dotenv-vault-rails 0.7.1 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +19 -1
- data/Gemfile.lock +6 -6
- data/README.md +57 -24
- data/lib/dotenv-vault/load.rb +2 -0
- data/lib/dotenv-vault/version.rb +1 -1
- data/lib/dotenv-vault.rb +13 -5
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7e0c2103206875df405a757362cb6ad28f71a6716045ec859b8eab82eb428560
|
4
|
+
data.tar.gz: 5d81aa5eb40ef25c348bcd0ecdd9e9c42011c66829e7f223ebb838fc99f04e0b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f594709ca94a2bbf1cf9e82ff5a101cfc0ceb3bc9ce45a1869f768fc70e4a49e73fbd819a0f555aa5157a56051e626d0232d9235792627fe3e74628db1efabc7
|
7
|
+
data.tar.gz: 2dbb138e3221fac27c8dadf5a1a6453f90d93e7889db9e84b6b86c2f610ed84d3094c18c437db1eab6b29c4666d837a17d0188d449e3e42dfe5daf60d1783d80
|
data/CHANGELOG.md
CHANGED
@@ -2,7 +2,25 @@
|
|
2
2
|
|
3
3
|
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
4
4
|
|
5
|
-
## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.
|
5
|
+
## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.9.0...master)
|
6
|
+
|
7
|
+
## 0.9.0
|
8
|
+
|
9
|
+
### Changed
|
10
|
+
|
11
|
+
- Do not raise stacktrace error if missing .env.vault file [#1](https://github.com/dotenv-org/dotenv-vault-ruby/pull/1)
|
12
|
+
|
13
|
+
## 0.8.0
|
14
|
+
|
15
|
+
### Added
|
16
|
+
|
17
|
+
- Add `dotenv-vault/load`
|
18
|
+
|
19
|
+
## 0.7.1
|
20
|
+
|
21
|
+
### Added
|
22
|
+
|
23
|
+
- Added README
|
6
24
|
|
7
25
|
## 0.7.0 and prior
|
8
26
|
|
data/Gemfile.lock
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
dotenv-vault (0.
|
4
|
+
dotenv-vault (0.9.0)
|
5
5
|
dotenv
|
6
6
|
lockbox
|
7
|
-
dotenv-vault-rails (0.
|
7
|
+
dotenv-vault-rails (0.9.0)
|
8
8
|
dotenv-rails
|
9
|
-
dotenv-vault (= 0.
|
9
|
+
dotenv-vault (= 0.9.0)
|
10
10
|
|
11
11
|
GEM
|
12
12
|
remote: https://rubygems.org/
|
@@ -41,14 +41,14 @@ GEM
|
|
41
41
|
erubi (1.11.0)
|
42
42
|
i18n (1.12.0)
|
43
43
|
concurrent-ruby (~> 1.0)
|
44
|
-
lockbox (1.
|
44
|
+
lockbox (1.1.0)
|
45
45
|
loofah (2.19.0)
|
46
46
|
crass (~> 1.0.2)
|
47
47
|
nokogiri (>= 1.5.9)
|
48
48
|
method_source (1.0.0)
|
49
49
|
mini_portile2 (2.8.0)
|
50
50
|
minitest (5.16.3)
|
51
|
-
nokogiri (1.13.
|
51
|
+
nokogiri (1.13.9)
|
52
52
|
mini_portile2 (~> 2.8.0)
|
53
53
|
racc (~> 1.4)
|
54
54
|
racc (1.6.0)
|
@@ -85,7 +85,7 @@ GEM
|
|
85
85
|
thor (1.2.1)
|
86
86
|
tzinfo (2.0.5)
|
87
87
|
concurrent-ruby (~> 1.0)
|
88
|
-
zeitwerk (2.6.
|
88
|
+
zeitwerk (2.6.1)
|
89
89
|
|
90
90
|
PLATFORMS
|
91
91
|
ruby
|
data/README.md
CHANGED
@@ -4,7 +4,11 @@
|
|
4
4
|
|
5
5
|
Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
|
6
6
|
|
7
|
-
|
7
|
+
The extended standard lets you sync your `.env` files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important `.env` file again.
|
8
|
+
|
9
|
+
You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
|
10
|
+
|
11
|
+
**[Create your account](https://dotenv.org/signup)**
|
8
12
|
|
9
13
|
## Installation
|
10
14
|
|
@@ -22,11 +26,29 @@ And then execute:
|
|
22
26
|
$ bundle
|
23
27
|
```
|
24
28
|
|
29
|
+
### Sinatra or Plain ol' Ruby
|
30
|
+
|
31
|
+
Install the gem:
|
32
|
+
|
33
|
+
```shell
|
34
|
+
$ gem install dotenv-vault
|
35
|
+
```
|
36
|
+
|
37
|
+
As early as possible in your application bootstrap process, load `.env`:
|
38
|
+
|
39
|
+
```ruby
|
40
|
+
require 'dotenv-vault/load'
|
41
|
+
|
42
|
+
# or
|
43
|
+
require 'dotenv-vault'
|
44
|
+
DotenvVault.load
|
45
|
+
```
|
46
|
+
|
25
47
|
## Usage
|
26
48
|
|
27
49
|
### `.env`
|
28
50
|
|
29
|
-
Basic usage
|
51
|
+
Basic usage works just like [dotenv](https://github.com/bkeepers/dotenv).
|
30
52
|
|
31
53
|
Add your application configuration to your `.env` file in the root of your project:
|
32
54
|
|
@@ -35,7 +57,7 @@ S3_BUCKET=YOURS3BUCKET
|
|
35
57
|
SECRET_KEY=YOURSECRETKEYGOESHERE
|
36
58
|
```
|
37
59
|
|
38
|
-
|
60
|
+
When your application loads, these variables will be available in `ENV`:
|
39
61
|
|
40
62
|
```ruby
|
41
63
|
config.fog_directory = ENV['S3_BUCKET']
|
@@ -43,6 +65,8 @@ config.fog_directory = ENV['S3_BUCKET']
|
|
43
65
|
|
44
66
|
### `.env.vault`
|
45
67
|
|
68
|
+
Extended usage uses a `.env.vault` file that allows you to sync your secrets across machines, team members, and environments.
|
69
|
+
|
46
70
|
Usage is similar to git. In the same directory as your `.env` file, run the command:
|
47
71
|
|
48
72
|
```shell
|
@@ -76,23 +100,9 @@ $ npx dotenv-vault open production
|
|
76
100
|
|
77
101
|
It will open up an interface to manage your production environment variables.
|
78
102
|
|
79
|
-
|
80
|
-
|
81
|
-
```shell
|
82
|
-
$ npx dotenv-vault pull production
|
83
|
-
```
|
84
|
-
|
85
|
-
Edit the `.env.production` file and push your changes:
|
86
|
-
|
87
|
-
```shell
|
88
|
-
$ npx dotenv-vault push production
|
89
|
-
```
|
90
|
-
|
91
|
-
Neato.
|
103
|
+
## Build & Deploy Anywhere
|
92
104
|
|
93
|
-
|
94
|
-
|
95
|
-
Build your encrypted `.env.vault`. Run the command:
|
105
|
+
Build your encrypted `.env.vault`:
|
96
106
|
|
97
107
|
```shell
|
98
108
|
$ npx dotenv-vault build
|
@@ -119,19 +129,42 @@ $ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?e
|
|
119
129
|
|
120
130
|
All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
|
121
131
|
|
132
|
+
Made a change to your production envs? Run `npx dotenv-vault build`, commit that safely to code, and deploy. It's simple and safe like that.
|
133
|
+
|
134
|
+
## Dotenv.org
|
135
|
+
|
136
|
+
**[Create your account](https://dotenv.org/signup)**
|
137
|
+
|
138
|
+
You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
|
139
|
+
|
140
|
+
![](https://api.checklyhq.com/v1/badges/checks/c2fee99a-38e7-414e-89b8-9766ceeb1927?style=flat&theme=dark&responseTime=true)
|
141
|
+
![](https://api.checklyhq.com/v1/badges/checks/4f557967-1ed1-486a-b762-39a63781d752?style=flat&theme=dark&responseTime=true)
|
142
|
+
<br>
|
143
|
+
![](https://api.checklyhq.com/v1/badges/checks/804eb6fa-6599-4688-a649-7ff3c39a64b9?style=flat&theme=dark&responseTime=true)
|
144
|
+
![](https://api.checklyhq.com/v1/badges/checks/6a94504e-e936-4f07-bc0b-e08fee2734b3?style=flat&theme=dark&responseTime=true)
|
145
|
+
<br>
|
146
|
+
![](https://api.checklyhq.com/v1/badges/checks/06ac4f4e-3e0e-4501-9987-580b4d2a6b06?style=flat&theme=dark&responseTime=true)
|
147
|
+
![](https://api.checklyhq.com/v1/badges/checks/0ffc1e55-7ef0-4c2c-8acc-b6311871f41c?style=flat&theme=dark&responseTime=true)
|
148
|
+
|
149
|
+
Visit [health.dotenv.org](https://health.dotenv.org) for more information.
|
150
|
+
|
122
151
|
## FAQ
|
123
152
|
|
124
|
-
|
153
|
+
#### What happens if `DOTENV_KEY` is not set?
|
125
154
|
|
126
|
-
Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is
|
155
|
+
Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.
|
127
156
|
|
128
|
-
|
157
|
+
#### Should I commit my `.env` file?
|
129
158
|
|
130
159
|
No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
|
131
160
|
|
132
|
-
|
161
|
+
#### Should I commit my `.env.vault` file?
|
162
|
+
|
163
|
+
Yes. It is safe and recommended to do so. It contains your encrypted envs, and your vault identifier.
|
164
|
+
|
165
|
+
#### Can I share the `DOTENV_KEY`?
|
133
166
|
|
134
|
-
|
167
|
+
No. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.
|
135
168
|
|
136
169
|
## Contributing
|
137
170
|
|
data/lib/dotenv-vault/version.rb
CHANGED
data/lib/dotenv-vault.rb
CHANGED
@@ -132,10 +132,6 @@ module DotenvVault
|
|
132
132
|
environment = params["environment"]
|
133
133
|
raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Missing environment part" unless present?(environment)
|
134
134
|
|
135
|
-
# Get vault path
|
136
|
-
vault_path = uri.path.gsub("/vault/", "") # /vault/.env.vault => .env.vault
|
137
|
-
raise NotFoundDotenvVault, "NotFoundDotenvVault: Cannot find .env.vault at #{vaultPath}" unless File.file?(vault_path)
|
138
|
-
|
139
135
|
# Parse .env.vault
|
140
136
|
parsed = Dotenv.parse(vault_path)
|
141
137
|
|
@@ -152,7 +148,19 @@ module DotenvVault
|
|
152
148
|
end
|
153
149
|
|
154
150
|
def using_vault?
|
155
|
-
|
151
|
+
dotenv_key_present? && dotenv_vault_present?
|
152
|
+
end
|
153
|
+
|
154
|
+
def dotenv_key_present?
|
155
|
+
present?(ENV["DOTENV_KEY"]) && dotenv_vault_present?
|
156
|
+
end
|
157
|
+
|
158
|
+
def dotenv_vault_present?
|
159
|
+
File.file?(vault_path)
|
160
|
+
end
|
161
|
+
|
162
|
+
def vault_path
|
163
|
+
".env.vault"
|
156
164
|
end
|
157
165
|
|
158
166
|
def present?(str)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dotenv-vault-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- motdotla
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-10-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dotenv-rails
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.
|
33
|
+
version: 0.9.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.
|
40
|
+
version: 0.9.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: spring
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -88,6 +88,7 @@ files:
|
|
88
88
|
- dotenv-vault.gemspec
|
89
89
|
- lib/dotenv-vault-rails.rb
|
90
90
|
- lib/dotenv-vault.rb
|
91
|
+
- lib/dotenv-vault/load.rb
|
91
92
|
- lib/dotenv-vault/rails-now.rb
|
92
93
|
- lib/dotenv-vault/rails.rb
|
93
94
|
- lib/dotenv-vault/version.rb
|