dotenv-vault 0.7.1 → 0.9.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3b2a1937481a505016be7ea9cc16a42ff17101c879729f98b907b88bfe48ac61
4
- data.tar.gz: 1613aee7c836ae4440a57b74fa2071f3ef1c9ab6bfec577da3892111df347dd1
3
+ metadata.gz: 28ae7886dc467b2b1b79693a72a4d9d5cbbee538ef1ba59e3519647590d0612c
4
+ data.tar.gz: 91363e287dec8d84e15a3e8cc4f64e25c5b71c5fc99f28f9adb03afb00b87473
5
5
  SHA512:
6
- metadata.gz: a7f41b834dcfc46c063aa22b6bdec7bc0524bb81c6dd7302d6de9cad3ff69a45253d3f9357212ac1658a6d590d258e4cb050ab5dc234debc20c28d5b8b4d596d
7
- data.tar.gz: 7906d25a6830363c5046ba675d02b3d69f6d1306fcfc1087627bef8f129cde011b9a105cb2105795dcc0116a46fcb1bb1cac64cb19d4e6e30db4bc648f226c84
6
+ metadata.gz: 07a3671502b3e5e55450958b287b791d4859932ec51c564abaafcdf72259cf141944c4ca3b45ea093628bf062cf2b32b5cbe30643979c9d1d99d7947d3b40a5c
7
+ data.tar.gz: e44a690fbf4f660049ac24ebe2e1e42ca2f907fa2b0696ee3fc652e6e6bfda04cc7130278b06083d37d3650e602ff154a51cd2cd98a5fe03da51e758a77eb1f7
data/CHANGELOG.md CHANGED
@@ -2,7 +2,25 @@
2
2
 
3
3
  All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
4
4
 
5
- ## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.7.0...master)
5
+ ## [Unreleased](https://github.com/dotenv-org/dotenv-vault-ruby/compare/v0.9.0...master)
6
+
7
+ ## 0.9.0
8
+
9
+ ### Changed
10
+
11
+ - Do not raise stacktrace error if missing .env.vault file [#1](https://github.com/dotenv-org/dotenv-vault-ruby/pull/1)
12
+
13
+ ## 0.8.0
14
+
15
+ ### Added
16
+
17
+ - Add `dotenv-vault/load`
18
+
19
+ ## 0.7.1
20
+
21
+ ### Added
22
+
23
+ - Added README
6
24
 
7
25
  ## 0.7.0 and prior
8
26
 
data/Gemfile.lock CHANGED
@@ -1,12 +1,12 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- dotenv-vault (0.7.1)
4
+ dotenv-vault (0.9.0)
5
5
  dotenv
6
6
  lockbox
7
- dotenv-vault-rails (0.7.1)
7
+ dotenv-vault-rails (0.9.0)
8
8
  dotenv-rails
9
- dotenv-vault (= 0.7.1)
9
+ dotenv-vault (= 0.9.0)
10
10
 
11
11
  GEM
12
12
  remote: https://rubygems.org/
@@ -41,14 +41,14 @@ GEM
41
41
  erubi (1.11.0)
42
42
  i18n (1.12.0)
43
43
  concurrent-ruby (~> 1.0)
44
- lockbox (1.0.0)
44
+ lockbox (1.1.0)
45
45
  loofah (2.19.0)
46
46
  crass (~> 1.0.2)
47
47
  nokogiri (>= 1.5.9)
48
48
  method_source (1.0.0)
49
49
  mini_portile2 (2.8.0)
50
50
  minitest (5.16.3)
51
- nokogiri (1.13.8)
51
+ nokogiri (1.13.9)
52
52
  mini_portile2 (~> 2.8.0)
53
53
  racc (~> 1.4)
54
54
  racc (1.6.0)
@@ -85,7 +85,7 @@ GEM
85
85
  thor (1.2.1)
86
86
  tzinfo (2.0.5)
87
87
  concurrent-ruby (~> 1.0)
88
- zeitwerk (2.6.0)
88
+ zeitwerk (2.6.1)
89
89
 
90
90
  PLATFORMS
91
91
  ruby
data/README.md CHANGED
@@ -4,7 +4,11 @@
4
4
 
5
5
  Dotenv Vault extends the proven & trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with a `.env.vault` file.
6
6
 
7
- This new standard lets you sync your .env files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important .env file again.
7
+ The extended standard lets you sync your `.env` files – quickly & securely. Stop sharing them over insecure channels like Slack and email, and never lose an important `.env` file again.
8
+
9
+ You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
10
+
11
+ **[Create your account](https://dotenv.org/signup)**
8
12
 
9
13
  ## Installation
10
14
 
@@ -22,11 +26,29 @@ And then execute:
22
26
  $ bundle
23
27
  ```
24
28
 
29
+ ### Sinatra or Plain ol' Ruby
30
+
31
+ Install the gem:
32
+
33
+ ```shell
34
+ $ gem install dotenv-vault
35
+ ```
36
+
37
+ As early as possible in your application bootstrap process, load `.env`:
38
+
39
+ ```ruby
40
+ require 'dotenv-vault/load'
41
+
42
+ # or
43
+ require 'dotenv-vault'
44
+ DotenvVault.load
45
+ ```
46
+
25
47
  ## Usage
26
48
 
27
49
  ### `.env`
28
50
 
29
- Basic usage begins just like [dotenv](https://github.com/bkeepers/dotenv).
51
+ Basic usage works just like [dotenv](https://github.com/bkeepers/dotenv).
30
52
 
31
53
  Add your application configuration to your `.env` file in the root of your project:
32
54
 
@@ -35,7 +57,7 @@ S3_BUCKET=YOURS3BUCKET
35
57
  SECRET_KEY=YOURSECRETKEYGOESHERE
36
58
  ```
37
59
 
38
- Whenever your application loads, these variables will be available in `ENV`:
60
+ When your application loads, these variables will be available in `ENV`:
39
61
 
40
62
  ```ruby
41
63
  config.fog_directory = ENV['S3_BUCKET']
@@ -43,6 +65,8 @@ config.fog_directory = ENV['S3_BUCKET']
43
65
 
44
66
  ### `.env.vault`
45
67
 
68
+ Extended usage uses a `.env.vault` file that allows you to sync your secrets across machines, team members, and environments.
69
+
46
70
  Usage is similar to git. In the same directory as your `.env` file, run the command:
47
71
 
48
72
  ```shell
@@ -76,23 +100,9 @@ $ npx dotenv-vault open production
76
100
 
77
101
  It will open up an interface to manage your production environment variables.
78
102
 
79
- ..or if you prefer to manage them in your text editor, run the command:
80
-
81
- ```shell
82
- $ npx dotenv-vault pull production
83
- ```
84
-
85
- Edit the `.env.production` file and push your changes:
86
-
87
- ```shell
88
- $ npx dotenv-vault push production
89
- ```
90
-
91
- Neato.
103
+ ## Build & Deploy Anywhere
92
104
 
93
- ## Deploy Anywhere
94
-
95
- Build your encrypted `.env.vault`. Run the command:
105
+ Build your encrypted `.env.vault`:
96
106
 
97
107
  ```shell
98
108
  $ npx dotenv-vault build
@@ -119,19 +129,42 @@ $ heroku config:set DOTENV_KEY="dotenv://:key_1234@dotenv.org/vault/.env.vault?e
119
129
 
120
130
  All set! When your app boots, it will recognize a `DOTENV_KEY` is set, decrypt the `.env.vault` file, and load the variables to `ENV`.
121
131
 
132
+ Made a change to your production envs? Run `npx dotenv-vault build`, commit that safely to code, and deploy. It's simple and safe like that.
133
+
134
+ ## Dotenv.org
135
+
136
+ **[Create your account](https://dotenv.org/signup)**
137
+
138
+ You need a [Dotenv Account](https://dotenv.org) to use Dotenv Vault. It is free to use with premium features.
139
+
140
+ ![](https://api.checklyhq.com/v1/badges/checks/c2fee99a-38e7-414e-89b8-9766ceeb1927?style=flat&theme=dark&responseTime=true)
141
+ ![](https://api.checklyhq.com/v1/badges/checks/4f557967-1ed1-486a-b762-39a63781d752?style=flat&theme=dark&responseTime=true)
142
+ <br>
143
+ ![](https://api.checklyhq.com/v1/badges/checks/804eb6fa-6599-4688-a649-7ff3c39a64b9?style=flat&theme=dark&responseTime=true)
144
+ ![](https://api.checklyhq.com/v1/badges/checks/6a94504e-e936-4f07-bc0b-e08fee2734b3?style=flat&theme=dark&responseTime=true)
145
+ <br>
146
+ ![](https://api.checklyhq.com/v1/badges/checks/06ac4f4e-3e0e-4501-9987-580b4d2a6b06?style=flat&theme=dark&responseTime=true)
147
+ ![](https://api.checklyhq.com/v1/badges/checks/0ffc1e55-7ef0-4c2c-8acc-b6311871f41c?style=flat&theme=dark&responseTime=true)
148
+
149
+ Visit [health.dotenv.org](https://health.dotenv.org) for more information.
150
+
122
151
  ## FAQ
123
152
 
124
- ### What happens if DOTENV_KEY is not set?
153
+ #### What happens if `DOTENV_KEY` is not set?
125
154
 
126
- Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is useful for development.
155
+ Dotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.
127
156
 
128
- ### Should I commit my `.env` file?
157
+ #### Should I commit my `.env` file?
129
158
 
130
159
  No. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.
131
160
 
132
- ### Should I commit my `.env.vault` file?
161
+ #### Should I commit my `.env.vault` file?
162
+
163
+ Yes. It is safe and recommended to do so. It contains your encrypted envs, and your vault identifier.
164
+
165
+ #### Can I share the `DOTENV_KEY`?
133
166
 
134
- Yes. It is safe and recommended to do so. It contains your vault identifier at the vault provider (in this case [dotenv.org](https://dotenv.org)) and contains your encrypted values.
167
+ No. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.
135
168
 
136
169
  ## Contributing
137
170
 
@@ -0,0 +1,2 @@
1
+ require "dotenv-vault"
2
+ DotenvVault.load
@@ -1,3 +1,3 @@
1
1
  module DotenvVault
2
- VERSION = "0.7.1"
2
+ VERSION = "0.9.0"
3
3
  end
data/lib/dotenv-vault.rb CHANGED
@@ -132,10 +132,6 @@ module DotenvVault
132
132
  environment = params["environment"]
133
133
  raise InvalidDotenvKey, "INVALID_DOTENV_KEY: Missing environment part" unless present?(environment)
134
134
 
135
- # Get vault path
136
- vault_path = uri.path.gsub("/vault/", "") # /vault/.env.vault => .env.vault
137
- raise NotFoundDotenvVault, "NotFoundDotenvVault: Cannot find .env.vault at #{vaultPath}" unless File.file?(vault_path)
138
-
139
135
  # Parse .env.vault
140
136
  parsed = Dotenv.parse(vault_path)
141
137
 
@@ -152,7 +148,19 @@ module DotenvVault
152
148
  end
153
149
 
154
150
  def using_vault?
155
- present?(ENV["DOTENV_KEY"])
151
+ dotenv_key_present? && dotenv_vault_present?
152
+ end
153
+
154
+ def dotenv_key_present?
155
+ present?(ENV["DOTENV_KEY"]) && dotenv_vault_present?
156
+ end
157
+
158
+ def dotenv_vault_present?
159
+ File.file?(vault_path)
160
+ end
161
+
162
+ def vault_path
163
+ ".env.vault"
156
164
  end
157
165
 
158
166
  def present?(str)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dotenv-vault
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.1
4
+ version: 0.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - motdotla
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-09-18 00:00:00.000000000 Z
11
+ date: 2022-10-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dotenv
@@ -102,6 +102,7 @@ files:
102
102
  - dotenv-vault.gemspec
103
103
  - lib/dotenv-vault-rails.rb
104
104
  - lib/dotenv-vault.rb
105
+ - lib/dotenv-vault/load.rb
105
106
  - lib/dotenv-vault/rails-now.rb
106
107
  - lib/dotenv-vault/rails.rb
107
108
  - lib/dotenv-vault/version.rb