complex_config 0.10.0 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7c31636252c684eb2cc7795caec9d106839776b7
-  data.tar.gz: 2670fd9265acf9c09e9ee3d861c97c48693b8146
+  metadata.gz: c1e16fcfcf116bb2445f1d8fb1fc677197da1d8c
+  data.tar.gz: '06978e3eb0ed46f22947227102a38bf3e9ab6c41'
 SHA512:
-  metadata.gz: 8e22fac36b063ddfda658354fb6876949a9fa5e9c87659fd9a2b46e709c3beb6fd9bf857334c9cbe372629dae6c9c4180ff05aa86e19ec4500ed4b301a8696a7
-  data.tar.gz: 9959e033efcccb41b2d110ae01633b4a1e602b7bdce44dc21a3a852005c0df9b5ea2f429cddb8ef28cd5c93e47632f8ff7b43b81f31f7009bfb545357ba7dd57
+  metadata.gz: 2d60eea98b9281b66ab1e7c92a9ac3c5ac137cb3d756fc25c159e4cf3ddbde84c2139d8727246699c8f354995615043b40e9b48d43eb2ed914520bff52f11c15
+  data.tar.gz: 8a6bdda64bded3126bdc64cbbe8e38b62c6d86721cb2902cce97b03a6a49216de76971164cfc57da0da63bd4ae54d10ace59264920997e0e7d67d4f253d16fd5

data/.travis.yml

@@ -3,7 +3,7 @@ rvm:
   - 2.1
   - 2.2
   - 2.3.3
-  - 2.4.0
+  - 2.4.2
   - ruby-head
   - jruby-head
 sudo: false

data/VERSION

@@ -1 +1 @@
-0.10.0
+0.11.0

data/complex_config.gemspec

@@ -1,24 +1,24 @@
 # -*- encoding: utf-8 -*-
-# stub: complex_config 0.10.0 ruby lib
+# stub: complex_config 0.11.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "complex_config".freeze
-  s.version = "0.10.0"
+  s.version = "0.11.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Florian Frank".freeze]
-  s.date = "2017-02-02"
+  s.date = "2017-10-27"
   s.description = "This library allows you to access configuration files via a simple interface".freeze
   s.email = "flori@ping.de".freeze
-  s.extra_rdoc_files = ["README.md".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze]
-  s.files = [".gitignore".freeze, ".rspec".freeze, ".travis.yml".freeze, ".utilsrc".freeze, "COPYING".freeze, "Gemfile".freeze, "README.md".freeze, "Rakefile".freeze, "TODO.md".freeze, "VERSION".freeze, "complex_config.gemspec".freeze, "config/products.yml".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze, "spec/complex_config/config_spec.rb".freeze, "spec/complex_config/plugins_spec.rb".freeze, "spec/complex_config/provider_spec.rb".freeze, "spec/complex_config/settings_spec.rb".freeze, "spec/complex_config/shortcuts_spec.rb".freeze, "spec/config/broken_config.yml".freeze, "spec/config/config.yml".freeze, "spec/spec_helper.rb".freeze]
+  s.extra_rdoc_files = ["README.md".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/encryption.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze]
+  s.files = [".gitignore".freeze, ".rspec".freeze, ".travis.yml".freeze, ".utilsrc".freeze, "COPYING".freeze, "Gemfile".freeze, "README.md".freeze, "Rakefile".freeze, "TODO.md".freeze, "VERSION".freeze, "complex_config.gemspec".freeze, "config/products.yml".freeze, "lib/complex_config.rb".freeze, "lib/complex_config/config.rb".freeze, "lib/complex_config/encryption.rb".freeze, "lib/complex_config/errors.rb".freeze, "lib/complex_config/plugins.rb".freeze, "lib/complex_config/plugins/enable.rb".freeze, "lib/complex_config/plugins/money.rb".freeze, "lib/complex_config/plugins/uri.rb".freeze, "lib/complex_config/provider.rb".freeze, "lib/complex_config/provider/shortcuts.rb".freeze, "lib/complex_config/proxy.rb".freeze, "lib/complex_config/railtie.rb".freeze, "lib/complex_config/rude.rb".freeze, "lib/complex_config/settings.rb".freeze, "lib/complex_config/shortcuts.rb".freeze, "lib/complex_config/version.rb".freeze, "spec/complex_config/config_spec.rb".freeze, "spec/complex_config/encryption_spec.rb".freeze, "spec/complex_config/plugins_spec.rb".freeze, "spec/complex_config/provider_spec.rb".freeze, "spec/complex_config/settings_spec.rb".freeze, "spec/complex_config/shortcuts_spec.rb".freeze, "spec/config/broken_config.yml".freeze, "spec/config/config.yml".freeze, "spec/spec_helper.rb".freeze]
   s.homepage = "https://github.com/flori/complex_config".freeze
   s.licenses = ["Apache-2.0".freeze]
   s.rdoc_options = ["--title".freeze, "ComplexConfig -- configuration library".freeze, "--main".freeze, "README.md".freeze]
-  s.rubygems_version = "2.6.8".freeze
+  s.rubygems_version = "2.6.13".freeze
   s.summary = "configuration library".freeze
-  s.test_files = ["spec/complex_config/config_spec.rb".freeze, "spec/complex_config/plugins_spec.rb".freeze, "spec/complex_config/provider_spec.rb".freeze, "spec/complex_config/settings_spec.rb".freeze, "spec/complex_config/shortcuts_spec.rb".freeze, "spec/spec_helper.rb".freeze]
+  s.test_files = ["spec/complex_config/config_spec.rb".freeze, "spec/complex_config/encryption_spec.rb".freeze, "spec/complex_config/plugins_spec.rb".freeze, "spec/complex_config/provider_spec.rb".freeze, "spec/complex_config/settings_spec.rb".freeze, "spec/complex_config/shortcuts_spec.rb".freeze, "spec/spec_helper.rb".freeze]
 
   if s.respond_to? :specification_version then
     s.specification_version = 4

data/lib/complex_config.rb

@@ -10,4 +10,5 @@ require 'complex_config/settings'
 require 'complex_config/config'
 require 'complex_config/provider/shortcuts'
 require 'complex_config/provider'
+require 'complex_config/encryption'
 defined? Rails and require 'complex_config/railtie'

data/lib/complex_config/encryption.rb

@@ -0,0 +1,58 @@
+require "openssl"
+require "base64"
+
+class ComplexConfig::Encryption
+  class EncryptionError < StandardError; end
+
+  class DecryptionFailed < EncryptionError; end
+
+  def initialize(secret)
+    @secret = secret
+    @cipher = OpenSSL::Cipher.new('aes-128-gcm')
+  end
+
+  def encrypt(text)
+
+    @cipher.encrypt
+    @cipher.key = @secret
+    iv = @cipher.random_iv
+    @cipher.auth_data = ""
+
+    encrypted = @cipher.update(Marshal.dump(text))
+    encrypted << @cipher.final
+
+    [
+      encrypted,
+      iv,
+      @cipher.auth_tag
+    ].map { |v| base64_encode(v) }.join('--')
+  end
+
+  def decrypt(text)
+    encrypted, iv, auth_tag = text.split('--').map { |v| base64_decode(v) }
+
+    auth_tag.nil? || auth_tag.bytes.length != 16 and
+      raise DecryptionFailed, "auth_tag #{auth_tag.inspect} invalid"
+
+    @cipher.decrypt
+    @cipher.key = @secret
+    @cipher.iv  = iv
+    @cipher.auth_tag = auth_tag
+    @cipher.auth_data = ""
+
+    decrypted_data = @cipher.update(encrypted)
+    decrypted_data << @cipher.final
+
+    Marshal.load(decrypted_data)
+  end
+
+  private
+
+  def base64_encode(x)
+    ::Base64.strict_encode64(x)
+  end
+
+  def base64_decode(x)
+    ::Base64.strict_decode64(x)
+  end
+end

data/lib/complex_config/provider.rb

@@ -57,7 +57,16 @@ class ComplexConfig::Provider
   end
 
   def config(pathname, name = nil)
-    result = evaluate(pathname)
+    data =
+      if enc_pathname = pathname.to_s + '.enc' and File.exist?(enc_pathname)
+        key = key(pathname)
+        text = IO.binread(enc_pathname)
+        # TODO merge with pathname w/o .enc
+        ComplexConfig::Encryption.new(key).decrypt(text)
+      else
+        IO.binread(pathname)
+      end
+    result = evaluate(pathname, data)
     hash = ::YAML.load(result, pathname)
     ComplexConfig::Settings.build(name, hash).tap do |settings|
       deep_freeze? and settings.deep_freeze
@@ -89,8 +98,7 @@ class ComplexConfig::Provider
     self
   end
 
-  def evaluate(pathname)
-    data = File.read pathname
+  def evaluate(pathname, data)
     erb = ::ERB.new(data)
     erb.filename = pathname.to_s
     erb.result
@@ -101,4 +109,27 @@ class ComplexConfig::Provider
   end
 
   attr_writer :env
+
+  def key(pathname = nil)
+    key = [
+      @key,
+      read_key_from_file(pathname),
+      ENV['RAILS_MASTER_KEY']
+    ].compact[0, 1]
+    unless key.empty?
+      key.pack('H*')
+    end
+  end
+
+  attr_writer :key
+
+  private
+
+  def read_key_from_file(pathname)
+    if pathname
+      IO.binread(pathname.to_s + '.key')
+    end
+  rescue Errno::ENOENT
+  end
 end
+

data/lib/complex_config/version.rb

@@ -1,6 +1,6 @@
 module ComplexConfig
   # ComplexConfig version
-  VERSION         = '0.10.0'
+  VERSION         = '0.11.0'
   VERSION_ARRAY   = VERSION.split('.').map(&:to_i) # :nodoc:
   VERSION_MAJOR   = VERSION_ARRAY[0] # :nodoc:
   VERSION_MINOR   = VERSION_ARRAY[1] # :nodoc:

data/spec/complex_config/encryption_spec.rb

@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+RSpec.describe ComplexConfig::Encryption do
+  let :secret do
+    "\x1A8\x9E\xA8\xC2\x7F@@6\xB2W\a\x9A)\xCDw"
+  end
+
+  let :value do
+    Marshal.dump('foobar')
+  end
+
+  let :enc do
+    described_class.new secret
+  end
+
+  let :encrypted do
+    "3uAULzmKjJGIWuFeEK+fORPAMPs=--BhH9oIkxoDiOlyLK--Ni5r+QtO9EYcDd7HlYd3Yw=="
+  end
+
+  it 'can encrypt' do
+    expect(enc.encrypt(value)).to match /\A.+--.+--.+==\z/
+  end
+
+  it 'can decrypt' do
+    expect(enc.decrypt(encrypted)).to eq value
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: complex_config
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.11.0
 platform: ruby
 authors:
 - Florian Frank
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-02 00:00:00.000000000 Z
+date: 2017-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gem_hadar
@@ -130,6 +130,7 @@ extra_rdoc_files:
 - README.md
 - lib/complex_config.rb
 - lib/complex_config/config.rb
+- lib/complex_config/encryption.rb
 - lib/complex_config/errors.rb
 - lib/complex_config/plugins.rb
 - lib/complex_config/plugins/enable.rb
@@ -158,6 +159,7 @@ files:
 - config/products.yml
 - lib/complex_config.rb
 - lib/complex_config/config.rb
+- lib/complex_config/encryption.rb
 - lib/complex_config/errors.rb
 - lib/complex_config/plugins.rb
 - lib/complex_config/plugins/enable.rb
@@ -172,6 +174,7 @@ files:
 - lib/complex_config/shortcuts.rb
 - lib/complex_config/version.rb
 - spec/complex_config/config_spec.rb
+- spec/complex_config/encryption_spec.rb
 - spec/complex_config/plugins_spec.rb
 - spec/complex_config/provider_spec.rb
 - spec/complex_config/settings_spec.rb
@@ -203,12 +206,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: configuration library
 test_files:
 - spec/complex_config/config_spec.rb
+- spec/complex_config/encryption_spec.rb
 - spec/complex_config/plugins_spec.rb
 - spec/complex_config/provider_spec.rb
 - spec/complex_config/settings_spec.rb