dynenv 0.0.0.pre

data/Rakefile

@@ -0,0 +1,27 @@
+require File.expand_path('../test_app/config/application', __FILE__)
+Rails.application.load_tasks
+
+require 'bundler/gem_tasks'
+require 'inch/rake'
+require 'rspec/core/rake_task'
+require 'rubocop/rake_task'
+require 'yard/rake/yardoc_task'
+
+namespace :lint do
+  desc 'Lint inline documentation'
+  Inch::Rake::Suggest.new(:docs)
+
+  desc 'Lint Ruby code'
+  RuboCop::RakeTask.new(:ruby)
+end
+
+task lint: %w(lint:docs lint:ruby)
+
+RSpec::Core::RakeTask.new(:spec)
+
+desc 'Generate API documentation'
+YARD::Rake::YardocTask.new
+
+task ci: %w(lint spec)
+
+task default: %w(lint spec)

data/SECURITY.md

@@ -0,0 +1,141 @@
+# Dynenv Security Policy
+
+The authors of Dynenv take web security very seriously. If you've found a
+vulnerability in dynenv, follow these steps to safely report the issue to the
+team.
+
+## Supported versions
+
+Support of Dynenv is divided into four priorities: new features, bug fixes,
+security issues, and severe security issues. They are handled as follows:
+
+### New features
+
+New features are only added to the `master` branch and will not be made
+available in patch releases.
+
+### Bug fixes
+
+Only the latest minor release series will receive bug fixes. When enough bugs
+are fixed and it is deemed worthy to release a new gem version, this is the
+branch it happens from.
+
+* Current minor release series: [0.0.x][current-minor-release-branch]
+
+### Security issues
+
+The current minor release series and the next most recent one for the current
+major release will receive patches and new versions in case of a security issue.
+
+* Current minor release series: [0.0.x][current-minor-release-branch]
+* Next most recent minor release series: N/A
+
+### Severe security issues
+
+For severe security issues we will provide new versions as above, as well as a
+new version for the last minor release series from the previous major release.
+
+* Current minor release series: [0.0.x][current-minor-release-branch]
+* Next most recent minor release series: N/A
+* Last minor release series of previous major release: N/A
+
+### Unsupported release series
+
+When a release series is no longer supported, it's your own responsibility to
+deal with bugs and security issues. We may provide backports of the fixes and
+publish them to git, but there will be no new gem versions released. If you're
+not comfortable maintaining your own versions, you should upgrade to a supported
+version.
+
+## Reporting a bug
+
+All security bugs in Dynenv should be reported via an encrypted PGP/GPG message
+to the project maintainer at
+[tony@tonyburns.net](mailto:tony@tonyburns.net). The public PGP/GPG key to
+encrypt to can be found in the
+[tonyhburns.asc](https://raw.githubusercontent.com/tonyhburns/dynenv/master/tonyhburns.asc)
+file in this repository, and can also be found on
+[Keybase](https://keybase.io/tonyhburns). The fingerprint of the key should be:
+
+    2B8C 9D65 B3A7 2398 200D  D60F 9F8D 77FF 59B3 6213
+
+Your report will be acknowledged within 24 hours, and you'll receive a more
+detailed response to your email within 48 hours indicating the next steps in
+handling your report.
+
+After the initial reply to your report, the project maintainer will endeavor to
+keep you informed of the progress being made towards a fix and full
+announcement. These updates will be sent **at least** every five days, but in
+reality you should hear back every 24-48 hours.
+
+If you have not received a reply to your email within 48 hours, or have not
+heard back from the project maintainer for the past five days, there are a few
+steps you can take:
+
+* Send a direct message to [@dynenvgem][project-twitter]
+* Send a direct message to [@tonyhburns][project-maintainer-twitter]
+* Email the [project mailing list][project-mailing-list]
+* Ask in the [Gitter room](https://gitter.im/tonyhburns/dynenv) or the
+  #dynenv IRC channel on Freenode
+
+Please note, the mailing list, Gitter room, and #dynenv channel are public
+forums. When escalating to one of these channels **please do not discuss your
+issue**; simply say that you're trying to reach the project maintainer about a
+security bug.
+
+## Disclosure policy
+
+Dynenv has a five step disclosure policy:
+
+1. Security report received and is assigned to a primary handler. This person
+will coordinate the fix and release process.
+2. Problem is confirmed and a list of all affected versions is determined. Code
+is audited to find any potentially similar problems.
+3. Fixes are prepared for all releases which are still supported. These fixes
+are **not** committed to the public repository but rather held locally pending
+the announcement.
+4. A suggested embargo date for the vulnerability is chosen and
+[vendor-sec](http://oss-security.openwall.org/wiki/mailing-lists/distros) is
+notified.  The notification will include patches for all supported versions and
+a contact address for packagers who need advice backporting patches to older
+versions.
+5. On the embargo date, the [project mailing list][project-mailing-list] and
+the [Ruby security announcement mailing
+list](https://groups.google.com/forum/#!forum/ruby-security-ann) is sent a copy
+of the announcement. An announcement will also be made on
+[@dynenvgem][project-twitter]. The changes are pushed to the public
+repository and new gem versions are released to RubyGems.
+
+Typically the embargo date will be set 72 hours from the time vendor-sec is
+first notified. However, this may vary depending on the severity of the bug or
+difficulty in applying a fix.
+
+This process can take some time, especially when coordination is required with
+maintainers of other projects. Every effort will be made to handle the bug in as
+timely a manner as possible, however it's important that we follow the release
+process above to ensure that the disclosure is handled in a consistent and
+responsible manner.
+
+## Receiving security updates
+
+The best way to receive all the security announcements is to subscribe to the
+[project mailing list][project-mailing-list], which receives the public
+notifications the moment the embargo is lifted. If you produce packages of
+Dynenv and require prior notification of vulnerabilities, you should be
+subscribed to vendor-sec.
+
+Nobody outside the project team, the initial reporter, or vendor-sec will be
+notified prior to the lifting of an embargo on a security bug. We regret that we
+cannot make exceptions to this policy for high traffic or important sites, as
+any disclosure beyond the minimum required to coordinate a fix could cause an
+early leak of the vulnerability.
+
+## Comments on this policy
+
+If you have any suggestions to improve this policy, please [open an issue on
+GitHub](https://github.com/tonyhburns/dynenv/issues).
+
+[current-minor-release-branch]: https://github.com/tonyhburns/dynenv/tree/master
+[project-mailing-list]: https://groups.google.com/forum/#!forum/dynenv
+[project-twitter]: https://twitter.com/dynenvgem
+[project-maintainer-twitter]: https://twitter.com/tonyhburns

data/dynenv.gemspec

@@ -0,0 +1,34 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'dynenv/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'dynenv'
+  spec.version       = Dynenv::Version::STRING
+  spec.authors       = ['Tony Burns']
+  spec.email         = %w(tony@tonyburns.net)
+
+  spec.summary       = 'Environment variable management with Amazon DynamoDB'
+  spec.description   = 'A runtime configuration system that injects environment variables into your processes using Amazon DynamoDB as a backing store' # rubocop:disable Metrics/LineLength
+  spec.homepage      = 'https://github.com/tonyhburns/dynenv'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(bin|config|spec|test_app)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = %w(lib)
+
+  spec.required_ruby_version = '>= 2.1.0'
+
+  spec.add_dependency 'activesupport', '~> 4.2'
+  spec.add_dependency 'aws-sdk', '~> 2.0'
+  spec.add_dependency 'colorize', '~> 0.7'
+  spec.add_dependency 'thor', '~> 0.19'
+
+  spec.add_development_dependency 'bundler', '~> 1.9'
+
+  unless ENV['CI']
+    spec.cert_chain = %w(tonyhburns.pem)
+    spec.signing_key = File.expand_path(ENV['GEM_SIGNING_KEY']) if $PROGRAM_NAME =~ /gem\z/
+  end
+end

data/exe/dynenv

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+lib_path = File.expand_path('../../lib', __FILE__)
+$LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
+
+require 'dynenv/cli'
+Dynenv::CLI::Application.start(ARGV)

data/lib/dynenv.rb

@@ -0,0 +1,31 @@
+require 'active_support/core_ext/module/attribute_accessors'
+
+require_relative './dynenv/version'
+require_relative './dynenv/configuration'
+
+# Top-level namespace for Dynenv.
+module Dynenv
+  class << self
+    # @!attribute [r] configuration
+    #   @return [Dynenv::Configuration] the global configuration for Dynenv
+
+    # Yield Dynenv's global configuration to the block. Use this in your
+    # initializer to modify Dynenv's global configuration.
+    #
+    # @return [nil]
+    #
+    # @see Dynenv.configuration
+    def configure(&_blk)
+      yield configuration
+      nil
+    end
+
+    # Inject environment variables from DynamoDB.
+    def load
+    end
+  end
+
+  mattr_reader(:configuration) { Dynenv::Configuration.new }
+end
+
+require_relative './dynenv/errors'

data/lib/dynenv/cli.rb

@@ -0,0 +1,9 @@
+require 'dynenv'
+
+module Dynenv
+  # Namespace for Dynenv CLI components.
+  module CLI
+  end
+end
+
+require_relative './cli/application'

data/lib/dynenv/cli/application.rb

@@ -0,0 +1,11 @@
+require 'thor'
+
+require_relative './errors'
+
+module Dynenv
+  module CLI
+    # Entry-point for the Dynenv CLI application.
+    class Application < Thor
+    end
+  end
+end

data/lib/dynenv/cli/errors.rb

@@ -0,0 +1,9 @@
+require_relative '../errors'
+
+module Dynenv
+  module CLI
+    # Base class for CLI errors/exception classes.
+    class Error < Dynenv::Error
+    end
+  end
+end

data/lib/dynenv/configuration.rb

@@ -0,0 +1,15 @@
+require 'active_support/core_ext/module/delegation'
+require 'active_support/ordered_options'
+
+require_relative './logging'
+
+module Dynenv
+  # Global configuration settings for Dynenv.
+  class Configuration
+    # @!attribute [rw] logger
+    #   @return [Logger] the global Logger instance
+    #   @see Dynenv::Logging.logger
+    #   @see Dynenv::Logging.logger=
+    delegate :logger, :logger=, to: 'Dynenv::Logging'
+  end
+end

data/lib/dynenv/errors.rb

@@ -0,0 +1,4 @@
+module Dynenv
+  # Base class for Dynenv error/exception classes.
+  class Error < StandardError; end
+end

data/lib/dynenv/instrumentation.rb

@@ -0,0 +1,5 @@
+module Dynenv
+  # Helpers to publish events to {ActiveSupport::Notifications}.
+  module Instrumentation
+  end
+end

data/lib/dynenv/logging.rb

@@ -0,0 +1,41 @@
+require 'logger'
+
+module Dynenv
+  # Helpers to facilitate logging within Dynenv.
+  module Logging
+    class << self
+      # Return a new {Logger} instance with default configuration.
+      #
+      # @return [Logger]
+      #   A new {Logger} instance
+      def default_logger(device = STDOUT)
+        ::Logger.new(device)
+      end
+
+      # Return the global {Logger} instance, and initializes it if no already
+      # defined.
+      #
+      # @return [Logger]
+      #   The global {Logger} instance
+      def logger
+        defined?(@logger) ? @logger : default_logger
+      end
+
+      # Set the global {Logger} instance.
+      #
+      # @param [Logger, nil] new_logger the {Logger} to use, or nil if you want
+      #   to use a new {Logger} pointed to `/dev/null`
+      #
+      # @return [Logger]
+      #   The new logger instance
+      def logger=(new_logger)
+        @logger = (new_logger.nil? ? ::Logger.new('/dev/null') : new_logger)
+      end
+    end
+
+    # @!attribute [r] logger
+    #   @return [Logger] the global {Logger} instance
+    #   @see Dynenv::Logging.logger
+    delegate :logger, to: 'Dynenv::Logging'
+  end
+end

data/lib/dynenv/metrics.rb

@@ -0,0 +1,5 @@
+module Dynenv
+  # Built-in subscribers to low-level events published by Dynenv.
+  module Metrics
+  end
+end

data/lib/dynenv/rails-now.rb

@@ -0,0 +1,2 @@
+require 'dynenv/rails'
+Dynenv::Railtie.load

data/lib/dynenv/rails.rb

@@ -0,0 +1,31 @@
+require 'rails'
+require 'dynenv'
+
+module Dynenv
+  # Rails initialization and configuration entrypoint for Dynenv.
+  class Railtie < Rails::Engine
+    config.before_configuration { load }
+    config.dynenv = Dynenv.configuration
+
+    initializer 'dynenv.logger' do
+      config.dynenv.logger = Rails.logger
+    end
+
+    # :nocov:
+    rake_tasks do
+      Kernel.load File.expand_path('../rake_task.rb', __FILE__)
+
+      task environment: :dynenv
+    end
+    # :nocov:
+
+    delegate :load, to: 'Dynenv'
+
+    # Inject environment variables from DynamoDB.
+    #
+    # @see Dynenv.load
+    def self.load
+      instance.load
+    end
+  end
+end

data/lib/dynenv/rake_task.rb

@@ -0,0 +1,5 @@
+desc 'Load environment variables from DynamoDB'
+task :dynenv do
+  require 'dynenv'
+  Dynenv.load
+end

data/lib/dynenv/utilities.rb

@@ -0,0 +1,5 @@
+module Dynenv
+  # Miscellaneous helpers used by other Dynenv types.
+  module Utilities
+  end
+end

data/lib/dynenv/version.rb

@@ -0,0 +1,11 @@
+module Dynenv
+  # Version information for Dynenv.
+  module Version
+    MAJOR = 0
+    MINOR = 0
+    PATCH = 0
+    RELEASE = 'pre'
+
+    STRING = [MAJOR, MINOR, PATCH, RELEASE].compact.join('.').freeze
+  end
+end

data/man/dynenv-config.1.ronn

@@ -0,0 +1,22 @@
+dynenv-config(1) -- Get and set table or global options for a Dynenv-managed DynamoDB table
+===========================================================================================
+
+## SYNOPSIS
+
+`dynenv config`
+
+## DESCRIPTION
+
+## OPTIONS
+
+## EXIT STATUS
+
+## ENVIRONMENT
+
+## FILES
+
+## NOTES
+
+## EXAMPLE
+
+## SEE ALSO