dotenv-vault-rails 0.8.0 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -1
- data/Gemfile.lock +6 -6
- data/README.md +48 -5
- data/lib/dotenv-vault/version.rb +1 -1
- data/lib/dotenv-vault.rb +13 -5
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7e0c2103206875df405a757362cb6ad28f71a6716045ec859b8eab82eb428560
|
|
4
|
+
data.tar.gz: 5d81aa5eb40ef25c348bcd0ecdd9e9c42011c66829e7f223ebb838fc99f04e0b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f594709ca94a2bbf1cf9e82ff5a101cfc0ceb3bc9ce45a1869f768fc70e4a49e73fbd819a0f555aa5157a56051e626d0232d9235792627fe3e74628db1efabc7
|
|
7
|
+
data.tar.gz: 2dbb138e3221fac27c8dadf5a1a6453f90d93e7889db9e84b6b86c2f610ed84d3094c18c437db1eab6b29c4666d837a17d0188d449e3e42dfe5daf60d1783d80
|
data/CHANGELOG.md
CHANGED
|
@@ -2,7 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
|
4
4
|
|
|
5
|
-
## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.
|
|
5
|
+
## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.9.0...master)
|
|
6
|
+
|
|
7
|
+
## 0.9.0
|
|
8
|
+
|
|
9
|
+
### Changed
|
|
10
|
+
|
|
11
|
+
- Do not raise stacktrace error if missing .env.vault file [#1](https://github.com/dotenv-org/dotenv-vault-ruby/pull/1)
|
|
6
12
|
|
|
7
13
|
## 0.8.0
|
|
8
14
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
dotenv-vault (0.
|
|
4
|
+
dotenv-vault (0.9.0)
|
|
5
5
|
dotenv
|
|
6
6
|
lockbox
|
|
7
|
-
dotenv-vault-rails (0.
|
|
7
|
+
dotenv-vault-rails (0.9.0)
|
|
8
8
|
dotenv-rails
|
|
9
|
-
dotenv-vault (= 0.
|
|
9
|
+
dotenv-vault (= 0.9.0)
|
|
10
10
|
|
|
11
11
|
GEM
|
|
12
12
|
remote: https://rubygems.org/
|
|
@@ -41,14 +41,14 @@ GEM
|
|
|
41
41
|
erubi (1.11.0)
|
|
42
42
|
i18n (1.12.0)
|
|
43
43
|
concurrent-ruby (~> 1.0)
|
|
44
|
-
lockbox (1.
|
|
44
|
+
lockbox (1.1.0)
|
|
45
45
|
loofah (2.19.0)
|
|
46
46
|
crass (~> 1.0.2)
|
|
47
47
|
nokogiri (>= 1.5.9)
|
|
48
48
|
method_source (1.0.0)
|
|
49
49
|
mini_portile2 (2.8.0)
|
|
50
50
|
minitest (5.16.3)
|
|
51
|
-
nokogiri (1.13.
|
|
51
|
+
nokogiri (1.13.9)
|
|
52
52
|
mini_portile2 (~> 2.8.0)
|
|
53
53
|
racc (~> 1.4)
|
|
54
54
|
racc (1.6.0)
|
|
@@ -85,7 +85,7 @@ GEM
|
|
|
85
85
|
thor (1.2.1)
|
|
86
86
|
tzinfo (2.0.5)
|
|
87
87
|
concurrent-ruby (~> 1.0)
|
|
88
|
-
zeitwerk (2.6.
|
|
88
|
+
zeitwerk (2.6.1)
|
|
89
89
|
|
|
90
90
|
PLATFORMS
|
|
91
91
|
ruby
|
data/README.md
CHANGED
|
@@ -4,7 +4,11 @@
|
|
|
4
4
|
|
|
5
5
|
Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
The extended standard lets you sync your `.env` files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important `.env` file again.
|
|
8
|
+
|
|
9
|
+
You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
|
|
10
|
+
|
|
11
|
+
**[Create your account](https://dotenv.org/signup)**
|
|
8
12
|
|
|
9
13
|
## Installation
|
|
10
14
|
|
|
@@ -22,11 +26,29 @@ And then execute:
|
|
|
22
26
|
$ bundle
|
|
23
27
|
```
|
|
24
28
|
|
|
29
|
+
### Sinatra or Plain ol' Ruby
|
|
30
|
+
|
|
31
|
+
Install the gem:
|
|
32
|
+
|
|
33
|
+
```shell
|
|
34
|
+
$ gem install dotenv-vault
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
As early as possible in your application bootstrap process, load `.env`:
|
|
38
|
+
|
|
39
|
+
```ruby
|
|
40
|
+
require 'dotenv-vault/load'
|
|
41
|
+
|
|
42
|
+
# or
|
|
43
|
+
require 'dotenv-vault'
|
|
44
|
+
DotenvVault.load
|
|
45
|
+
```
|
|
46
|
+
|
|
25
47
|
## Usage
|
|
26
48
|
|
|
27
49
|
### `.env`
|
|
28
50
|
|
|
29
|
-
Basic usage
|
|
51
|
+
Basic usage works just like [dotenv](https://github.com/bkeepers/dotenv).
|
|
30
52
|
|
|
31
53
|
Add your application configuration to your `.env` file in the root of your project:
|
|
32
54
|
|
|
@@ -35,7 +57,7 @@ S3_BUCKET=YOURS3BUCKET
|
|
|
35
57
|
SECRET_KEY=YOURSECRETKEYGOESHERE
|
|
36
58
|
```
|
|
37
59
|
|
|
38
|
-
|
|
60
|
+
When your application loads, these variables will be available in `ENV`:
|
|
39
61
|
|
|
40
62
|
```ruby
|
|
41
63
|
config.fog_directory = ENV['S3_BUCKET']
|
|
@@ -43,6 +65,8 @@ config.fog_directory = ENV['S3_BUCKET']
|
|
|
43
65
|
|
|
44
66
|
### `.env.vault`
|
|
45
67
|
|
|
68
|
+
Extended usage uses a `.env.vault` file that allows you to sync your secrets across machines, team members, and environments.
|
|
69
|
+
|
|
46
70
|
Usage is similar to git. In the same directory as your `.env` file, run the command:
|
|
47
71
|
|
|
48
72
|
```shell
|
|
@@ -76,7 +100,7 @@ $ npx dotenv-vault open production
|
|
|
76
100
|
|
|
77
101
|
It will open up an interface to manage your production environment variables.
|
|
78
102
|
|
|
79
|
-
## Deploy Anywhere
|
|
103
|
+
## Build & Deploy Anywhere
|
|
80
104
|
|
|
81
105
|
Build your encrypted `.env.vault`:
|
|
82
106
|
|
|
@@ -105,6 +129,25 @@ $ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?e
|
|
|
105
129
|
|
|
106
130
|
All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
|
|
107
131
|
|
|
132
|
+
Made a change to your production envs? Run `npx dotenv-vault build`, commit that safely to code, and deploy. It's simple and safe like that.
|
|
133
|
+
|
|
134
|
+
## Dotenv.org
|
|
135
|
+
|
|
136
|
+
**[Create your account](https://dotenv.org/signup)**
|
|
137
|
+
|
|
138
|
+
You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
|
|
139
|
+
|
|
140
|
+
|
|
141
|
+
|
|
142
|
+
<br>
|
|
143
|
+
|
|
144
|
+
|
|
145
|
+
<br>
|
|
146
|
+
|
|
147
|
+
|
|
148
|
+
|
|
149
|
+
Visit [health.dotenv.org](https://health.dotenv.org) for more information.
|
|
150
|
+
|
|
108
151
|
## FAQ
|
|
109
152
|
|
|
110
153
|
#### What happens if `DOTENV_KEY` is not set?
|
|
@@ -117,7 +160,7 @@ No. We **strongly** recommend against committing your `.env` file to version con
|
|
|
117
160
|
|
|
118
161
|
#### Should I commit my `.env.vault` file?
|
|
119
162
|
|
|
120
|
-
Yes. It is safe and recommended to do so. It contains your
|
|
163
|
+
Yes. It is safe and recommended to do so. It contains your encrypted envs, and your vault identifier.
|
|
121
164
|
|
|
122
165
|
#### Can I share the `DOTENV_KEY`?
|
|
123
166
|
|
data/lib/dotenv-vault/version.rb
CHANGED
data/lib/dotenv-vault.rb
CHANGED
|
@@ -132,10 +132,6 @@ module DotenvVault
|
|
|
132
132
|
environment = params["environment"]
|
|
133
133
|
raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Missing environment part" unless present?(environment)
|
|
134
134
|
|
|
135
|
-
# Get vault path
|
|
136
|
-
vault_path = uri.path.gsub("/vault/", "") # /vault/.env.vault => .env.vault
|
|
137
|
-
raise NotFoundDotenvVault, "NotFoundDotenvVault: Cannot find .env.vault at #{vaultPath}" unless File.file?(vault_path)
|
|
138
|
-
|
|
139
135
|
# Parse .env.vault
|
|
140
136
|
parsed = Dotenv.parse(vault_path)
|
|
141
137
|
|
|
@@ -152,7 +148,19 @@ module DotenvVault
|
|
|
152
148
|
end
|
|
153
149
|
|
|
154
150
|
def using_vault?
|
|
155
|
-
|
|
151
|
+
dotenv_key_present? && dotenv_vault_present?
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
def dotenv_key_present?
|
|
155
|
+
present?(ENV["DOTENV_KEY"]) && dotenv_vault_present?
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
def dotenv_vault_present?
|
|
159
|
+
File.file?(vault_path)
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
def vault_path
|
|
163
|
+
".env.vault"
|
|
156
164
|
end
|
|
157
165
|
|
|
158
166
|
def present?(str)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dotenv-vault-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- motdotla
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dotenv-rails
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - '='
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.
|
|
33
|
+
version: 0.9.0
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - '='
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.
|
|
40
|
+
version: 0.9.0
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: spring
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|