dotenv 0.10.0 → 2.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: bd2cbf743caa9a52aa0be269a6d85623a429e63f
-  data.tar.gz: 8dbb6133dbb68670820f783469d680052b7ad6b9
+SHA256:
+  metadata.gz: 53a782f20ccb8d0ed6e70eb3f6e626313a96460297e75dfc02356da40bea9ef1
+  data.tar.gz: 7dee9ae1c761ad5f069883443f8ccb0c3e8540187e432fc184783c88f1844ac6
 SHA512:
-  metadata.gz: e214586a73a311cf7544a1e2141f2653fba3bcead5a43b5dadd865732a16d9aaed54c0f063f5bade068971191c915fe8917d8da7bcf16eaaf8c8b843642e404c
-  data.tar.gz: 4b689ee34f098e79858a84ec03944d1a365905e9d896ccabbe41bb4181b6272466d97dded85ff58b4ddbdc86412090170ac853a6529ead2088a03ae4fa1e9ab0
+  metadata.gz: 0425caeb0f6321954bc8731438793f3d24306b72e0bf17c7de14e45c093bd2af892899d9b91780e0b688371e5db03a819eead8fe2475a7550fb1fc4762989e23
+  data.tar.gz: 52414dd28acab5d41879dc1740c08f8fe4265c66476dd04e1580291104701c0c5b5dcda87575d9aa4433f92587efcee87bf3aa7bb32eab35685b2fa2dd580855

data/README.md

@@ -1,10 +1,10 @@
-# dotenv [![Build Status](https://secure.travis-ci.org/bkeepers/dotenv.png?branch=master)](https://travis-ci.org/bkeepers/dotenv)
+# dotenv [![Gem Version](https://badge.fury.io/rb/dotenv.svg)](https://badge.fury.io/rb/dotenv) [![Join the chat at https://gitter.im/bkeepers/dotenv](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/bkeepers/dotenv?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
-Dotenv loads environment variables from `.env` into `ENV`.
+Shim to load environment variables from `.env` into `ENV` in *development*.
 
-Storing [configuration in the environment](http://www.12factor.net/config) is one of the tenets of a [twelve-factor app](http://www.12factor.net/). Anything that is likely to change between deployment environments–such as resource handles for databases or credentials for external services–should be extracted from the code into environment variables.
+Storing [configuration in the environment](http://12factor.net/config) is one of the tenets of a [twelve-factor app](http://12factor.net). Anything that is likely to change between deployment environments–such as resource handles for databases or credentials for external services–should be extracted from the code into environment variables.
 
-But it is not always practical to set environment variables on development machines or continuous integration servers where multiple projects are run. Dotenv load variables from a `.env` file into `ENV` when the environment is bootstrapped.
+But it is not always practical to set environment variables on development machines or continuous integration servers where multiple projects are run. dotenv loads variables from a `.env` file into `ENV` when the environment is bootstrapped.
 
 ## Installation
 
@@ -13,7 +13,7 @@ But it is not always practical to set environment variables on development machi
 Add this line to the top of your application's Gemfile:
 
 ```ruby
-gem 'dotenv-rails', :groups => [:development, :test]
+gem 'dotenv-rails', groups: [:development, :test]
 ```
 
 And then execute:
@@ -22,7 +22,28 @@ And then execute:
 $ bundle
 ```
 
-It should be listed in the Gemfile before any other gems that use environment variables, otherwise those gems will get initialized with the wrong values.
+#### Note on load order
+
+dotenv is initialized in your Rails app during the `before_configuration` callback, which is fired when the `Application` constant is defined in `config/application.rb` with `class Application < Rails::Application`. If you need it to be initialized sooner, you can manually call `Dotenv::Railtie.load`.
+
+```ruby
+# config/application.rb
+Bundler.require(*Rails.groups)
+
+# Load dotenv only in development or test environment
+if ['development', 'test'].include? ENV['RAILS_ENV']
+  Dotenv::Railtie.load
+end
+
+HOSTNAME = ENV['HOSTNAME']
+```
+
+If you use gems that require environment variables to be set before they are loaded, then list `dotenv-rails` in the `Gemfile` before those other gems and require `dotenv/rails-now`.
+
+```ruby
+gem 'dotenv-rails', require: 'dotenv/rails-now'
+gem 'gem-that-requires-env-variables'
+```
 
 ### Sinatra or Plain ol' Ruby
 
@@ -35,14 +56,30 @@ $ gem install dotenv
 As early as possible in your application bootstrap process, load `.env`:
 
 ```ruby
+require 'dotenv/load'
+
+# or
 require 'dotenv'
 Dotenv.load
 ```
 
+By default, `load` will look for a file called `.env` in the current working directory. Pass in multiple files and they will be loaded in order. The first value set for a variable will win.
+
+```ruby
+require 'dotenv'
+Dotenv.load('file1.env', 'file2.env')
+```
+
 Alternatively, you can use the `dotenv` executable to launch your application:
 
 ```shell
-$ dotenv ./script.py
+$ dotenv ./script.rb
+```
+
+The `dotenv` executable also accepts a single flag, `-f`. Its value should be a comma-separated list of configuration files, in the order of most important to least. All of the files must exist. There _must_ be a space between the flag and its value.
+
+```
+$ dotenv -f ".env.local,.env" ./script.rb
 ```
 
 To ensure `.env` is loaded in rake, load the tasks:
@@ -50,7 +87,7 @@ To ensure `.env` is loaded in rake, load the tasks:
 ```ruby
 require 'dotenv/tasks'
 
-task :mytask => :dotenv do
+task mytask: :dotenv do
     # things that require .env
 end
 ```
@@ -64,55 +101,164 @@ S3_BUCKET=YOURS3BUCKET
 SECRET_KEY=YOURSECRETKEYGOESHERE
 ```
 
-You can also create files per environment, such as `.env.test`.
+Whenever your application loads, these variables will be available in `ENV`:
+
+```ruby
+config.fog_directory  = ENV['S3_BUCKET']
+```
+
+You may also add `export` in front of each line so you can `source` the file in bash:
 
 ```shell
-S3_BUCKET=tests3bucket
-SECRET_KEY=testsecretkey
+export S3_BUCKET=YOURS3BUCKET
+export SECRET_KEY=YOURSECRETKEYGOESHERE
 ```
 
-An alternate yaml-like syntax is supported:
+### Multi-line values
+
+If you need multiline variables, for example private keys, you can double quote strings and use the `\n` character for newlines:
 
-```yaml
-S3_BUCKET: yamlstyleforyours3bucket
-SECRET_KEY: thisisalsoanokaysecret
+```shell
+PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nHkVN9...\n-----END DSA PRIVATE KEY-----\n"
 ```
 
-Whenever your application loads, these variables will be available in `ENV`:
+Alternatively, multi-line values with line breaks are now supported for quoted values.
 
-```ruby
-config.fog_directory  = ENV['S3_BUCKET']
+```shell
+PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
+...
+HkVN9...
+...
+-----END DSA PRIVATE KEY-----"
 ```
 
-## Capistrano integration
+This is particularly helpful when using the Heroku command line plugin [`heroku-config`](https://github.com/xavdid/heroku-config) to pull configuration variables down that may have line breaks.
 
-If you want to use Dotenv with Capistrano in your production environment, make sure the dotenv gem is included in your Gemfile `:production` group.
+### Command Substitution
 
-### Capistrano version 2.x.x
+You need to add the output of a command in one of your variables? Simply add it with `$(your_command)`:
 
-Add the gem to your `config/deploy.rb` file:
+```shell
+DATABASE_URL="postgres://$(whoami)@localhost/my_database"
+```
 
-```ruby
-require "dotenv/capistrano"
+### Variable Substitution
+
+You need to add the value of another variable in one of your variables? You can reference the variable with `${VAR}` or often just `$VAR` in unqoted or double-quoted values.
+
+```shell
+DATABASE_URL="postgres://${USER}@localhost/my_database"
 ```
 
-It will symlink the `.env` located in `/path/to/shared` in the new release. 
+If a value contains a `$` and it is not intended to be a variable, wrap it in single quotes.
 
+```shell
+PASSWORD='pas$word'
+```
 
-### Capistrano version 3.x.x
+### Comments
 
-Just add `.env` to the list of linked files, for example:
+Comments may be added to your file as such:
+
+```shell
+# This is a comment
+SECRET_KEY=YOURSECRETKEYGOESHERE # comment
+SECRET_HASH="something-with-a-#-hash"
+```
+
+### Required Keys
+
+If a particular configuration value is required but not set, it's appropriate to raise an error.
+
+To require configuration keys:
+
+```ruby
+# config/initializers/dotenv.rb
+
+Dotenv.require_keys("SERVICE_APP_ID", "SERVICE_KEY", "SERVICE_SECRET")
+```
+
+If any of the configuration keys above are not set, your application will raise an error during initialization. This method is preferred because it prevents runtime errors in a production application due to improper configuration.
+
+### Parsing
+
+To parse a list of env files for programmatic inspection without modifying the ENV:
 
 ```ruby
-set :linked_files, %w{config/database.yml .env}
+Dotenv.parse(".env.local", ".env")
+# => {'S3_BUCKET' => 'YOURS3BUCKET', 'SECRET_KEY' => 'YOURSECRETKEYGOESHERE', ...}
+```
+
+This method returns a hash of the ENV var name/value pairs.
+
+## Frequently Answered Questions
+
+### Can I use dotenv in production?
+
+dotenv was originally created to load configuration variables into `ENV` in *development*. There are typically better ways to manage configuration in production environments - such as `/etc/environment` managed by [Puppet](https://github.com/puppetlabs/puppet) or [Chef](https://github.com/chef/chef), `heroku config`, etc.
+
+However, some find dotenv to be a convenient way to configure Rails applications in staging and production environments, and you can do that by defining environment-specific files like `.env.production` or `.env.test`.
+
+If you use this gem to handle env vars for multiple Rails environments (development, test, production, etc.), please note that env vars that are general to all environments should be stored in `.env`. Then, environment specific env vars should be stored in `.env.<that environment's name>`.
+
+### What other .env* files can I use?
+
+`dotenv-rails` will override in the following order (highest defined variable overrides lower):
+
+| Hierarchy Priority | Filename                 | Environment          | Should I `.gitignore`it?                            | Notes                                                        |
+| ------------------ | ------------------------ | -------------------- | --------------------------------------------------- | ------------------------------------------------------------ |
+| 1st (highest)      | `.env.development.local` | Development          | Yes!                                                | Local overrides of environment-specific settings.            |
+| 1st                | `.env.test.local`        | Test                 | Yes!                                                | Local overrides of environment-specific settings.            |
+| 1st                | `.env.production.local`  | Production           | Yes!                                                | Local overrides of environment-specific settings.            |
+| 2nd                | `.env.local`             | Wherever the file is | Definitely.                                         | Local overrides. This file is loaded for all environments _except_ `test`. |
+| 3rd                | `.env.development`       | Development          | No.                                                 | Shared environment-specific settings                         |
+| 3rd                | `.env.test`              | Test                 | No.                                                 | Shared environment-specific settings                         |
+| 3rd                | `.env.production`        | Production           | No.                                                 | Shared environment-specific settings                         |
+| Last               | `.env`                   | All Environments     | Depends (See [below](#should-i-commit-my-env-file)) | The Original®                                                |
+
+
+### Should I commit my .env file?
+
+Credentials should only be accessible on the machines that need access to them. Never commit sensitive information to a repository that is not needed by every development machine and server.
+
+
+You can use the `-t` or `--template` flag on the dotenv cli to create a template of your `.env` file.
+```shell
+$ dotenv -t .env
 ```
+A template will be created in your working directory named `{FINAME}.template`. So in the above example, it would create a `.env.template` file.
 
-## Should I commit my .env file?
+The template will contain all the environment variables in your `.env` file but with their values set to the variable names.
+
+```shell
+# .env
+S3_BUCKET=YOURS3BUCKET
+SECRET_KEY=YOURSECRETKEYGOESHERE
+```
 
-It is recommended that you store development-only settings in your `.env` file, and commit it to your repository. Make sure that all your credentials for your development environment are different from your other deployments. This makes it easy for other developers to get started on your project, without compromising your credentials for other environments.
+Would become
+
+```shell
+# .env.template
+S3_BUCKET=S3_BUCKET
+SECRET_KEY=SECRET_KEY
+```
+
+Personally, I prefer to commit the `.env` file with development-only settings. This makes it easy for other developers to get started on the project without compromising credentials for other environments. If you follow this advice, make sure that all the credentials for your development environment are different from your other deployments and that the development credentials do not have access to any confidential data.
+
+### Why is it not overriding existing `ENV` variables?
+
+By default, it **won't** overwrite existing environment variables as dotenv assumes the deployment environment has more knowledge about configuration than the application does. To overwrite existing environment variables you can use `Dotenv.overload`.
+
+You can also use the `-o` or `--overload` flag on the dotenv cli to override existing `ENV` variables.
+```shell
+$ dotenv -o -f ".env.local,.env"
+```
 
 ## Contributing
 
+If you want a better idea of how dotenv works, check out the [Ruby Rogues Code Reading of dotenv](https://www.youtube.com/watch?v=lKmY_0uY86s).
+
 1. Fork it
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Added some feature'`)

data/bin/dotenv

@@ -1,11 +1,4 @@
 #!/usr/bin/env ruby
 
-require 'dotenv'
-
-begin
-  Dotenv.load!
-rescue Errno::ENOENT => e
-  abort e.message
-else
-  exec *ARGV unless ARGV.empty?
-end
+require "dotenv/cli"
+Dotenv::CLI.new(ARGV).run

data/lib/dotenv/cli.rb

@@ -0,0 +1,57 @@
+require "dotenv"
+require "dotenv/version"
+require "dotenv/template"
+require "optparse"
+
+module Dotenv
+  # The command line interface
+  class CLI < OptionParser
+    attr_reader :argv, :filenames, :overload
+
+    def initialize(argv = [])
+      @argv = argv.dup
+      @filenames = []
+      @overload = false
+
+      super "Usage: dotenv [options]"
+      separator ""
+
+      on("-f FILES", Array, "List of env files to parse") do |list|
+        @filenames = list
+      end
+
+      on("-o", "--overload", "override existing ENV variables") do
+        @overload = true
+      end
+
+      on("-h", "--help", "Display help") do
+        puts self
+        exit
+      end
+
+      on("-v", "--version", "Show version") do
+        puts "dotenv #{Dotenv::VERSION}"
+        exit
+      end
+
+      on("-t", "--template=FILE", "Create a template env file") do |file|
+        template = Dotenv::EnvTemplate.new(file)
+        template.create_template
+      end
+
+      order!(@argv)
+    end
+
+    def run
+      if @overload
+        Dotenv.overload!(*@filenames)
+      else
+        Dotenv.load!(*@filenames)
+      end
+    rescue Errno::ENOENT => e
+      abort e.message
+    else
+      exec(*@argv) unless @argv.empty?
+    end
+  end
+end

data/lib/dotenv/environment.rb

@@ -1,70 +1,28 @@
-require 'dotenv/format_error'
-require 'dotenv/substitutions/variable'
-if RUBY_VERSION > '1.8.7'
-  require 'dotenv/substitutions/command'
-end
-
 module Dotenv
+  # This class inherits from Hash and represents the environment into which
+  # Dotenv will load key value pairs from a file.
   class Environment < Hash
-    @@substitutions = Substitutions.constants.map { |const| Substitutions.const_get(const) }
+    attr_reader :filename
 
-    LINE = /
-      \A
-      (?:export\s+)?    # optional export
-      ([\w\.]+)         # key
-      (?:\s*=\s*|:\s+?) # separator
-      (                 # optional value begin
-        '(?:\'|[^'])*'  #   single quoted value
-        |               #   or
-        "(?:\"|[^"])*"  #   double quoted value
-        |               #   or
-        [^#\n]+         #   unquoted value
-      )?                # value end
-      (?:\s*\#.*)?      # optional comment
-      \z
-    /x
-
-    def initialize(filename)
+    def initialize(filename, is_load = false)
       @filename = filename
-      load
+      load(is_load)
     end
 
-    def load
-      read.each do |line|
-        if match = line.match(LINE)
-          key, value = match.captures
-
-          value ||= ''
-          # Remove surrounding quotes
-          value = value.strip.sub(/\A(['"])(.*)\1\z/, '\2')
-
-          if $1 == '"'
-            value = value.gsub('\n', "\n")
-            # Unescape all characters except $ so variables can be escaped properly
-            value = value.gsub(/\\([^$])/, '\1')
-          end
-
-          @@substitutions.each do |proc|
-            value = proc.call(value, self)
-          end
-
-          self[key] = value
-        elsif line !~ /\A\s*(?:#.*)?\z/ # not comment or blank line
-          raise FormatError, "Line #{line.inspect} doesn't match format"
-        end
-      end
+    def load(is_load = false)
+      update Parser.call(read, is_load)
     end
 
     def read
-      File.read(@filename).split("\n")
+      File.open(@filename, "rb:bom|utf-8", &:read)
     end
 
     def apply
-      each { |k,v| ENV[k] ||= v }
+      each { |k, v| ENV[k] ||= v }
     end
 
     def apply!
-      each { |k,v| ENV[k] = v }
+      each { |k, v| ENV[k] = v }
     end
   end
 end

data/lib/dotenv/load.rb

@@ -0,0 +1,2 @@
+require "dotenv"
+Dotenv.load

data/lib/dotenv/missing_keys.rb

@@ -0,0 +1,10 @@
+module Dotenv
+  class Error < StandardError; end
+
+  class MissingKeys < Error # :nodoc:
+    def initialize(keys)
+      key_word = "key#{keys.size > 1 ? "s" : ""}"
+      super("Missing required configuration #{key_word}: #{keys.inspect}")
+    end
+  end
+end

data/lib/dotenv/parser.rb

@@ -0,0 +1,109 @@
+require "dotenv/substitutions/variable"
+require "dotenv/substitutions/command" if RUBY_VERSION > "1.8.7"
+
+module Dotenv
+  class FormatError < SyntaxError; end
+
+  # This class enables parsing of a string for key value pairs to be returned
+  # and stored in the Environment. It allows for variable substitutions and
+  # exporting of variables.
+  class Parser
+    @substitutions =
+      [Dotenv::Substitutions::Variable, Dotenv::Substitutions::Command]
+
+    LINE = /
+      (?:^|\A)              # beginning of line
+      \s*                   # leading whitespace
+      (?:export\s+)?        # optional export
+      ([\w.]+)              # key
+      (?:\s*=\s*?|:\s+?)    # separator
+      (                     # optional value begin
+        \s*'(?:\\'|[^'])*'  #   single quoted value
+        |                   #   or
+        \s*"(?:\\"|[^"])*"  #   double quoted value
+        |                   #   or
+        [^\#\r\n]+          #   unquoted value
+      )?                    # value end
+      \s*                   # trailing whitespace
+      (?:\#.*)?             # optional comment
+      (?:$|\z)              # end of line
+    /x
+
+    class << self
+      attr_reader :substitutions
+
+      def call(string, is_load = false)
+        new(string, is_load).call
+      end
+    end
+
+    def initialize(string, is_load = false)
+      @string = string
+      @hash = {}
+      @is_load = is_load
+    end
+
+    def call
+      # Convert line breaks to same format
+      lines = @string.gsub(/\r\n?/, "\n")
+      # Process matches
+      lines.scan(LINE).each do |key, value|
+        @hash[key] = parse_value(value || "")
+      end
+      # Process non-matches
+      lines.gsub(LINE, "").split(/[\n\r]+/).each do |line|
+        parse_line(line)
+      end
+      @hash
+    end
+
+    private
+
+    def parse_line(line)
+      if line.split.first == "export"
+        if variable_not_set?(line)
+          raise FormatError, "Line #{line.inspect} has an unset variable"
+        end
+      end
+    end
+
+    def parse_value(value)
+      # Remove surrounding quotes
+      value = value.strip.sub(/\A(['"])(.*)\1\z/m, '\2')
+      maybe_quote = Regexp.last_match(1)
+      value = unescape_value(value, maybe_quote)
+      perform_substitutions(value, maybe_quote)
+    end
+
+    def unescape_characters(value)
+      value.gsub(/\\([^$])/, '\1')
+    end
+
+    def expand_newlines(value)
+      value.gsub('\n', "\n").gsub('\r', "\r")
+    end
+
+    def variable_not_set?(line)
+      !line.split[1..].all? { |var| @hash.member?(var) }
+    end
+
+    def unescape_value(value, maybe_quote)
+      if maybe_quote == '"'
+        unescape_characters(expand_newlines(value))
+      elsif maybe_quote.nil?
+        unescape_characters(value)
+      else
+        value
+      end
+    end
+
+    def perform_substitutions(value, maybe_quote)
+      if maybe_quote != "'"
+        self.class.substitutions.each do |proc|
+          value = proc.call(value, @hash, @is_load)
+        end
+      end
+      value
+    end
+  end
+end

data/lib/dotenv/substitutions/command.rb

@@ -1,32 +1,41 @@
+require "English"
+
 module Dotenv
   module Substitutions
+    # Substitute shell commands in a value.
+    #
+    #   SHA=$(git rev-parse HEAD)
+    #
     module Command
       class << self
-
         INTERPOLATED_SHELL_COMMAND = /
-          (?<backslash>\\)?
-          \$
+          (?<backslash>\\)?   # is it escaped with a backslash?
+          \$                  # literal $
           (?<cmd>             # collect command content for eval
             \(                # require opening paren
-            ([^()]|\g<cmd>)+  # allow any number of non-parens, or balanced parens (by nesting the <cmd> expression recursively)
+            (?:[^()]|\g<cmd>)+  # allow any number of non-parens, or balanced
+                              # parens (by nesting the <cmd> expression
+                              # recursively)
             \)                # require closing paren
           )
         /x
 
-        def call(value, env)
+        def call(value, _env, _is_load)
           # Process interpolated shell commands
           value.gsub(INTERPOLATED_SHELL_COMMAND) do |*|
-            command = $~[:cmd][1..-2] # Eliminate opening and closing parentheses
+            # Eliminate opening and closing parentheses
+            command = $LAST_MATCH_INFO[:cmd][1..-2]
 
-            if $~[:backslash]
-              $~[0][1..-1]
+            if $LAST_MATCH_INFO[:backslash]
+              # Command is escaped, don't replace it.
+              $LAST_MATCH_INFO[0][1..]
             else
+              # Execute the command and return the value
               `#{command}`.chomp
             end
           end
         end
       end
-
     end
   end
 end