dotenv-vault 0.6.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/Gemfile.lock +3 -3
- data/README.md +149 -2
- data/lib/dotenv-vault/version.rb +1 -1
- data/lib/dotenv-vault.rb +9 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3b2a1937481a505016be7ea9cc16a42ff17101c879729f98b907b88bfe48ac61
|
|
4
|
+
data.tar.gz: 1613aee7c836ae4440a57b74fa2071f3ef1c9ab6bfec577da3892111df347dd1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a7f41b834dcfc46c063aa22b6bdec7bc0524bb81c6dd7302d6de9cad3ff69a45253d3f9357212ac1658a6d590d258e4cb050ab5dc234debc20c28d5b8b4d596d
|
|
7
|
+
data.tar.gz: 7906d25a6830363c5046ba675d02b3d69f6d1306fcfc1087627bef8f129cde011b9a105cb2105795dcc0116a46fcb1bb1cac64cb19d4e6e30db4bc648f226c84
|
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
|
4
|
+
|
|
5
|
+
## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.7.0...master)
|
|
6
|
+
|
|
7
|
+
## 0.7.0 and prior
|
|
8
|
+
|
|
9
|
+
Please see commit history.
|
data/Gemfile.lock
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
dotenv-vault (0.
|
|
4
|
+
dotenv-vault (0.7.1)
|
|
5
5
|
dotenv
|
|
6
6
|
lockbox
|
|
7
|
-
dotenv-vault-rails (0.
|
|
7
|
+
dotenv-vault-rails (0.7.1)
|
|
8
8
|
dotenv-rails
|
|
9
|
-
dotenv-vault (= 0.
|
|
9
|
+
dotenv-vault (= 0.7.1)
|
|
10
10
|
|
|
11
11
|
GEM
|
|
12
12
|
remote: https://rubygems.org/
|
data/README.md
CHANGED
|
@@ -1,3 +1,150 @@
|
|
|
1
|
-
# dotenv-vault
|
|
1
|
+
# dotenv-vault [](https://badge.fury.io/rb/dotenv-vault)
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
<img src="https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg" alt="dotenv-vault" align="right" width="200" />
|
|
4
|
+
|
|
5
|
+
Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
|
|
6
|
+
|
|
7
|
+
This new standard lets you sync your .env files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important .env file again.
|
|
8
|
+
|
|
9
|
+
## Installation
|
|
10
|
+
|
|
11
|
+
### Rails
|
|
12
|
+
|
|
13
|
+
Add this line to the top of your application's Gemfile:
|
|
14
|
+
|
|
15
|
+
```ruby
|
|
16
|
+
gem 'dotenv-vault-rails'
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
And then execute:
|
|
20
|
+
|
|
21
|
+
```shell
|
|
22
|
+
$ bundle
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
## Usage
|
|
26
|
+
|
|
27
|
+
### `.env`
|
|
28
|
+
|
|
29
|
+
Basic usage begins just like [dotenv](https://github.com/bkeepers/dotenv).
|
|
30
|
+
|
|
31
|
+
Add your application configuration to your `.env` file in the root of your project:
|
|
32
|
+
|
|
33
|
+
```shell
|
|
34
|
+
S3_BUCKET=YOURS3BUCKET
|
|
35
|
+
SECRET_KEY=YOURSECRETKEYGOESHERE
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
Whenever your application loads, these variables will be available in `ENV`:
|
|
39
|
+
|
|
40
|
+
```ruby
|
|
41
|
+
config.fog_directory = ENV['S3_BUCKET']
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
### `.env.vault`
|
|
45
|
+
|
|
46
|
+
Usage is similar to git. In the same directory as your `.env` file, run the command:
|
|
47
|
+
|
|
48
|
+
```shell
|
|
49
|
+
npx dotenv-vault new
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
Follow those instructions and then run:
|
|
53
|
+
|
|
54
|
+
```shell
|
|
55
|
+
$ npx dotenv-vault login
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
Then run push and pull:
|
|
59
|
+
|
|
60
|
+
```shell
|
|
61
|
+
$ npx dotenv-vault push
|
|
62
|
+
$ npx dotenv-vault pull
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
That's it!
|
|
66
|
+
|
|
67
|
+
You just synced your `.env` file. Commit your `.env.vault` file to code, and tell your teammates to run `npx dotenv-vault pull`.
|
|
68
|
+
|
|
69
|
+
## Multiple Environments
|
|
70
|
+
|
|
71
|
+
Run the command:
|
|
72
|
+
|
|
73
|
+
```shell
|
|
74
|
+
$ npx dotenv-vault open production
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
It will open up an interface to manage your production environment variables.
|
|
78
|
+
|
|
79
|
+
..or if you prefer to manage them in your text editor, run the command:
|
|
80
|
+
|
|
81
|
+
```shell
|
|
82
|
+
$ npx dotenv-vault pull production
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
Edit the `.env.production` file and push your changes:
|
|
86
|
+
|
|
87
|
+
```shell
|
|
88
|
+
$ npx dotenv-vault push production
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
Neato.
|
|
92
|
+
|
|
93
|
+
## Deploy Anywhere
|
|
94
|
+
|
|
95
|
+
Build your encrypted `.env.vault`. Run the command:
|
|
96
|
+
|
|
97
|
+
```shell
|
|
98
|
+
$ npx dotenv-vault build
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
Safely commit and push your changes:
|
|
102
|
+
|
|
103
|
+
```shell
|
|
104
|
+
$ git commit -am "Updated .env.vault"
|
|
105
|
+
$ git push
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
Obtain your `DOTENV_KEY`:
|
|
109
|
+
|
|
110
|
+
```shell
|
|
111
|
+
$ npx dotenv-vault keys
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
Set `DOTENV_KEY` on your infrastructure. For example, on Heroku:
|
|
115
|
+
|
|
116
|
+
```shell
|
|
117
|
+
$ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production"
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
|
|
121
|
+
|
|
122
|
+
## FAQ
|
|
123
|
+
|
|
124
|
+
### What happens if DOTENV_KEY is not set?
|
|
125
|
+
|
|
126
|
+
Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is useful for development.
|
|
127
|
+
|
|
128
|
+
### Should I commit my `.env` file?
|
|
129
|
+
|
|
130
|
+
No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
|
|
131
|
+
|
|
132
|
+
### Should I commit my `.env.vault` file?
|
|
133
|
+
|
|
134
|
+
Yes. It is safe and recommended to do so. It contains your vault identifier at the vault provider (in this case [dotenv.org](https://dotenv.org)) and contains your encrypted values.
|
|
135
|
+
|
|
136
|
+
## Contributing
|
|
137
|
+
|
|
138
|
+
1. Fork it
|
|
139
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
|
140
|
+
3. Commit your changes (`git commit -am 'Added some feature'`)
|
|
141
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
|
142
|
+
5. Create new Pull Request
|
|
143
|
+
|
|
144
|
+
## Changelog
|
|
145
|
+
|
|
146
|
+
See [CHANGELOG.md](CHANGELOG.md)
|
|
147
|
+
|
|
148
|
+
## License
|
|
149
|
+
|
|
150
|
+
MIT
|
data/lib/dotenv-vault/version.rb
CHANGED
data/lib/dotenv-vault.rb
CHANGED
|
@@ -2,6 +2,7 @@ require "uri"
|
|
|
2
2
|
require "dotenv"
|
|
3
3
|
require "lockbox"
|
|
4
4
|
require "dotenv-vault/version"
|
|
5
|
+
require "logger"
|
|
5
6
|
|
|
6
7
|
module DotenvVault
|
|
7
8
|
class NotFoundDotenvKey < ArgumentError; end
|
|
@@ -14,6 +15,10 @@ module DotenvVault
|
|
|
14
15
|
|
|
15
16
|
class << self
|
|
16
17
|
attr_accessor :instrumenter
|
|
18
|
+
|
|
19
|
+
def logger
|
|
20
|
+
@logger ||= Logger.new(STDOUT)
|
|
21
|
+
end
|
|
17
22
|
end
|
|
18
23
|
|
|
19
24
|
module_function
|
|
@@ -85,6 +90,8 @@ module DotenvVault
|
|
|
85
90
|
#
|
|
86
91
|
# Decrypts and loads to ENV
|
|
87
92
|
def load_vault(*filenames)
|
|
93
|
+
DotenvVault.logger.info("[dotenv-vault] Loading encrypted .env.vault to environment variables") if DotenvVault.logger
|
|
94
|
+
|
|
88
95
|
parsed = parse_vault(*filenames)
|
|
89
96
|
|
|
90
97
|
# Set ENV
|
|
@@ -97,6 +104,8 @@ module DotenvVault
|
|
|
97
104
|
#
|
|
98
105
|
# Decrypts and overloads to ENV
|
|
99
106
|
def overload_vault(*filenames)
|
|
107
|
+
DotenvVault.logger.info("[dotenv-vault] Overloading encrypted .env.vault to environment variables") if DotenvVault.logger
|
|
108
|
+
|
|
100
109
|
parsed = parse_vault(*filenames)
|
|
101
110
|
|
|
102
111
|
# Set ENV
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dotenv-vault
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- motdotla
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-09-
|
|
11
|
+
date: 2022-09-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dotenv
|
|
@@ -90,6 +90,7 @@ files:
|
|
|
90
90
|
- ".gitignore"
|
|
91
91
|
- ".rspec"
|
|
92
92
|
- ".travis.yml"
|
|
93
|
+
- CHANGELOG.md
|
|
93
94
|
- Gemfile
|
|
94
95
|
- Gemfile.lock
|
|
95
96
|
- LICENSE.txt
|