encrypt_env 1.2.2 → 1.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 39d324cf43ef142486ae13f849ef25d421c4b84a889bfb620ba02febe43734ac
-  data.tar.gz: 3744f4b529dfe535d98dd94392b0aa527e102c8cbfb57696e53469794dbb0203
+  metadata.gz: c1c84dbd7de0bdce6a21e412fbadf6652fa6828283e034478408f0d1ac9e7a26
+  data.tar.gz: 8b40b35df40234c55fc6210bbb720564b3a342195636d2b3e8c4b17d0bb38fd7
 SHA512:
-  metadata.gz: 9e660e1d3390110ddbdfae62a8e4d0c331e6703c696af4202f158fedd5227a165b59bcf3d43449fa6d96f21658cf260db7d607f46faf070aefdc206cfa9a92b0
-  data.tar.gz: 07ed2e14def1acebde149fdba0f9e22d2c85ddfdf9fc1d08c9d0ee0fdbe0cc85f19f9b762361a7e2d97ff99efc7cbd1c49fde82057b755d98bde20556c8e7030
+  metadata.gz: 871c3408a490cdc32e486eff60e787961c1915aa65fc3d7bba6cd10b15b3439b0a9d4b941abf0459427019ca0736bec381c567958c88c86d5542f35e63880cce
+  data.tar.gz: 0bcbbe97212f1ef1ce7c49b6184dd07ab1b3beb09a2abfc0e290abe5951b5c794e2df0a1340a38389dd825b563f966a5ae897ccecb361271165e31cc0130f46c

data/bin/encrypt_env

@@ -3,6 +3,7 @@
 # frozen_string_literal: true
 
 require 'encrypt_env'
+require_relative '../lib/encrypt_env/version'
 
 argv = ARGV
 action = argv.shift
@@ -27,17 +28,46 @@ elsif action == 'edit'
     EncryptEnv.edit
   end
   exit 0
+elsif action == 'get'
+  key = argv[0]
+  env = argv[1]
+  EncryptEnv.valueof(key, env)
+  exit 0
+elsif action == 'new'
+  key = argv[0]
+  env = argv[1]
+  EncryptEnv.update_variable(key, env, true)
+  exit 0
+elsif action == 'update'
+  key = argv[0]
+  env = argv[1]
+  EncryptEnv.update_variable(key, env, false)
+  exit 0
+elsif action == 'delete'
+  key = argv[0]
+  env = argv[1]
+  EncryptEnv.delete_variable(key, env)
+  exit 0
+elsif ['-v', '--version', 'version'].include?(action)
+  puts Version::VERSION
+  exit 0
 elsif ['help', '--help', '-h'].include?(action)
   puts <<~HELP
     Usage:
-      encrypt_env setup
-      encrypt_env secrets
-      encrypt_env secrets_all
-      encrypt_env edit
+      encrypt_env setup                                  # To setup for the firt time
+      encrypt_env show all                               # To show all environment variables
+      encrypt_env show / encrypt_env show [environment]  # To show environment variables
+      encrypt_env edit / encrypt_env edit [environment]  # To edit environment variables
+      encrypt_env add variable_name [environment]        # To add environment variable
+      encrypt_env get variable_name [environment]        # To show value of specific variable
+      encrypt_env update variable_name [environment]     # To edit value of specific variable
+      encrypt_env delete variable_name [environment]     # To delete specific variable
+    Or: Visit "https://github.com/nnhutan/encrypt_env" for more information
   HELP
 
   exit 0
 else
   puts "Unknown action: #{action}"
+  puts "Use 'encrypt_env -h' for more help"
   exit 1
 end

data/lib/encrypt_env/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Version
+  VERSION = '1.3.2'
+end

data/lib/encrypt_env.rb

@@ -11,6 +11,8 @@ require 'json'
 # rubocop:disable Metrics/ClassLength
 # rubocop:disable Metrics/MethodLength
 class EncryptEnv
+  @root_path = Dir.pwd
+
   private_class_method def self.define_option
     puts "Options to 'encrypt secrets.yml' file"
     puts '1. Generate only one master.key and one encrypted file for all environment'
@@ -27,13 +29,12 @@ class EncryptEnv
   end
 
   private_class_method def self.load_curr_opt
-    if File.file?("#{Dir.pwd}/config/secrets.yml.enc")
+    if File.file?("#{@root_path}/config/secrets.yml.enc")
       @opt = 1
-    elsif Dir["#{Dir.pwd}/config/secrets_*.yml.enc"].length.positive?
+    elsif Dir["#{@root_path}/config/secrets_*.yml.enc"].length.positive?
       @opt = 2
     else
-      puts 'You must setup first to encrypt file!'
-      exit
+      raise 'You must setup first to encrypt file!'
     end
   end
 
@@ -47,17 +48,21 @@ class EncryptEnv
 
   private_class_method def self.check_key_existence(env = nil)
     file_name = env.nil? ? 'master.key' : "master_#{env}.key"
-    return if File.file?("#{Dir.pwd}/config/#{file_name}")
-    # return if Dir["#{Dir.pwd}/config/master_*.key"].length.positive? && @opt == 2
+    return if File.file?("#{@root_path}/config/#{file_name}")
     return if ENV.key?('MASTER_KEY')
 
-    puts 'Please provide master key!'
-    exit
+    message = env ? "Missing key of #{env} environment!" : 'Missing master key!'
+    raise message
   end
 
   private_class_method def self.load_master_key(env = nil)
-    check_key_existence(env)
-    file_path = env ? "#{Dir.pwd}/config/master_#{env}.key" : "#{Dir.pwd}/config/master.key"
+    begin
+      check_key_existence(env)
+    rescue StandardError => e
+      raise e.message
+    end
+
+    file_path = env ? "#{@root_path}/config/master_#{env}.key" : "#{@root_path}/config/master.key"
     key = File.file?(file_path) ? File.read(file_path).strip : ENV['MASTER_KEY']
     @master_key = [key].pack('H*')
   end
@@ -65,28 +70,28 @@ class EncryptEnv
   private_class_method def self.generate_keys
     if @opt == 1
       key = OpenSSL::Random.random_bytes(16)
-      File.open("#{Dir.pwd}/config/master.key", 'w') { |file| file.write(key.unpack('H*')[0]) }
+      File.open("#{@root_path}/config/master.key", 'w') { |file| file.write(key.unpack('H*')[0]) }
     else
       to_hash_type(@content_to_encrypt).each_key do |env|
         next if env == 'default'
 
         key = OpenSSL::Random.random_bytes(16)
-        File.open("#{Dir.pwd}/config/master_#{env}.key", 'w') { |file| file.write(key.unpack('H*')[0]) }
+        File.open("#{@root_path}/config/master_#{env}.key", 'w') { |file| file.write(key.unpack('H*')[0]) }
       end
     end
   end
 
   private_class_method def self.load_content_to_encrypt
-    secret_file = File.expand_path("#{Dir.pwd}/config/secrets.yml")
+    secret_file = File.expand_path("#{@root_path}/config/secrets.yml")
     @content_to_encrypt = File.read(secret_file)
   end
 
   private_class_method def self.to_hash_type(raw_data)
-    HashWithIndifferentAccess.new(YAML.load(raw_data, aliases: true))
+    HashWithIndifferentAccess.new(::YAML.load(raw_data, aliases: true))
   end
 
   private_class_method def self.load_encrypted_data(env = nil)
-    file_path = env ? "#{Dir.pwd}/config/secrets_#{env}.yml.enc" : "#{Dir.pwd}/config/secrets.yml.enc"
+    file_path = env ? "#{@root_path}/config/secrets_#{env}.yml.enc" : "#{@root_path}/config/secrets.yml.enc"
     hex_string = File.read(file_path)
     raw_data = [hex_string].pack('H*')
 
@@ -97,7 +102,7 @@ class EncryptEnv
   end
 
   private_class_method def self.encrypt(content, typ = nil)
-    file_path = typ ? "#{Dir.pwd}/config/secrets_#{typ}.yml.enc" : "#{Dir.pwd}/config/secrets.yml.enc"
+    file_path = typ ? "#{@root_path}/config/secrets_#{typ}.yml.enc" : "#{@root_path}/config/secrets.yml.enc"
     cipher = OpenSSL::Cipher.new('aes-128-gcm')
     cipher.encrypt
     cipher.key = @master_key
@@ -110,7 +115,11 @@ class EncryptEnv
   end
 
   private_class_method def self.decrypt(env = nil)
-    load_master_key(env)
+    begin
+      load_master_key(env)
+    rescue StandardError => e
+      raise e.message
+    end
 
     decipher = OpenSSL::Cipher.new('aes-128-gcm')
     decipher.decrypt
@@ -125,13 +134,13 @@ class EncryptEnv
     @decrypted = to_hash_type(@raw_decrypted)
   # Catch error if master key is wrong
   rescue OpenSSL::Cipher::CipherError
-    puts 'Master key is wrong!'
-    exit
+    message = env ? "Master key of #{env} environment is wrong!" : 'Master key is wrong!'
+    raise message
   end
 
   private_class_method def self.all_decrypted_object
     obj = {}
-    env_lst = Dir["#{Dir.pwd}/config/secrets_*.yml.enc"].map do |path|
+    env_lst = Dir["#{@root_path}/config/secrets_*.yml.enc"].map do |path|
       path.scan(/secrets_(.*)\.yml\.enc/).flatten.first
     end
     env_lst.each do |e|
@@ -159,6 +168,10 @@ class EncryptEnv
       decrypt(env || current_env)
       @decrypted
     end
+  rescue StandardError => e
+    puts e.message
+    @have_error = true
+    {}
   end
 
   def self.setup
@@ -178,9 +191,9 @@ class EncryptEnv
       end
     end
 
-    File.rename("#{Dir.pwd}/config/secrets.yml", "#{Dir.pwd}/config/secrets.yml.old")
-    system("echo '/config/master*.key' >> #{Dir.pwd}/.gitignore")
-    system("echo '/config/secrets.yml.old' >> #{Dir.pwd}/.gitignore")
+    File.rename("#{@root_path}/config/secrets.yml", "#{@root_path}/config/secrets.yml.old")
+    system("echo '/config/master*.key' >> #{@root_path}/.gitignore")
+    system("echo '/config/secrets.yml.old' >> #{@root_path}/.gitignore")
     system("echo 'Set up complete!'")
   end
 
@@ -197,10 +210,89 @@ class EncryptEnv
       encrypt(File.read(f.path), env)
       @decrypted = nil
     end
+  rescue StandardError => e
+    puts e.message
   end
 
   def self.show(env = nil)
-    jj secrets(env)
+    require 'awesome_print'
+    require 'date'
+    value = secrets(env)
+    ap(value) unless @have_error
+    # jj value unless @have_error
+    @have_error = false
+  end
+
+  def self.valueof(key, env = nil)
+    tail_msg = env ? " in '#{env}' environent" : nil
+    value = secrets(env)
+    unless value.key?(key)
+      puts "key '#{key}' does not exist#{tail_msg}!"
+      return
+    end
+    puts value[key]
+  end
+
+  def self.delete_variable(key, env = nil)
+    load_curr_opt unless @opt
+    if @opt == 1
+      puts 'Only for option 2!'
+      return
+    end
+
+    tail_msg = env ? " in '#{env}' environent" : nil
+    confirm = "Really? You want to delete '#{key}'#{tail_msg}? (y/n)"
+    puts confirm
+    a = $stdin.gets.chomp
+    return unless a == 'y'
+
+    value = secrets(env)
+
+    unless value.key?(key)
+      puts "#{key} does not exist#{tail_msg}!"
+      return
+    end
+
+    value.delete(key)
+    encrypt(value.to_hash.to_yaml, env || current_env)
+    puts "Delete '#{key}' successfully!"
+  end
+
+  def self.update_variable(key, env = nil, add_variable = false)
+    load_curr_opt unless @opt
+    if @opt == 1
+      puts 'Only for option 2!'
+      return
+    end
+    tail_msg = env ? " in '#{env}' environment" : nil
+
+    value = secrets(env)
+    if add_variable && value.key?(key)
+      puts "Key existed#{tail_msg}!"
+      return
+    end
+
+    if !value.key?(key) && !add_variable
+      puts "'#{key}' does not exist#{tail_msg}. You want to add '#{key}' as the new key? (y/n)"
+      a = $stdin.gets.chomp
+      return unless a == 'y'
+
+      add_variable = true
+    end
+
+    action = add_variable && 'add' || 'edit'
+    file_name = env ? "#{action}_#{key}_#{env}" : "#{action}_#{key}"
+
+    Tempfile.create(file_name) do |f|
+      f.write(value[key])
+      f.flush
+      f.rewind
+      system("vim #{f.path}")
+      new_value = File.read(f.path)
+      value[key] = new_value.strip
+      encrypt(value.to_hash.to_yaml, env || current_env)
+      @decrypted = nil
+    end
   end
 end
 # rubocop:enable Metrics/ClassLength

metadata

@@ -1,15 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: encrypt_env
 version: !ruby/object:Gem::Version
-  version: 1.2.2
+  version: 1.3.2
 platform: ruby
 authors:
 - Nhu Tan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-10 00:00:00.000000000 Z
-dependencies: []
+date: 2022-08-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: awesome_print
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.9.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.9.2
 description: Encrypts and decrypts environment variables
 email: nhutan2001@gmail.com
 executables:
@@ -19,6 +39,7 @@ extra_rdoc_files: []
 files:
 - bin/encrypt_env
 - lib/encrypt_env.rb
+- lib/encrypt_env/version.rb
 homepage: https://github.com/nnhutan/encrypt_env.git
 licenses:
 - MIT