encryptatron 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 0df17cc658773d7c73978f7c2e64e5f18bcc4b3f
4
+ data.tar.gz: f4289b74d7d492cfc7784a13616f58e11c9d0c2a
5
+ SHA512:
6
+ metadata.gz: 37e22dceb61ec29a64890e0a28e432664e9394e2338cd38b526ee33bcecfcfd437ab30c12ab6e394dd85844c21907b479cea511619d0278e9acc812e469bbaad
7
+ data.tar.gz: dc68666d0f59484fd1268e36c3bc235ad9a2ec9457e657cc0e1b01995c262290f4cd1023eedbd3638abe7d01902e7d77528d4c705d3ba48e91085b8bbd88159c
data/.gitignore ADDED
@@ -0,0 +1,12 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+
10
+ # rspec failure tracking
11
+ .rspec_status
12
+ .env
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,69 @@
1
+ AllCops:
2
+ Exclude:
3
+ - 'db/**/*'
4
+ - 'Vagrantfile'
5
+ - 'vendor/**/*'
6
+ Style/SingleLineBlockParams:
7
+ Enabled: false
8
+ Rails/TimeZone:
9
+ Enabled: false
10
+ Rails/Date:
11
+ Enabled: false
12
+ Style/MultilineBlockChain:
13
+ Enabled: false
14
+ Metrics/LineLength:
15
+ Enabled: false
16
+ Metrics/ClassLength:
17
+ Enabled: false
18
+ Rails/Output:
19
+ Enabled: false
20
+ Documentation:
21
+ Enabled: false
22
+ Style/ClassAndModuleChildren:
23
+ Enabled: false
24
+ Metrics/ParameterLists:
25
+ Enabled: false
26
+ Style/CommentAnnotation:
27
+ Enabled: false
28
+ Style/FileName:
29
+ Enabled: false
30
+ Style/Semicolon:
31
+ Enabled: false
32
+ Style/GuardClause:
33
+ Enabled: false
34
+ Style/PredicateName:
35
+ Enabled: false
36
+ Style/EachWithObject:
37
+ Enabled: false
38
+ Metrics/CyclomaticComplexity:
39
+ Enabled: false
40
+ Metrics/PerceivedComplexity:
41
+ Enabled: false
42
+ Metrics/AbcSize:
43
+ Enabled: false
44
+ Style/RaiseArgs:
45
+ Enabled: false
46
+ Style/DoubleNegation:
47
+ Enabled: false
48
+ Metrics/MethodLength:
49
+ Enabled: false
50
+ Style/AccessorMethodName:
51
+ Enabled: false
52
+ Style/SignalException:
53
+ Enabled: false
54
+ Style/RegexpLiteral:
55
+ Enabled: false
56
+ Style/Next:
57
+ Enabled: false
58
+ Lint/AssignmentInCondition:
59
+ Enabled: false
60
+ Style/PercentLiteralDelimiters:
61
+ Enabled: false
62
+ Style/StringLiterals:
63
+ Enabled: false
64
+ Style/SpaceAroundEqualsInParameterDefault:
65
+ Enabled: false
66
+ Metrics/BlockLength:
67
+ Enabled: false
68
+ Style/FrozenStringLiteralComment:
69
+ Enabled: false
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 2.3.5
data/.version ADDED
@@ -0,0 +1 @@
1
+ 1.0.0
data/Gemfile ADDED
@@ -0,0 +1,6 @@
1
+ source "https://rubygems.org"
2
+
3
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
4
+
5
+ # Specify your gem's dependencies in encryptatron.gemspec
6
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,63 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ encryptatron (1.0.0)
5
+ configatron (> 2)
6
+ deep_merge (> 1)
7
+ dotenv (> 1)
8
+
9
+ GEM
10
+ remote: https://rubygems.org/
11
+ specs:
12
+ ast (2.4.0)
13
+ coderay (1.1.2)
14
+ configatron (4.5.1)
15
+ deep_merge (1.2.1)
16
+ diff-lcs (1.3)
17
+ dotenv (2.4.0)
18
+ method_source (0.9.0)
19
+ parallel (1.12.1)
20
+ parser (2.5.1.0)
21
+ ast (~> 2.4.0)
22
+ powerpack (0.1.1)
23
+ pry (0.11.3)
24
+ coderay (~> 1.1.0)
25
+ method_source (~> 0.9.0)
26
+ rainbow (3.0.0)
27
+ rake (10.5.0)
28
+ rspec (3.7.0)
29
+ rspec-core (~> 3.7.0)
30
+ rspec-expectations (~> 3.7.0)
31
+ rspec-mocks (~> 3.7.0)
32
+ rspec-core (3.7.1)
33
+ rspec-support (~> 3.7.0)
34
+ rspec-expectations (3.7.0)
35
+ diff-lcs (>= 1.2.0, < 2.0)
36
+ rspec-support (~> 3.7.0)
37
+ rspec-mocks (3.7.0)
38
+ diff-lcs (>= 1.2.0, < 2.0)
39
+ rspec-support (~> 3.7.0)
40
+ rspec-support (3.7.1)
41
+ rubocop (0.56.0)
42
+ parallel (~> 1.10)
43
+ parser (>= 2.5)
44
+ powerpack (~> 0.1)
45
+ rainbow (>= 2.2.2, < 4.0)
46
+ ruby-progressbar (~> 1.7)
47
+ unicode-display_width (~> 1.0, >= 1.0.1)
48
+ ruby-progressbar (1.9.0)
49
+ unicode-display_width (1.3.3)
50
+
51
+ PLATFORMS
52
+ ruby
53
+
54
+ DEPENDENCIES
55
+ bundler (~> 1.16)
56
+ encryptatron!
57
+ pry (> 0)
58
+ rake (~> 10.0)
59
+ rspec (~> 3.0)
60
+ rubocop (~> 0.56)
61
+
62
+ BUNDLED WITH
63
+ 1.16.1
data/LICENSE ADDED
@@ -0,0 +1,27 @@
1
+ Copyright (c) 2018, GovDelivery
2
+ All rights reserved.
3
+
4
+ Redistribution and use in source and binary forms, with or without
5
+ modification, are permitted provided that the following conditions are met:
6
+
7
+ * Redistributions of source code must retain the above copyright notice, this
8
+ list of conditions and the following disclaimer.
9
+
10
+ * Redistributions in binary form must reproduce the above copyright notice,
11
+ this list of conditions and the following disclaimer in the documentation
12
+ and/or other materials provided with the distribution.
13
+
14
+ * Neither the name of GovDelivery nor the names of its
15
+ contributors may be used to endorse or promote products derived from
16
+ this software without specific prior written permission.
17
+
18
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21
+ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
22
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
24
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
25
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
26
+ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
data/README.md ADDED
@@ -0,0 +1,36 @@
1
+ # Encryptatron
2
+
3
+ Used to load encrypted data from disk into configatron.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'encryptatron'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ $ bundle
16
+
17
+ Or install it yourself as:
18
+
19
+ $ gem install encryptatron
20
+
21
+ ## Usage
22
+
23
+ 1. Run: `encryptatron encrypt file_to_encrypt.yml`
24
+ 2. Add: `ENCRYPTATRON_KEY=whatever` to your .env file and any CI environments that need it
25
+ 3. Initialize configatron: `Encryptatron.use('file_to_encrypt.yml')` or `configatron = Encryptatron.load('file_to_encrypt.yml')`
26
+ 4. Check in: `file_to_encrypt.yml.enc` and `file_to_encrypt.yml.iv`, you can check in `file_to_encrypt.yml` if you remove the secrets
27
+
28
+ ## Development
29
+
30
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
31
+
32
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
33
+
34
+ ## Contributing
35
+
36
+ Bug reports and pull requests are welcome on GitHub at https://github.com/govdelivery/encryptatron.
data/Rakefile ADDED
@@ -0,0 +1,5 @@
1
+ require "rspec/core/rake_task"
2
+
3
+ RSpec::Core::RakeTask.new(:spec)
4
+
5
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "encryptatron"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,40 @@
1
+
2
+ lib = File.expand_path('lib', __dir__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require "encryptatron/version"
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "encryptatron"
8
+ spec.version = Encryptatron::VERSION
9
+ spec.authors = ["Alex Ives"]
10
+ spec.email = ["alex.ives@granicus.com"]
11
+
12
+ spec.summary = 'Load and encrypt configuration files for configatron'
13
+ spec.homepage = "https://github.com/govdelivery/encryptatron"
14
+
15
+ # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
16
+ # to allow pushing to a single host or delete this section to allow pushing to any host.
17
+ if spec.respond_to?(:metadata)
18
+ spec.metadata["allowed_push_host"] = "https://rubygems.org"
19
+ else
20
+ raise "RubyGems 2.0 or newer is required to protect against " \
21
+ "public gem pushes."
22
+ end
23
+
24
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
25
+ f.match(%r{^(test|spec|features)/})
26
+ end
27
+ spec.bindir = "exe"
28
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
+ spec.require_paths = ["lib"]
30
+
31
+ spec.add_dependency "configatron", ">2"
32
+ spec.add_dependency "deep_merge", ">1"
33
+ spec.add_dependency "dotenv", ">1"
34
+
35
+ spec.add_development_dependency "bundler", "~> 1.16"
36
+ spec.add_development_dependency "pry", ">0"
37
+ spec.add_development_dependency "rake", "~> 10.0"
38
+ spec.add_development_dependency "rspec", "~> 3.0"
39
+ spec.add_development_dependency "rubocop", "~>0.56"
40
+ end
data/exe/encryptatron ADDED
@@ -0,0 +1,5 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'encryptatron'
4
+
5
+ Encryptatron::CLI.invoke(ARGV)
@@ -0,0 +1,39 @@
1
+ module Encryptatron
2
+ class CLI
3
+ def self.invoke(args)
4
+ env_key = ENV['ENCRYPTATRON_KEY']
5
+ key = env_key.nil? || env_key.empty? ? nil : env_key
6
+
7
+ optparse = OptionParser.new do |opts|
8
+ opts.banner = "Usage: encryptatron [flags] <encrypt|decrypt> <file>"
9
+
10
+ opts.on('-k', '--key [base64 encoded key]', 'Specify a base64 encoded encryption key') do |_key|
11
+ key = url
12
+ end
13
+
14
+ opts.on('-h', '--help', 'Show help message') do
15
+ puts opts
16
+ exit 1
17
+ end
18
+ end
19
+
20
+ params = optparse.parse!(args)
21
+ action = params[0]
22
+ unless params.length == 2 && (action == 'encrypt' || action == 'decrypt')
23
+ puts 'You must specify either encrypt or decrypt and a file'
24
+ puts optparse
25
+ exit 1
26
+ end
27
+
28
+ file = Encryptatron::FileHandler.new(params[1])
29
+ if action == 'encrypt'
30
+ file.load_unencrypted
31
+ new_key = file.encrypt!(key)
32
+ puts "Generated new encryption key: #{new_key}" unless key
33
+ elsif action == 'decrypt'
34
+ file.load_encrypted(key)
35
+ File.write(file.file, YAML.dump(file.data))
36
+ end
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,58 @@
1
+ require 'json'
2
+ require 'yaml'
3
+ require 'openssl'
4
+ require 'base64'
5
+ require 'deep_merge'
6
+
7
+ module Encryptatron
8
+ class FileHandler
9
+ attr_accessor :iv_file, :enc_file, :data
10
+ attr_reader :file
11
+
12
+ def initialize(file)
13
+ self.file = file
14
+ end
15
+
16
+ def file=(file)
17
+ @file = file
18
+ self.iv_file = "#{file}.iv"
19
+ self.enc_file = "#{file}.enc"
20
+ end
21
+
22
+ def load(key)
23
+ self.data = File.exist?(file) ? load_unencrypted : {}
24
+ data.deep_merge!(load_encrypted(key)) if File.exist?(enc_file) && File.exist?(iv_file)
25
+ data
26
+ end
27
+
28
+ def load_unencrypted
29
+ self.data = YAML.load_file(file) if File.exist?(file)
30
+ end
31
+
32
+ def load_encrypted(encoded_key)
33
+ key = Base64.decode64(encoded_key)
34
+ decipher = OpenSSL::Cipher::AES.new(256, :CBC)
35
+ decipher.decrypt
36
+ decipher.iv = File.read(iv_file)
37
+ decipher.key = key
38
+ encrypted = File.read(enc_file)
39
+
40
+ plain = decipher.update(encrypted) + decipher.final
41
+ self.data = JSON.parse(plain)
42
+ end
43
+
44
+ def encrypt!(encoded_key = nil)
45
+ cipher = OpenSSL::Cipher::AES.new(256, :CBC)
46
+ cipher.encrypt
47
+ key = encoded_key.nil? ? cipher.random_key : Base64.decode64(encoded_key)
48
+ cipher.key = key
49
+ iv = cipher.random_iv
50
+
51
+ encrypted = cipher.update(data.to_json) + cipher.final
52
+
53
+ File.write(enc_file, encrypted)
54
+ File.write(iv_file, iv)
55
+ Base64.encode64(key)
56
+ end
57
+ end
58
+ end
@@ -0,0 +1,3 @@
1
+ module Encryptatron
2
+ VERSION = File.read(File.join(__dir__, "../../.version")).freeze
3
+ end
@@ -0,0 +1,19 @@
1
+ require 'configatron'
2
+ require 'dotenv'
3
+ require 'encryptatron/cli'
4
+ require 'encryptatron/file'
5
+ require 'encryptatron/version'
6
+ require 'optparse'
7
+ Dotenv.load
8
+
9
+ module Encryptatron
10
+ def self.load(file)
11
+ file = Encryptatron::FileHandler.new(file)
12
+ file.load(ENV['ENCRYPTATRON_KEY'])
13
+ file.data
14
+ end
15
+
16
+ def self.use(file)
17
+ configatron.configure_from_hash(load(file))
18
+ end
19
+ end
metadata ADDED
@@ -0,0 +1,175 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: encryptatron
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Alex Ives
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2018-05-30 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: configatron
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">"
18
+ - !ruby/object:Gem::Version
19
+ version: '2'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">"
25
+ - !ruby/object:Gem::Version
26
+ version: '2'
27
+ - !ruby/object:Gem::Dependency
28
+ name: deep_merge
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">"
32
+ - !ruby/object:Gem::Version
33
+ version: '1'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">"
39
+ - !ruby/object:Gem::Version
40
+ version: '1'
41
+ - !ruby/object:Gem::Dependency
42
+ name: dotenv
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">"
46
+ - !ruby/object:Gem::Version
47
+ version: '1'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">"
53
+ - !ruby/object:Gem::Version
54
+ version: '1'
55
+ - !ruby/object:Gem::Dependency
56
+ name: bundler
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '1.16'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '1.16'
69
+ - !ruby/object:Gem::Dependency
70
+ name: pry
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">"
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">"
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rake
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '10.0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '10.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rspec
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '3.0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '3.0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rubocop
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '0.56'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '0.56'
125
+ description:
126
+ email:
127
+ - alex.ives@granicus.com
128
+ executables:
129
+ - encryptatron
130
+ extensions: []
131
+ extra_rdoc_files: []
132
+ files:
133
+ - ".gitignore"
134
+ - ".rspec"
135
+ - ".rubocop.yml"
136
+ - ".ruby-version"
137
+ - ".version"
138
+ - Gemfile
139
+ - Gemfile.lock
140
+ - LICENSE
141
+ - README.md
142
+ - Rakefile
143
+ - bin/console
144
+ - bin/setup
145
+ - encryptatron.gemspec
146
+ - exe/encryptatron
147
+ - lib/encryptatron.rb
148
+ - lib/encryptatron/cli.rb
149
+ - lib/encryptatron/file.rb
150
+ - lib/encryptatron/version.rb
151
+ homepage: https://github.com/govdelivery/encryptatron
152
+ licenses: []
153
+ metadata:
154
+ allowed_push_host: https://rubygems.org
155
+ post_install_message:
156
+ rdoc_options: []
157
+ require_paths:
158
+ - lib
159
+ required_ruby_version: !ruby/object:Gem::Requirement
160
+ requirements:
161
+ - - ">="
162
+ - !ruby/object:Gem::Version
163
+ version: '0'
164
+ required_rubygems_version: !ruby/object:Gem::Requirement
165
+ requirements:
166
+ - - ">="
167
+ - !ruby/object:Gem::Version
168
+ version: '0'
169
+ requirements: []
170
+ rubyforge_project:
171
+ rubygems_version: 2.5.2.1
172
+ signing_key:
173
+ specification_version: 4
174
+ summary: Load and encrypt configuration files for configatron
175
+ test_files: []