0sN5eINMngJBfv5ZFrZgfXc86wdgU' \
377
- 'Kc8aaoX8OQA1kKTcdgbE9NcAhNr1+WfNxMnz84Xz' \
378
- 'mUp2Y0H1jPgGkBKQJKArfQ==',
379
- },
380
- },
381
- )
382
-
383
- expect(settings.my_encrypted_setting).to eql 'my env setting'
384
- expect(settings.encrypted_group.my_encrypted_group_setting).to eql 'my env group'
385
-
386
- ENV['MY_ENCRYPTED_SETTING'] = nil
387
- ENV['ENCRYPTED_GROUP_MY_ENCRYPTED_GROUP_SETTING'] = nil
388
- end
389
- end
390
- end
data/spec/lib/chamber/types/secured_spec.rb DELETED
@@ -1,70 +0,0 @@
1
- require 'rspectacular'
2
- require 'active_support/hash_with_indifferent_access'
3
- require 'chamber/types/secured'
4
-
5
- module Chamber
6
- module Types
7
- describe Secured do
8
- BASE64_STRING_PATTERN = %r{[A-Za-z0-9\+/]{342}==}
9
-
10
- subject do
11
- Secured.new(decryption_key: './spec/spec_key',
12
- encryption_key: './spec/spec_key.pub')
13
- end
14
-
15
- it 'allows strings to be cast from the user' do
16
- json_string = '{ "hello": "there", "whatever": 3 }'
17
- secured = subject.cast(json_string)
18
-
19
- expect(secured).to eql('hello' => 'there', 'whatever' => 3)
20
- end
21
-
22
- it 'allows hashes to be cast from a user' do
23
- json_hash = { 'hello' => 'there', 'whatever' => 3 }
24
- secured = subject.cast(json_hash)
25
-
26
- expect(secured).to eql('hello' => 'there', 'whatever' => 3)
27
- end
28
-
29
- it 'allows nils to be cast from a user' do
30
- secured = subject.cast(nil)
31
-
32
- expect(secured).to be_nil
33
- end
34
-
35
- it 'fails if passed something that it cannot be cast' do
36
- expect { subject.cast(3) }.to \
37
- raise_error(ArgumentError).
38
- with_message('Any attributes encrypted with Chamber must ' \
39
- 'be either a Hash or a valid JSON string')
40
- end
41
-
42
- it 'can deserialize a hash' do
43
- json_string = '{' \
44
- '"_secure_hello":"cpsTajQ/28E0YLQBpJ2tORnLSc6wliCqrmMzU0QfQZJlUWf' \
45
- 'Q1yuev2xLsX56o5QkuJiqaspH9W68qXDC17UqcV0pB0y75d' \
46
- '6ttQZbk3p9QbYgWGZOVlHEA8eJIqDUzisShrrOo+nSin6QK' \
47
- 'UqizSjqhQC3Ii7CjTpMOK5RVc2y34vsVvYoJaqz5IYUEatA' \
48
- 'XxzHsQ5tkcqy++a9LTJVFOt+ug+mTCstNJHW2sUK9L1XrbD' \
49
- '2+KwUNkImCbhl6qeA+4CeVXMFgcpxjaawg5cQCgfSPj8gSy' \
50
- 'pisbID59P0QVXRDQTdncrRv7q16RLmTqKI0xhNGevreFkNG' \
51
- 'LAtSQjFRYfAQA==",' \
52
- '"whatever":3' \
53
- '}'
54
- secured = subject.deserialize(json_string)
55
-
56
- expect(secured).to eql('_secure_hello' => 'there', 'whatever' => 3)
57
- end
58
-
59
- # rubocop:disable Metrics/LineLength
60
- it 'can serialize a hash' do
61
- json_hash = { '_secure_hello' => 'there', 'whatever' => 3 }
62
- secured = subject.serialize(json_hash)
63
-
64
- expect(secured).to be_a String
65
- expect(secured).to match(/{\"_secure_hello\":\"#{BASE64_STRING_PATTERN}\",\"whatever\":3}/)
66
- end
67
- # rubocop:enable Metrics/LineLength
68
- end
69
- end
70
- end