dotenv-vault 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aa34c1f736b3d975ebfa6908c4fd2fda654195397eacd4f49b87c740730665e3
-  data.tar.gz: bd4422daf3d333171025198d72e69e844d22a692f251beb18ddf435d9915a64f
+  metadata.gz: e6078bb2cca1c416c7dac1d4b3448dd73407db567df195fe78b974931b36ef35
+  data.tar.gz: 7246ef444f59fd1a22cf19ec5b649230105b203a167004eb66fb56aaa7fe5001
 SHA512:
-  metadata.gz: 004b6558fd5609bf8bbd2839efb586c49f6037a4834a6b50487350d9f203d389ad9d0a25372b902ded05b839db021f649918cc5b3626b2f9acadc6aaf74631ff
-  data.tar.gz: 791957d771aa5f0d0eab157730ad96ee9249a95a5ea2ca7525f30657b0d62e08fc9996e852faccd0b7ee41389df08bd6d38457fb3b223804c27bbb8fefbaeb32
+  metadata.gz: cb7043c13677592337f463c04e0e91b026e079754b156f49ff47480771f7ed5d45fae900418cbe43363b21970603828bbe8a741100abe41ae32f716f6ff2360f
+  data.tar.gz: 06144215e220b404125037dfe2097e2c5c12fc7d03ad7f21d891ce210975576610683baaaf598af7945bee14aaa63d2ba933de87c2a06f2e51f3910193ee3325

data/CHANGELOG.md

@@ -0,0 +1,21 @@
+# Changelog
+
+All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.8.0...master)
+
+## 0.8.0
+
+### Added
+
+- Add `dotenv-vault/load`
+
+## 0.7.1
+
+### Added
+
+- Added README
+
+## 0.7.0 and prior
+
+Please see commit history.

data/Gemfile.lock

@@ -1,12 +1,12 @@
 PATH
   remote: .
   specs:
-    dotenv-vault (0.7.0)
+    dotenv-vault (0.8.0)
       dotenv
       lockbox
-    dotenv-vault-rails (0.7.0)
+    dotenv-vault-rails (0.8.0)
       dotenv-rails
-      dotenv-vault (= 0.7.0)
+      dotenv-vault (= 0.8.0)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -1,3 +1,140 @@
-# dotenv-vault
+# dotenv-vault [![Gem Version](https://badge.fury.io/rb/dotenv-vault.svg)](https://badge.fury.io/rb/dotenv-vault)
 
-Coming soon
+<img src="https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg" alt="dotenv-vault" align="right" width="200" />
+
+Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
+
+This new standard lets you sync your .env files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important .env file again.
+
+## Installation
+
+### Rails
+
+Add this line to the top of your application's Gemfile:
+
+```ruby
+gem 'dotenv-vault-rails'
+```
+
+And then execute:
+
+```shell
+$ bundle
+```
+
+## Usage
+
+### `.env`
+
+Basic usage begins just like [dotenv](https://github.com/bkeepers/dotenv).
+
+Add your application configuration to your `.env` file in the root of your project:
+
+```shell
+S3_BUCKET=YOURS3BUCKET
+SECRET_KEY=YOURSECRETKEYGOESHERE
+```
+
+Whenever your application loads, these variables will be available in `ENV`:
+
+```ruby
+config.fog_directory  = ENV['S3_BUCKET']
+```
+
+### `.env.vault`
+
+Usage is similar to git. In the same directory as your `.env` file, run the command:
+
+```shell
+npx dotenv-vault new
+```
+
+Follow those instructions and then run:
+
+```shell
+$ npx dotenv-vault login
+```
+
+Then run push and pull:
+
+```shell
+$ npx dotenv-vault push
+$ npx dotenv-vault pull
+```
+
+That's it!
+
+You just synced your `.env` file. Commit your `.env.vault` file to code, and tell your teammates to run `npx dotenv-vault pull`.
+
+## Multiple Environments
+
+Run the command:
+
+```shell
+$ npx dotenv-vault open production
+```
+
+It will open up an interface to manage your production environment variables.
+
+## Deploy Anywhere
+
+Build your encrypted `.env.vault`:
+
+```shell
+$ npx dotenv-vault build
+```
+
+Safely commit and push your changes:
+
+```shell
+$ git commit -am "Updated .env.vault"
+$ git push
+```
+
+Obtain your `DOTENV_KEY`:
+
+```shell
+$ npx dotenv-vault keys
+```
+
+Set `DOTENV_KEY` on your infrastructure. For example, on Heroku:
+
+```shell
+$ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?environment=production"
+```
+
+All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
+
+## FAQ
+
+#### What happens if `DOTENV_KEY` is not set?
+
+Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.
+
+#### Should I commit my `.env` file?
+
+No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
+
+#### Should I commit my `.env.vault` file?
+
+Yes. It is safe and recommended to do so. It contains your vault identifier at the vault provider (in this case [dotenv.org](https://dotenv.org)) and contains your encrypted values.
+
+#### Can I share the `DOTENV_KEY`?
+
+No. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+## Changelog
+
+See [CHANGELOG.md](CHANGELOG.md)
+
+## License
+
+MIT

data/lib/dotenv-vault/load.rb

@@ -0,0 +1,2 @@
+require "dotenv-vault"
+DotenvVault.load

data/lib/dotenv-vault/version.rb

@@ -1,3 +1,3 @@
 module DotenvVault
-  VERSION = "0.7.0"
+  VERSION = "0.8.0"
 end

data/lib/dotenv-vault.rb

@@ -90,7 +90,7 @@ module DotenvVault
   #
   # Decrypts and loads to ENV
   def load_vault(*filenames)
-    DotenvVault.logger.info("[dotenv-vault] Loading .env.vault") if DotenvVault.logger
+    DotenvVault.logger.info("[dotenv-vault] Loading encrypted .env.vault to environment variables") if DotenvVault.logger
 
     parsed = parse_vault(*filenames)
     
@@ -104,7 +104,7 @@ module DotenvVault
   #
   # Decrypts and overloads to ENV
   def overload_vault(*filenames)
-    DotenvVault.logger.info("[dotenv-vault] Overloading .env.vault") if DotenvVault.logger
+    DotenvVault.logger.info("[dotenv-vault] Overloading encrypted .env.vault to environment variables") if DotenvVault.logger
 
     parsed = parse_vault(*filenames)
     

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dotenv-vault
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - motdotla
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-09-17 00:00:00.000000000 Z
+date: 2022-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dotenv
@@ -90,6 +90,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
@@ -101,6 +102,7 @@ files:
 - dotenv-vault.gemspec
 - lib/dotenv-vault-rails.rb
 - lib/dotenv-vault.rb
+- lib/dotenv-vault/load.rb
 - lib/dotenv-vault/rails-now.rb
 - lib/dotenv-vault/rails.rb
 - lib/dotenv-vault/version.rb