dotenv-vault 0.4.1 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +3 -3
  3. data/lib/dotenv-vault/version.rb +1 -1
  4. data/lib/dotenv-vault.rb +25 -13
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e49a9658a64cd656eee7128b70ef2f501e84f5101aafb3aaf54f7de400f0013f
4
- data.tar.gz: de8dd440fdaf111b979706f62c27298f9ab7dc5c2f7ec3e875bde992c87c789d
3
+ metadata.gz: 84e1fef6b134d93f790a2fea8c723ab7a824035ce634abf4b28b59d4926c429b
4
+ data.tar.gz: 0be721f78ed10b1a1fadaf76bb2ba39f37179e7f22dc91005f6ae99ffa0d98b9
5
5
  SHA512:
6
- metadata.gz: 6f3529e9e8db857b8c6d439c81ccdde7baeb56852b3e5e5edf0f0e7e1c58e7b8589375022d755d239cc73fb6a5d2146fa468304ce7c2155827a02d956fcd1f9f
7
- data.tar.gz: 6b081b51531f776a1136701cb840665959dea167a753a7943cd54679c7693a5b52372a91492ca7ea27aaf6710d95b2c2e9cc485882c41fb6803d7fb33dce0581
6
+ metadata.gz: e269b0db8d1657b41d1913d092ae08e6ce3b717e2fcd3cde12ffe8c49fae30bafb3f1b63c610909f44e659815dae24ba119a5e1a9e4bf85f0c4b49450895f487
7
+ data.tar.gz: 707dac136468912d26dfca5e9b2ac0f3b29488dee6e27f0be9aac43b98d289b2fd4a251909b261fb2ab0d98324dbb585339b2c8a2773df3d922472b46b6bfa08
data/Gemfile.lock CHANGED
@@ -1,12 +1,12 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- dotenv-vault (0.4.1)
4
+ dotenv-vault (0.6.0)
5
5
  dotenv
6
6
  lockbox
7
- dotenv-vault-rails (0.4.1)
7
+ dotenv-vault-rails (0.6.0)
8
8
  dotenv-rails
9
- dotenv-vault (= 0.4.1)
9
+ dotenv-vault (= 0.6.0)
10
10
 
11
11
  GEM
12
12
  remote: https://rubygems.org/
data/lib/dotenv-vault/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DotenvVault
2
- VERSION = "0.4.1"
2
+ VERSION = "0.6.0"
3
3
  end
data/lib/dotenv-vault.rb CHANGED
@@ -1,3 +1,4 @@
1
+ require "uri"
1
2
  require "dotenv"
2
3
  require "lockbox"
3
4
  require "dotenv-vault/version"
@@ -105,43 +106,54 @@ module DotenvVault
105
106
  end
106
107
 
107
108
  def parse_vault(*filenames)
108
- # Warn the developer unless both are set
109
+ # DOTENV_KEY=development/key_1234
110
+ #
111
+ # Warn the developer unless formatted correctly
109
112
  raise NotFoundDotenvKey, "NOT_FOUND_DOTENV_KEY: Cannot find ENV['DOTENV_KEY']" unless present?(ENV["DOTENV_KEY"])
110
- raise NotFoundDotenvEnvironment, "NOT_FOUND_DOTENV_ENVIRONMENT: Cannot find ENV['DOTENV_ENVIRONMENT']" unless present?(ENV["DOTENV_ENVIRONMENT"])
111
113
 
112
- # Locate .env.vault
113
- vault_path = ".env.vault"
114
- raise NotFoundDotenvVault, "NotFoundDotenvVault: Cannot find .env.vault at ${vaultPath}" unless File.file?(vault_path)
114
+ # Parse DOTENV_KEY. Format is a URI
115
+ uri = URI.parse(ENV["DOTENV_KEY"]) # dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production
116
+
117
+ # Get decrypt key
118
+ key = uri.password
119
+ raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Missing key part" unless present?(key)
120
+
121
+ # Get environment
122
+ params = Hash[URI::decode_www_form(uri.query.to_s)]
123
+ environment = params["environment"]
124
+ raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Missing environment part" unless present?(environment)
125
+
126
+ # Get vault path
127
+ vault_path = uri.path.gsub("/vault/", "") # /vault/.env.vault => .env.vault
128
+ raise NotFoundDotenvVault, "NotFoundDotenvVault: Cannot find .env.vault at #{vaultPath}" unless File.file?(vault_path)
115
129
 
116
130
  # Parse .env.vault
117
131
  parsed = Dotenv.parse(vault_path)
118
132
 
119
133
  # Get ciphertext
120
- environment_key = "DOTENV_VAULT_#{ENV["DOTENV_ENVIRONMENT"].upcase}"
134
+ environment_key = "DOTENV_VAULT_#{environment.upcase}"
121
135
  ciphertext = parsed[environment_key] # DOTENV_VAULT_PRODUCTION
122
136
  raise NotFoundDotenvEnvironment, "NOT_FOUND_DOTENV_ENVIRONMENT: Cannot locate #{environment_key} in .env.vault" unless ciphertext
123
137
 
124
138
  # Decrypt ciphertext
125
- decrypted = decrypt(ciphertext)
139
+ decrypted = decrypt(ciphertext, key)
126
140
 
127
141
  # Parse decrypted .env string
128
142
  Dotenv::Parser.call(decrypted, true)
129
143
  end
130
144
 
131
145
  def using_vault?
132
- present?(ENV["DOTENV_ENVIRONMENT"]) && present?(ENV["DOTENV_KEY"])
146
+ present?(ENV["DOTENV_KEY"])
133
147
  end
134
148
 
135
149
  def present?(str)
136
150
  !(str.nil? || str.empty?)
137
151
  end
138
152
 
139
- def decrypt(ciphertext)
140
- raise NotFoundDotenvKey, "NOT_FOUND_DOTENV_KEY: Cannot find ENV['DOTENV_KEY']" unless present?(ENV["DOTENV_KEY"])
141
-
142
- key = ENV["DOTENV_KEY"][-64..-1] # last 64 characters. allows for passing keys with preface like key_*****
153
+ def decrypt(ciphertext, key)
154
+ key = key[-64..-1] # last 64 characters. allows for passing keys with preface like key_*****
143
155
 
144
- raise InvalidDotenvKey, "INVALID_DOTENV_KEY: It must be 64 characters long (or more)" unless key.to_s.length == 64
156
+ raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Key part must be 64 characters long (or more)" unless key.bytesize == 64
145
157
 
146
158
  lockbox = Lockbox.new(key: key, encode: true)
147
159
  begin
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dotenv-vault
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - motdotla
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-09-16 00:00:00.000000000 Z
11
+ date: 2022-09-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dotenv