dotenv-vault-rails 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4fd6eab8f7ad51c5b1f2b33187eddbcfe000b95e74538fce3d08850990ec5f76
-  data.tar.gz: 20d9bf1e87a3e2c3cd863ad47ecfd8ed7db6608bccc78828da8b38a23f901f0c
+  metadata.gz: 81836f8e99d481c8ae8dc9ab69c6be7c9bc2275d86ab29025db14ad9a31c4a67
+  data.tar.gz: e9e4296b3dd37d4b27f9d2ebc0d3bb9965c1aeb2e33377aaad02ad76527b6a4c
 SHA512:
-  metadata.gz: 4f41e45e09a9f1c97bfc4fa64b0e4322bbd917e30e827b886f80d23d28287aaa894957a27a17b28d119fcf59c741a60b5794fb3dc67dc42c8c77af5b94a4ae43
-  data.tar.gz: 95f221dfd6927d2a04d359079a51a6493d0fc05ba6a79324c1cf5a65e2c2aa31097a1cb1590ec2639623443b8617dc6600592c21db50214dc8f1af9eb57d687c
+  metadata.gz: bf1c763c3304ae0a6e8275298187c6a836578e6e6fe6941d4f1fb7276d158c215e4a9347b28e4ae012b02a52da710dc289f04bcf7c631b6ad9dd3281dde24caf
+  data.tar.gz: 03d12b9d8dfe69f723394076b20cae13a4fc1d7daa550f3b8322bc6ff7ca71735c5368600adf62bdbdea27eeafcad3f048541b135ebefec4a27c6901e64118cb

data/CHANGELOG.md

@@ -0,0 +1,21 @@
+# Changelog
+
+All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.8.0...master)
+
+## 0.8.0
+
+### Added
+
+- Add `dotenv-vault/load`
+
+## 0.7.1
+
+### Added
+
+- Added README
+
+## 0.7.0 and prior
+
+Please see commit history.

data/Gemfile.lock

@@ -1,12 +1,12 @@
 PATH
   remote: .
   specs:
-    dotenv-vault (0.7.0)
+    dotenv-vault (0.8.0)
       dotenv
       lockbox
-    dotenv-vault-rails (0.7.0)
+    dotenv-vault-rails (0.8.0)
       dotenv-rails
-      dotenv-vault (= 0.7.0)
+      dotenv-vault (= 0.8.0)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -1,3 +1,140 @@
-# dotenv-vault
+# dotenv-vault [![Gem Version](https://badge.fury.io/rb/dotenv-vault.svg)](https://badge.fury.io/rb/dotenv-vault)
 
-Coming soon
+<img src="https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg" alt="dotenv-vault" align="right" width="200" />
+
+Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
+
+This new standard lets you sync your .env files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important .env file again.
+
+## Installation
+
+### Rails
+
+Add this line to the top of your application's Gemfile:
+
+```ruby
+gem 'dotenv-vault-rails'
+```
+
+And then execute:
+
+```shell
+$ bundle
+```
+
+## Usage
+
+### `.env`
+
+Basic usage begins just like [dotenv](https://github.com/bkeepers/dotenv).
+
+Add your application configuration to your `.env` file in the root of your project:
+
+```shell
+S3_BUCKET=YOURS3BUCKET
+SECRET_KEY=YOURSECRETKEYGOESHERE
+```
+
+Whenever your application loads, these variables will be available in `ENV`:
+
+```ruby
+config.fog_directory  = ENV['S3_BUCKET']
+```
+
+### `.env.vault`
+
+Usage is similar to git. In the same directory as your `.env` file, run the command:
+
+```shell
+npx dotenv-vault new
+```
+
+Follow those instructions and then run:
+
+```shell
+$ npx dotenv-vault login
+```
+
+Then run push and pull:
+
+```shell
+$ npx dotenv-vault push
+$ npx dotenv-vault pull
+```
+
+That's it!
+
+You just synced your `.env` file. Commit your `.env.vault` file to code, and tell your teammates to run `npx dotenv-vault pull`.
+
+## Multiple Environments
+
+Run the command:
+
+```shell
+$ npx dotenv-vault open production
+```
+
+It will open up an interface to manage your production environment variables.
+
+## Deploy Anywhere
+
+Build your encrypted `.env.vault`:
+
+```shell
+$ npx dotenv-vault build
+```
+
+Safely commit and push your changes:
+
+```shell
+$ git commit -am "Updated .env.vault"
+$ git push
+```
+
+Obtain your `DOTENV_KEY`:
+
+```shell
+$ npx dotenv-vault keys
+```
+
+Set `DOTENV_KEY` on your infrastructure. For example, on Heroku:
+
+```shell
+$ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production"
+```
+
+All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
+
+## FAQ
+
+#### What happens if `DOTENV_KEY` is not set?
+
+Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.
+
+#### Should I commit my `.env` file?
+
+No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
+
+#### Should I commit my `.env.vault` file?
+
+Yes. It is safe and recommended to do so. It contains your vault identifier at the vault provider (in this case [dotenv.org](https://dotenv.org)) and contains your encrypted values.
+
+#### Can I share the `DOTENV_KEY`?
+
+No. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+## Changelog
+
+See [CHANGELOG.md](CHANGELOG.md)
+
+## License
+
+MIT

data/lib/dotenv-vault/load.rb

@@ -0,0 +1,2 @@
+require "dotenv-vault"
+DotenvVault.load

data/lib/dotenv-vault/version.rb

@@ -1,3 +1,3 @@
 module DotenvVault
-  VERSION = "0.7.0"
+  VERSION = "0.8.0"
 end

data/lib/dotenv-vault.rb

@@ -90,7 +90,7 @@ module DotenvVault
   #
   # Decrypts and loads to ENV
   def load_vault(*filenames)
-    DotenvVault.logger.info("[dotenv-vault] Loading .env.vault") if DotenvVault.logger
+    DotenvVault.logger.info("[dotenv-vault] Loading encrypted .env.vault to environment variables") if DotenvVault.logger
 
     parsed = parse_vault(*filenames)
     
@@ -104,7 +104,7 @@ module DotenvVault
   #
   # Decrypts and overloads to ENV
   def overload_vault(*filenames)
-    DotenvVault.logger.info("[dotenv-vault] Overloading .env.vault") if DotenvVault.logger
+    DotenvVault.logger.info("[dotenv-vault] Overloading encrypted .env.vault to environment variables") if DotenvVault.logger
 
     parsed = parse_vault(*filenames)
     

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dotenv-vault-rails
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - motdotla
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-09-17 00:00:00.000000000 Z
+date: 2022-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dotenv-rails
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.7.0
+        version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.7.0
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: spring
   requirement: !ruby/object:Gem::Requirement
@@ -76,6 +76,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
@@ -87,6 +88,7 @@ files:
 - dotenv-vault.gemspec
 - lib/dotenv-vault-rails.rb
 - lib/dotenv-vault.rb
+- lib/dotenv-vault/load.rb
 - lib/dotenv-vault/rails-now.rb
 - lib/dotenv-vault/rails.rb
 - lib/dotenv-vault/version.rb