dotenv-vault-rails 0.7.1 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e91991151b13e9afd810b5e8d8bdc14f8af6019e17f6ec103a37bc1bf8a2d4e3
-  data.tar.gz: 70d8a1939630149570a0873f02af6dff4c796bfc2ff5860693d305ada37fd480
+  metadata.gz: 7e0c2103206875df405a757362cb6ad28f71a6716045ec859b8eab82eb428560
+  data.tar.gz: 5d81aa5eb40ef25c348bcd0ecdd9e9c42011c66829e7f223ebb838fc99f04e0b
 SHA512:
-  metadata.gz: 0f6b4372e769083a970bca589926fc17831c2dbae97ddd49cd0bbce7442242fdea69fa06407dd6d219c1c9c2948b861499f29dade4a16517f529cb03ddf3d14c
-  data.tar.gz: 2ddcf5cdf739284fc528803f1747536383c742689b48d65d599461df2c89c9063e182821f2630fb9f5ad40ff09ff68eff32f284e66187d1f693d88c7b059d60b
+  metadata.gz: f594709ca94a2bbf1cf9e82ff5a101cfc0ceb3bc9ce45a1869f768fc70e4a49e73fbd819a0f555aa5157a56051e626d0232d9235792627fe3e74628db1efabc7
+  data.tar.gz: 2dbb138e3221fac27c8dadf5a1a6453f90d93e7889db9e84b6b86c2f610ed84d3094c18c437db1eab6b29c4666d837a17d0188d449e3e42dfe5daf60d1783d80

data/CHANGELOG.md

@@ -2,7 +2,25 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
-## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.7.0...master)
+## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.9.0...master)
+
+## 0.9.0
+
+### Changed
+
+- Do not raise stacktrace error if missing .env.vault file [#1](https://github.com/dotenv-org/dotenv-vault-ruby/pull/1)
+
+## 0.8.0
+
+### Added
+
+- Add `dotenv-vault/load`
+
+## 0.7.1
+
+### Added
+
+- Added README
 
 ## 0.7.0 and prior
 

data/Gemfile.lock

@@ -1,12 +1,12 @@
 PATH
   remote: .
   specs:
-    dotenv-vault (0.7.1)
+    dotenv-vault (0.9.0)
       dotenv
       lockbox
-    dotenv-vault-rails (0.7.1)
+    dotenv-vault-rails (0.9.0)
       dotenv-rails
-      dotenv-vault (= 0.7.1)
+      dotenv-vault (= 0.9.0)
 
 GEM
   remote: https://rubygems.org/
@@ -41,14 +41,14 @@ GEM
     erubi (1.11.0)
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
-    lockbox (1.0.0)
+    lockbox (1.1.0)
     loofah (2.19.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (1.0.0)
     mini_portile2 (2.8.0)
     minitest (5.16.3)
-    nokogiri (1.13.8)
+    nokogiri (1.13.9)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     racc (1.6.0)
@@ -85,7 +85,7 @@ GEM
     thor (1.2.1)
     tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
-    zeitwerk (2.6.0)
+    zeitwerk (2.6.1)
 
 PLATFORMS
   ruby

data/README.md

@@ -4,7 +4,11 @@
 
 Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
 
-This new standard lets you sync your .env files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important .env file again.
+The extended standard lets you sync your `.env` files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important `.env` file again.
+
+You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
+
+**[Create your account](https://dotenv.org/signup)**
 
 ## Installation
 
@@ -22,11 +26,29 @@ And then execute:
 $ bundle
 ```
 
+### Sinatra or Plain ol' Ruby
+
+Install the gem:
+
+```shell
+$ gem install dotenv-vault
+```
+
+As early as possible in your application bootstrap process, load `.env`:
+
+```ruby
+require 'dotenv-vault/load'
+
+# or
+require 'dotenv-vault'
+DotenvVault.load
+```
+
 ## Usage
 
 ### `.env`
 
-Basic usage begins just like [dotenv](https://github.com/bkeepers/dotenv).
+Basic usage works just like [dotenv](https://github.com/bkeepers/dotenv).
 
 Add your application configuration to your `.env` file in the root of your project:
 
@@ -35,7 +57,7 @@ S3_BUCKET=YOURS3BUCKET
 SECRET_KEY=YOURSECRETKEYGOESHERE
 ```
 
-Whenever your application loads, these variables will be available in `ENV`:
+When your application loads, these variables will be available in `ENV`:
 
 ```ruby
 config.fog_directory  = ENV['S3_BUCKET']
@@ -43,6 +65,8 @@ config.fog_directory  = ENV['S3_BUCKET']
 
 ### `.env.vault`
 
+Extended usage uses a `.env.vault` file that allows you to sync your secrets across machines, team members, and environments.
+
 Usage is similar to git. In the same directory as your `.env` file, run the command:
 
 ```shell
@@ -76,23 +100,9 @@ $ npx dotenv-vault open production
 
 It will open up an interface to manage your production environment variables.
 
-..or if you prefer to manage them in your text editor, run the command:
-
-```shell
-$ npx dotenv-vault pull production
-```
-
-Edit the `.env.production` file and push your changes:
-
-```shell
-$ npx dotenv-vault push production
-```
-
-Neato.
+## Build & Deploy Anywhere
 
-## Deploy Anywhere
-
-Build your encrypted `.env.vault`. Run the command:
+Build your encrypted `.env.vault`:
 
 ```shell
 $ npx dotenv-vault build
@@ -119,19 +129,42 @@ $ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?e
 
 All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
 
+Made a change to your production envs? Run `npx dotenv-vault build`, commit that safely to code, and deploy. It's simple and safe like that.
+
+## Dotenv.org
+
+**[Create your account](https://dotenv.org/signup)**
+
+You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
+
+![](https://api.checklyhq.com/v1/badges/checks/c2fee99a-38e7-414e-89b8-9766ceeb1927?style=flat&theme=dark&responseTime=true)
+![](https://api.checklyhq.com/v1/badges/checks/4f557967-1ed1-486a-b762-39a63781d752?style=flat&theme=dark&responseTime=true)
+<br>
+![](https://api.checklyhq.com/v1/badges/checks/804eb6fa-6599-4688-a649-7ff3c39a64b9?style=flat&theme=dark&responseTime=true)
+![](https://api.checklyhq.com/v1/badges/checks/6a94504e-e936-4f07-bc0b-e08fee2734b3?style=flat&theme=dark&responseTime=true)
+<br>
+![](https://api.checklyhq.com/v1/badges/checks/06ac4f4e-3e0e-4501-9987-580b4d2a6b06?style=flat&theme=dark&responseTime=true)
+![](https://api.checklyhq.com/v1/badges/checks/0ffc1e55-7ef0-4c2c-8acc-b6311871f41c?style=flat&theme=dark&responseTime=true)
+
+Visit [health.dotenv.org](https://health.dotenv.org) for more information.
+
 ## FAQ
 
-### What happens if DOTENV_KEY is not set?
+#### What happens if `DOTENV_KEY` is not set?
 
-Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is useful for development.
+Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.
 
-### Should I commit my `.env` file?
+#### Should I commit my `.env` file?
 
 No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
 
-### Should I commit my `.env.vault` file?
+#### Should I commit my `.env.vault` file?
+
+Yes. It is safe and recommended to do so. It contains your encrypted envs, and your vault identifier.
+
+#### Can I share the `DOTENV_KEY`?
 
-Yes. It is safe and recommended to do so. It contains your vault identifier at the vault provider (in this case [dotenv.org](https://dotenv.org)) and contains your encrypted values.
+No. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.
 
 ## Contributing
 

data/lib/dotenv-vault/load.rb

@@ -0,0 +1,2 @@
+require "dotenv-vault"
+DotenvVault.load

data/lib/dotenv-vault/version.rb

@@ -1,3 +1,3 @@
 module DotenvVault
-  VERSION = "0.7.1"
+  VERSION = "0.9.0"
 end

data/lib/dotenv-vault.rb

@@ -132,10 +132,6 @@ module DotenvVault
     environment = params["environment"]
     raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Missing environment part" unless present?(environment)
 
-    # Get vault path
-    vault_path = uri.path.gsub("/vault/", "") # /vault/.env.vault => .env.vault
-    raise NotFoundDotenvVault, "NotFoundDotenvVault: Cannot find .env.vault at #{vaultPath}" unless File.file?(vault_path)
-
     # Parse .env.vault
     parsed = Dotenv.parse(vault_path)
 
@@ -152,7 +148,19 @@ module DotenvVault
   end
 
   def using_vault?
-    present?(ENV["DOTENV_KEY"])
+    dotenv_key_present? && dotenv_vault_present?
+  end
+
+  def dotenv_key_present?
+    present?(ENV["DOTENV_KEY"]) && dotenv_vault_present?
+  end
+
+  def dotenv_vault_present?
+    File.file?(vault_path)
+  end
+
+  def vault_path
+    ".env.vault"
   end
 
   def present?(str)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dotenv-vault-rails
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.9.0
 platform: ruby
 authors:
 - motdotla
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-09-18 00:00:00.000000000 Z
+date: 2022-10-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dotenv-rails
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.7.1
+        version: 0.9.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.7.1
+        version: 0.9.0
 - !ruby/object:Gem::Dependency
   name: spring
   requirement: !ruby/object:Gem::Requirement
@@ -88,6 +88,7 @@ files:
 - dotenv-vault.gemspec
 - lib/dotenv-vault-rails.rb
 - lib/dotenv-vault.rb
+- lib/dotenv-vault/load.rb
 - lib/dotenv-vault/rails-now.rb
 - lib/dotenv-vault/rails.rb
 - lib/dotenv-vault/version.rb