ejson-rails 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 69f79981ad2617db5951c38bdef5d9fb77dedd27e52378f3fa460e5af89435b0
-  data.tar.gz: 7ded0b73fc84ae62c508afa5e2c185f85edd83a12872a326c11a9df91292b577
+  metadata.gz: d6d62b4bf362a99bed1a71b0a16cc83bd610157b8e3a06d8998a8c4d1a9479f9
+  data.tar.gz: b74ef1b02227276aed05fc815d876218046bdef4533013d4ca61c0287a79e22a
 SHA512:
-  metadata.gz: bbe4e714ed9a6f110a781e8f8e1fdde6a26695f949798dd8eabdd9ba59a5321a1928dc6d6b2d6f9b685c89232873b4fa00dbfac0daefd10acc7dee09baf8f2c2
-  data.tar.gz: 15e2abb7e802deeaa5358ec6cd10f52576a4402bf490bcae5121152fa1cde54d29cafd2899ccb4244274dd809f61b09331ff7e1d4d77dde38ce0fa9813f9ae1c
+  metadata.gz: d8d136c6ef01aaf7011c0f8edb1f301654e813de2de0cff764422dabb929cea9b8df2e73eea3cb5f5a991a67166004f6bd62f0c0419984071fa8bc8b3009d549
+  data.tar.gz: 325e1a3e46fb0abfdd33b85002359768318dfac8fa6682cc9c09a17130604aa445aa98efcce57156a94cf9abda1d5bbec1315b4178b8830fe1e5e1d0f596f98a

data/.github/workflows/ci.yml

@@ -10,13 +10,13 @@ jobs:
       matrix:
         entry:
           - name: Minimum Rails
-            ruby: '2.7'
+            ruby: '3.1'
             gemfile: Gemfile.rails-min
           - name: Latest Rails
-            ruby: '3.2'
+            ruby: '3.3'
             gemfile: Gemfile.rails-latest
           - name: Edge Rails
-            ruby: '3.2'
+            ruby: '3.3'
             gemfile: "Gemfile.rails-edge"
 
     name: ${{ matrix.entry.name }}

data/.rubocop.yml

@@ -4,6 +4,5 @@ inherit_gem:
 AllCops:
   NewCops: disable
   SuggestExtensions: false
-  TargetRubyVersion: 3.2
   Exclude:
    - vendor/bundle/**/*

data/.ruby-version

@@ -1 +1 @@
-3.2.0
+3.3.0

data/Gemfile.lock

@@ -1,16 +1,16 @@
 PATH
   remote: .
   specs:
-    ejson-rails (0.2.1)
+    ejson-rails (0.2.2)
       ejson
-      railties (>= 5.2)
+      railties (>= 6.1)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (7.1.2)
-      actionview (= 7.1.2)
-      activesupport (= 7.1.2)
+    actionpack (7.1.3.2)
+      actionview (= 7.1.3.2)
+      activesupport (= 7.1.3.2)
       nokogiri (>= 1.8.5)
       racc
       rack (>= 2.2.4)
@@ -18,13 +18,13 @@ GEM
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    actionview (7.1.2)
-      activesupport (= 7.1.2)
+    actionview (7.1.3.2)
+      activesupport (= 7.1.3.2)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    activesupport (7.1.2)
+    activesupport (7.1.3.2)
       base64
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
@@ -36,14 +36,13 @@ GEM
       tzinfo (~> 2.0)
     ast (2.4.2)
     base64 (0.2.0)
-    bigdecimal (3.1.4)
+    bigdecimal (3.1.6)
     builder (3.2.4)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
     crass (1.0.6)
-    diff-lcs (1.4.4)
-    drb (2.2.0)
-      ruby2_keywords
+    diff-lcs (1.5.1)
+    drb (2.2.1)
     ejson (1.4.1)
     erubi (1.12.0)
     i18n (1.14.1)
@@ -52,23 +51,25 @@ GEM
     irb (1.10.0)
       rdoc
       reline (>= 0.3.8)
-    json (2.6.3)
+    json (2.7.1)
+    language_server-protocol (3.17.0.3)
     loofah (2.22.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mini_portile2 (2.8.5)
-    minitest (5.20.0)
+    minitest (5.22.2)
     mutex_m (0.2.0)
-    nokogiri (1.15.5)
+    nokogiri (1.15.6)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    parallel (1.22.1)
-    parser (3.2.0.0)
+    parallel (1.24.0)
+    parser (3.3.0.5)
       ast (~> 2.4.1)
-    psych (5.1.1.1)
+      racc
+    psych (5.1.2)
       stringio
     racc (1.7.3)
-    rack (3.0.8)
+    rack (3.0.9.1)
     rack-session (2.0.0)
       rack (>= 3.0.0)
     rack-test (2.1.0)
@@ -83,9 +84,9 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    railties (7.1.2)
-      actionpack (= 7.1.2)
-      activesupport (= 7.1.2)
+    railties (7.1.3.2)
+      actionpack (= 7.1.3.2)
+      activesupport (= 7.1.3.2)
       irb
       rackup (>= 1.0.0)
       rake (>= 12.2)
@@ -93,46 +94,46 @@ GEM
       zeitwerk (~> 2.6)
     rainbow (3.1.1)
     rake (13.0.6)
-    rdoc (6.6.0)
+    rdoc (6.6.3.1)
       psych (>= 4.0.0)
-    regexp_parser (2.6.1)
+    regexp_parser (2.9.0)
     reline (0.4.1)
       io-console (~> 0.5)
-    rexml (3.2.5)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    rexml (3.2.6)
+    rspec (3.12.0)
+      rspec-core (~> 3.12.0)
+      rspec-expectations (~> 3.12.0)
+      rspec-mocks (~> 3.12.0)
+    rspec-core (3.12.2)
+      rspec-support (~> 3.12.0)
+    rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.2)
+      rspec-support (~> 3.12.0)
+    rspec-mocks (3.12.6)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-support (3.10.2)
-    rubocop (1.43.0)
+      rspec-support (~> 3.12.0)
+    rspec-support (3.12.1)
+    rubocop (1.62.1)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.24.1, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.24.1)
-      parser (>= 3.1.1.0)
+    rubocop-ast (1.31.2)
+      parser (>= 3.3.0.4)
     rubocop-shopify (2.11.1)
       rubocop (~> 1.42)
-    ruby-progressbar (1.11.0)
-    ruby2_keywords (0.0.5)
+    ruby-progressbar (1.13.0)
     stringio (3.1.0)
     thor (1.3.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.5.0)
     webrick (1.8.1)
     zeitwerk (2.6.12)
 
@@ -147,4 +148,4 @@ DEPENDENCIES
   rubocop-shopify
 
 BUNDLED WITH
-   2.3.17
+   2.5.7

data/README.md

@@ -20,11 +20,42 @@ Or install it yourself as:
 
     $ gem install ejson-rails
 
+## Configuration
+
+By default, the gem will look for decrypted secrets in `project/config/secrets.json` or `project/config/secrets.{current_rails_environment}.json` if that doesn't exist.
+
+If your application or environment has a unique way of retrieving decrypted secrets, you can do so by setting `EJSON::Rails::Railtie.ejson_secret_source` to a callable object in `config/application.rb`. For example:
+
+```ruby
+# config/application.rb
+
+# This must be placed BEFORE your application constant which inherits from Rails::Application
+EJSON::Rails::Railtie.ejson_secret_source = FooBar::SecretCredentialReader
+
+# Custom credential reader that lives somewhere else
+module FooBar
+  class SecretCredentialReader
+    class << self
+      def call
+        '{"secret": "secret_from_ejson_secret_source"}'
+      end
+    end
+  end
+end
+```
+
+For simple cases, you can use a `proc`:
+
+```ruby
+EJSON::Rails::Railtie.ejson_secret_source = proc { '{"secret": "secret_from_ejson_secret_source"}' }
+```
+
 ## Usage
 
-Decrypted secrets and credentials from `project/config/secrets.json` (or `project/config/secrets.{current_rails_environment}.json` if that doesn't exist) will be accessible via `Rails.application.secrets`. For example:
+Decrypted secrets and credentials will be accessible via `Rails.application.secrets`. For example:
 
 `# project/config/secrets.json`
+
 ```json
 { "some_secret": "key" }
 ```
@@ -42,6 +73,7 @@ NOTE: This gem does not decrypt ejson for you. You will need to configure this a
 Rails 7.1 has deprecated application secrets in favor of credentials. ejson-rails can migrate secrets to application credentials.
 
 Even before running Rails 7.1, you can migrate your secrets in several steps:
+
 1. Convert secrets from YAML to JSON
 2. Move any ERB embedded within the YAML to the corresponding environment file
 3. Use `Rails.application.credentials` in place of Rails secrets
@@ -71,6 +103,7 @@ YAML supports ERB while JSON secrets do not. If your secrets contain ERB, you wi
 **Before**:
 
 `config/secrets.yml`
+
 ```yaml
 development:
   some_external_service:
@@ -79,7 +112,8 @@ development:
 
 **After**:
 
-`config/secrets.json` as generated by the *recommended* command above.
+`config/secrets.json` as generated by the _recommended_ command above.
+
 ```json
 {
   "some_external_service": {
@@ -90,6 +124,7 @@ development:
 ```
 
 `config/environments/development.rb`
+
 ```ruby
 Rails.application.configure do
   # elided
@@ -100,6 +135,7 @@ end
 ```
 
 #### Rails 7.0 Note
+
 > [!NOTE]
 > In Rails 7.0, credentials are accessed as a Hash with [] and []=.. This is important because the dynamic accessor methods will set values in a different object, and credentials will behave inconsistently after that:
 

data/ejson-rails.gemspec

@@ -23,10 +23,10 @@ Gem::Specification.new do |spec|
 
   spec.metadata = { "allowed_push_host" => "https://rubygems.org" }
 
-  spec.required_ruby_version = ">= 2.7.0"
+  spec.required_ruby_version = ">= 3.1.0"
 
   spec.add_dependency("ejson")
-  spec.add_dependency("railties", ">= 5.2")
+  spec.add_dependency("railties", ">= 6.1")
 
   spec.add_development_dependency("rake", "~> 13.0")
   spec.add_development_dependency("rspec", "~> 3.0")

data/gemfiles/Gemfile.rails-min

@@ -2,4 +2,4 @@ source 'https://rubygems.org'
 
 eval_gemfile('../Gemfile')
 
-gem 'railties', '5.2'
+gem 'railties', '6.1'

data/lib/ejson/rails/railtie.rb

@@ -6,14 +6,15 @@ module EJSON
     private_constant :Rails
 
     class Railtie < Rails::Railtie
-      singleton_class.attr_accessor(:set_secrets)
+      singleton_class.attr_accessor(:ejson_secret_source, :set_secrets)
       @set_secrets = true
 
       config.before_configuration do
-        json_file = json_files.detect { |file| valid?(file) }
-        next unless json_file
+        secrets = load_secrets_from_config || load_secrets_from_disk
+        next unless secrets
+
+        secrets = JSON.parse(secrets, symbolize_names: true)
 
-        secrets = JSON.parse(json_file.read, symbolize_names: true)
         Rails.application.secrets.deep_merge!(secrets) if set_secrets
         # Merging into `credentials.config` because in Rails 7.0, reading a credential with
         # Rails.application.credentials[:some_credential] won't work otherwise.
@@ -32,6 +33,14 @@ module EJSON
       class << self
         private
 
+        def load_secrets_from_config
+          ejson_secret_source&.call
+        end
+
+        def load_secrets_from_disk
+          json_files.detect { |file| valid?(file) }&.read
+        end
+
         def valid?(pathname)
           pathname.exist?
         end

data/lib/ejson/rails/version.rb

@@ -2,6 +2,6 @@
 
 module EJSON
   module Rails
-    VERSION = "0.2.1"
+    VERSION = "0.2.2"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ejson-rails
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Gannon McGibbon
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-12-04 00:00:00.000000000 Z
+date: 2024-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ejson
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.2'
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.2'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -109,14 +109,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.0
+      version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.21
+rubygems_version: 3.5.10
 signing_key: 
 specification_version: 4
 summary: Asymmetric keywise encryption for JSON on Rails