dotenv-vault 0.6.0 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 84e1fef6b134d93f790a2fea8c723ab7a824035ce634abf4b28b59d4926c429b
-  data.tar.gz: 0be721f78ed10b1a1fadaf76bb2ba39f37179e7f22dc91005f6ae99ffa0d98b9
+  metadata.gz: 3b2a1937481a505016be7ea9cc16a42ff17101c879729f98b907b88bfe48ac61
+  data.tar.gz: 1613aee7c836ae4440a57b74fa2071f3ef1c9ab6bfec577da3892111df347dd1
 SHA512:
-  metadata.gz: e269b0db8d1657b41d1913d092ae08e6ce3b717e2fcd3cde12ffe8c49fae30bafb3f1b63c610909f44e659815dae24ba119a5e1a9e4bf85f0c4b49450895f487
-  data.tar.gz: 707dac136468912d26dfca5e9b2ac0f3b29488dee6e27f0be9aac43b98d289b2fd4a251909b261fb2ab0d98324dbb585339b2c8a2773df3d922472b46b6bfa08
+  metadata.gz: a7f41b834dcfc46c063aa22b6bdec7bc0524bb81c6dd7302d6de9cad3ff69a45253d3f9357212ac1658a6d590d258e4cb050ab5dc234debc20c28d5b8b4d596d
+  data.tar.gz: 7906d25a6830363c5046ba675d02b3d69f6d1306fcfc1087627bef8f129cde011b9a105cb2105795dcc0116a46fcb1bb1cac64cb19d4e6e30db4bc648f226c84

data/CHANGELOG.md

@@ -0,0 +1,9 @@
+# Changelog
+
+All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.7.0...master)
+
+## 0.7.0 and prior
+
+Please see commit history.

data/Gemfile.lock

@@ -1,12 +1,12 @@
 PATH
   remote: .
   specs:
-    dotenv-vault (0.6.0)
+    dotenv-vault (0.7.1)
       dotenv
       lockbox
-    dotenv-vault-rails (0.6.0)
+    dotenv-vault-rails (0.7.1)
       dotenv-rails
-      dotenv-vault (= 0.6.0)
+      dotenv-vault (= 0.7.1)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -1,3 +1,150 @@
-# dotenv-vault
+# dotenv-vault [![Gem Version](https://badge.fury.io/rb/dotenv-vault.svg)](https://badge.fury.io/rb/dotenv-vault)
 
-Coming soon
+<img src="https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg" alt="dotenv-vault" align="right" width="200" />
+
+Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
+
+This new standard lets you sync your .env files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important .env file again.
+
+## Installation
+
+### Rails
+
+Add this line to the top of your application's Gemfile:
+
+```ruby
+gem 'dotenv-vault-rails'
+```
+
+And then execute:
+
+```shell
+$ bundle
+```
+
+## Usage
+
+### `.env`
+
+Basic usage begins just like [dotenv](https://github.com/bkeepers/dotenv).
+
+Add your application configuration to your `.env` file in the root of your project:
+
+```shell
+S3_BUCKET=YOURS3BUCKET
+SECRET_KEY=YOURSECRETKEYGOESHERE
+```
+
+Whenever your application loads, these variables will be available in `ENV`:
+
+```ruby
+config.fog_directory  = ENV['S3_BUCKET']
+```
+
+### `.env.vault`
+
+Usage is similar to git. In the same directory as your `.env` file, run the command:
+
+```shell
+npx dotenv-vault new
+```
+
+Follow those instructions and then run:
+
+```shell
+$ npx dotenv-vault login
+```
+
+Then run push and pull:
+
+```shell
+$ npx dotenv-vault push
+$ npx dotenv-vault pull
+```
+
+That's it!
+
+You just synced your `.env` file. Commit your `.env.vault` file to code, and tell your teammates to run `npx dotenv-vault pull`.
+
+## Multiple Environments
+
+Run the command:
+
+```shell
+$ npx dotenv-vault open production
+```
+
+It will open up an interface to manage your production environment variables.
+
+..or if you prefer to manage them in your text editor, run the command:
+
+```shell
+$ npx dotenv-vault pull production
+```
+
+Edit the `.env.production` file and push your changes:
+
+```shell
+$ npx dotenv-vault push production
+```
+
+Neato.
+
+## Deploy Anywhere
+
+Build your encrypted `.env.vault`. Run the command:
+
+```shell
+$ npx dotenv-vault build
+```
+
+Safely commit and push your changes:
+
+```shell
+$ git commit -am "Updated .env.vault"
+$ git push
+```
+
+Obtain your `DOTENV_KEY`:
+
+```shell
+$ npx dotenv-vault keys
+```
+
+Set `DOTENV_KEY` on your infrastructure. For example, on Heroku:
+
+```shell
+$ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production"
+```
+
+All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
+
+## FAQ
+
+### What happens if DOTENV_KEY is not set?
+
+Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is useful for development.
+
+### Should I commit my `.env` file?
+
+No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
+
+### Should I commit my `.env.vault` file?
+
+Yes. It is safe and recommended to do so. It contains your vault identifier at the vault provider (in this case [dotenv.org](https://dotenv.org)) and contains your encrypted values.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+## Changelog
+
+See [CHANGELOG.md](CHANGELOG.md)
+
+## License
+
+MIT

data/lib/dotenv-vault/version.rb

@@ -1,3 +1,3 @@
 module DotenvVault
-  VERSION = "0.6.0"
+  VERSION = "0.7.1"
 end

data/lib/dotenv-vault.rb

@@ -2,6 +2,7 @@ require "uri"
 require "dotenv"
 require "lockbox"
 require "dotenv-vault/version"
+require "logger"
 
 module DotenvVault
   class NotFoundDotenvKey < ArgumentError; end
@@ -14,6 +15,10 @@ module DotenvVault
 
   class << self
     attr_accessor :instrumenter
+
+    def logger
+      @logger ||= Logger.new(STDOUT)
+    end
   end
 
   module_function
@@ -85,6 +90,8 @@ module DotenvVault
   #
   # Decrypts and loads to ENV
   def load_vault(*filenames)
+    DotenvVault.logger.info("[dotenv-vault] Loading encrypted .env.vault to environment variables") if DotenvVault.logger
+
     parsed = parse_vault(*filenames)
     
     # Set ENV
@@ -97,6 +104,8 @@ module DotenvVault
   #
   # Decrypts and overloads to ENV
   def overload_vault(*filenames)
+    DotenvVault.logger.info("[dotenv-vault] Overloading encrypted .env.vault to environment variables") if DotenvVault.logger
+
     parsed = parse_vault(*filenames)
     
     # Set ENV

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dotenv-vault
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.1
 platform: ruby
 authors:
 - motdotla
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-09-17 00:00:00.000000000 Z
+date: 2022-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dotenv
@@ -90,6 +90,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt