encrypted_env 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +3 -0
- data/.rspec +2 -0
- data/.rvmrc +2 -0
- data/.travis.yml +6 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +28 -0
- data/LICENSE +22 -0
- data/MIT-LICENSE +20 -0
- data/README.md +177 -0
- data/Rakefile +2 -0
- data/bin/encryptenv +5 -0
- data/encrypted_env.gemspec +21 -0
- data/lib/encrypted_env.rb +51 -0
- data/lib/encrypted_env/base64.rb +8 -0
- data/lib/encrypted_env/cli.rb +43 -0
- data/lib/encrypted_env/env.rb +11 -0
- data/lib/encrypted_env/version.rb +3 -0
- data/spec/encrypted_env_spec.rb +85 -0
- data/spec/env_spec.rb +19 -0
- data/spec/spec_helper.rb +16 -0
- metadata +129 -0
data/.gitignore
ADDED
data/.rspec
ADDED
data/.rvmrc
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
encrypted_env (0.0.1)
|
5
|
+
encryptor
|
6
|
+
thor
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
diff-lcs (1.1.3)
|
12
|
+
encryptor (1.1.3)
|
13
|
+
rspec (2.11.0)
|
14
|
+
rspec-core (~> 2.11.0)
|
15
|
+
rspec-expectations (~> 2.11.0)
|
16
|
+
rspec-mocks (~> 2.11.0)
|
17
|
+
rspec-core (2.11.1)
|
18
|
+
rspec-expectations (2.11.2)
|
19
|
+
diff-lcs (~> 1.1.3)
|
20
|
+
rspec-mocks (2.11.1)
|
21
|
+
thor (0.15.4)
|
22
|
+
|
23
|
+
PLATFORMS
|
24
|
+
ruby
|
25
|
+
|
26
|
+
DEPENDENCIES
|
27
|
+
encrypted_env!
|
28
|
+
rspec (~> 2.0)
|
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2012 John Kamenik
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2012 John Kamenik - john@waterfallfms.com
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,177 @@
|
|
1
|
+
# EncryptedEnv
|
2
|
+
|
3
|
+
Allows you to read from and write to the ENV in an encrypted way. This is useful if you are running an app on a server
|
4
|
+
that do you not have complete control over (Heroku). You can place an encryption key in your code, or in the database.
|
5
|
+
You can then place your various API tokens in the ENV encrypted.
|
6
|
+
|
7
|
+
If you also use attr_encypted to encrypt database columns and store the ENV decryption key in an encrypted column then
|
8
|
+
a hacker would have to get your code, your database, and your running ENV to get your API keys. Not 100% fool proof
|
9
|
+
but a lot more secure.
|
10
|
+
|
11
|
+
[![Build Status](https://secure.travis-ci.org/WaterfallFMS/encrypted_env.png)](http://travis-ci.org/WaterfallFMS/encrypted_env)
|
12
|
+
|
13
|
+
## Installation
|
14
|
+
|
15
|
+
Add this line to your application's Gemfile:
|
16
|
+
|
17
|
+
gem 'encrypted_env', :git => 'git@github.com:WaterfallFMS/encrypted_env.git'
|
18
|
+
|
19
|
+
And then execute:
|
20
|
+
|
21
|
+
$ bundle install
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
### Decypting ENV variables (programatically)
|
26
|
+
|
27
|
+
If the gem is in your Gemfile then you can just start using it. Otherwise `require 'encrypted_env'` should be in your
|
28
|
+
boot script. Also in the boot script, set the default encryption key
|
29
|
+
`EncryptedEnv.default_options = {:key => 'default key'}`. If you have a different `:algorithm` you can set that too.
|
30
|
+
|
31
|
+
Anywhere you use `ENV['KEY']` change it to `ENV.decrypt('KEY')`.
|
32
|
+
|
33
|
+
If you decrypt variables using different keys and algorithms you can pass those in as options to `decrypt`: `Env.decrypt('KEY',:key => 'other encryption key')
|
34
|
+
|
35
|
+
Example:
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
# rails config/initializers/asset_sync.rb
|
39
|
+
require 'encrypted_env'
|
40
|
+
|
41
|
+
EncryptedEnv.default_options = {:key => 'super secret', :algorithm => 'aes-256-ecb'}
|
42
|
+
|
43
|
+
AssetSync.configure do |config|
|
44
|
+
config.fog_provider = 'AWS'
|
45
|
+
config.aws_access_key_id = ENV.decrypt('AWS_ACCESS_KEY')
|
46
|
+
config.aws_secret_access_key = ENV.decrypt('AWS_SECRET_ACCESS_KEY')
|
47
|
+
config.fog_directory = ENV.decrypt('AWS_DIRECTORY')
|
48
|
+
end
|
49
|
+
```
|
50
|
+
|
51
|
+
|
52
|
+
### Decrypting ENV Variables (from shell)
|
53
|
+
|
54
|
+
`encrypt_env` actually has a decrypt option as well. It will only read values in the ENV.
|
55
|
+
|
56
|
+
```bash
|
57
|
+
$ encrypted_env decrypt key -k ENCRYPTION_KEY
|
58
|
+
key: value
|
59
|
+
```
|
60
|
+
|
61
|
+
Full flow might be something like this.
|
62
|
+
|
63
|
+
```bash
|
64
|
+
$ encrypted_env bash KEY=test OTHER=good -k FOOBAR > output.txt ; source output.txt
|
65
|
+
$ encrypted_env decrypt KEY OTHER -k foobar
|
66
|
+
# Encryption is case sensitive, hence no output
|
67
|
+
$ encrypted_env decrypt KEY OTHER -k FOOBAR
|
68
|
+
KEY: test
|
69
|
+
OTHER: good
|
70
|
+
```
|
71
|
+
|
72
|
+
### Encrypting ENV Variables
|
73
|
+
|
74
|
+
Ruby provides no way to write environment variables, without some serious hacks. However, it is pretty often that
|
75
|
+
ENV is used to pass information into a ruby program at start (RAILS_ENV for example). Often times this will include
|
76
|
+
API keys so that they do not have been stored in sources or HD.
|
77
|
+
|
78
|
+
`encrypt_env` provides output that can be used to print assignment commands that can be used to set up an env with the
|
79
|
+
data already encyrpted.
|
80
|
+
|
81
|
+
#### Bash
|
82
|
+
|
83
|
+
Bash is the default output.
|
84
|
+
|
85
|
+
Print something that bash will understand.
|
86
|
+
|
87
|
+
```bash
|
88
|
+
$ ecrypted_env bash var=value var1="value1" etc...
|
89
|
+
```
|
90
|
+
|
91
|
+
Why not just execute set the ENV from it.
|
92
|
+
|
93
|
+
```bash
|
94
|
+
$ encrypt_env bash var=value > output.txt ; source output.txt
|
95
|
+
```
|
96
|
+
|
97
|
+
#### Heroku
|
98
|
+
|
99
|
+
Print something that heorku will understand.
|
100
|
+
|
101
|
+
```bash
|
102
|
+
$ ecrypted_env heroku var=value var1="value1" etc...
|
103
|
+
```
|
104
|
+
|
105
|
+
If you already have heroku installed, why not just execute it directly.
|
106
|
+
|
107
|
+
```bash
|
108
|
+
$ `encrypt_env heroku var=value`
|
109
|
+
```
|
110
|
+
|
111
|
+
If you have more then one heroku app for the repo you can specify it with `-r`.
|
112
|
+
|
113
|
+
```bash
|
114
|
+
$ `encrypt_env heroku -r staging var=value`
|
115
|
+
```
|
116
|
+
|
117
|
+
### Custom Algorithms
|
118
|
+
|
119
|
+
Run `openssl list-cipher-commands` to view a list of algorithms supported on your platform. See http://github.com/shuber/encryptor for more information.
|
120
|
+
|
121
|
+
```
|
122
|
+
aes-128-cbc
|
123
|
+
aes-128-ecb
|
124
|
+
aes-192-cbc
|
125
|
+
aes-192-ecb
|
126
|
+
aes-256-cbc
|
127
|
+
aes-256-ecb
|
128
|
+
base64
|
129
|
+
bf
|
130
|
+
bf-cbc
|
131
|
+
bf-cfb
|
132
|
+
bf-ecb
|
133
|
+
bf-ofb
|
134
|
+
cast
|
135
|
+
cast-cbc
|
136
|
+
cast5-cbc
|
137
|
+
cast5-cfb
|
138
|
+
cast5-ecb
|
139
|
+
cast5-ofb
|
140
|
+
des
|
141
|
+
des-cbc
|
142
|
+
des-cfb
|
143
|
+
des-ecb
|
144
|
+
des-ede
|
145
|
+
des-ede-cbc
|
146
|
+
des-ede-cfb
|
147
|
+
des-ede-ofb
|
148
|
+
des-ede3
|
149
|
+
des-ede3-cbc
|
150
|
+
des-ede3-cfb
|
151
|
+
des-ede3-ofb
|
152
|
+
des-ofb
|
153
|
+
des3
|
154
|
+
desx
|
155
|
+
idea
|
156
|
+
idea-cbc
|
157
|
+
idea-cfb
|
158
|
+
idea-ecb
|
159
|
+
idea-ofb
|
160
|
+
rc2
|
161
|
+
rc2-40-cbc
|
162
|
+
rc2-64-cbc
|
163
|
+
rc2-cbc
|
164
|
+
rc2-cfb
|
165
|
+
rc2-ecb
|
166
|
+
rc2-ofb
|
167
|
+
rc4
|
168
|
+
rc4-40
|
169
|
+
```
|
170
|
+
|
171
|
+
## Contributing
|
172
|
+
|
173
|
+
1. Fork it
|
174
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
175
|
+
3. Commit your changes (`git commit -am 'Added some feature'`)
|
176
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
177
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
data/bin/encryptenv
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
require File.expand_path('../lib/encrypted_env/version', __FILE__)
|
3
|
+
|
4
|
+
Gem::Specification.new do |gem|
|
5
|
+
gem.authors = ["John Kamenik"]
|
6
|
+
gem.email = ["john@waterfallfms.com"]
|
7
|
+
gem.description = %q{Allows for reading and writing to the ENV in an encrypted way}
|
8
|
+
gem.summary = %q{Allows for reading and writing to the ENV in an encrypted way}
|
9
|
+
gem.homepage = "https://github.com/WaterfallFMS/encrypted_env"
|
10
|
+
|
11
|
+
gem.files = `git ls-files`.split($\)
|
12
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
13
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
14
|
+
gem.name = "encrypted_env"
|
15
|
+
gem.require_paths = ["lib"]
|
16
|
+
gem.version = EncryptedEnv::VERSION
|
17
|
+
|
18
|
+
gem.add_dependency "encryptor"
|
19
|
+
gem.add_dependency 'thor'
|
20
|
+
gem.add_development_dependency "rspec", "~> 2.0"
|
21
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
require "encrypted_env/version"
|
2
|
+
require 'encrypted_env/env'
|
3
|
+
require 'encryptor'
|
4
|
+
require 'base64'
|
5
|
+
require 'encrypted_env/base64'
|
6
|
+
|
7
|
+
ENV.send(:extend, EncryptedEnv::ENV)
|
8
|
+
|
9
|
+
module EncryptedEnv
|
10
|
+
# The default options used when called encrypt and decrypt
|
11
|
+
#
|
12
|
+
# Defaults to Encryptor.default_options, or { :algorithm => 'aes-256-cbc' }
|
13
|
+
def self.default_options
|
14
|
+
@default_options || ::Encryptor.default_options
|
15
|
+
end
|
16
|
+
|
17
|
+
# Sets some default options that are globally used
|
18
|
+
#
|
19
|
+
# Valid keys are
|
20
|
+
# :key -> The encryption key
|
21
|
+
# :algorithm -> run 'openssl list-cipher-commands' to see what can be used
|
22
|
+
def self.default_options=(options={})
|
23
|
+
@default_options = default_options.merge(options)
|
24
|
+
end
|
25
|
+
|
26
|
+
|
27
|
+
# Encrypts a value and base64 encodes it into the ENV
|
28
|
+
def self.encrypt(value,options={})
|
29
|
+
encrypted_value = Encryptor.encrypt(self.default_options.merge(options).merge(:value => value.to_s))
|
30
|
+
|
31
|
+
Base64.strict_encode64 encrypted_value.to_s
|
32
|
+
end
|
33
|
+
|
34
|
+
# Decrypt a value already stored in the ENV. The value is assumed be Base64 encoded
|
35
|
+
def self.decrypt(key,options={})
|
36
|
+
decoded_value = Base64.decode64 env[key]
|
37
|
+
|
38
|
+
Encryptor.decrypt(self.default_options.merge(options).merge(:value => decoded_value))
|
39
|
+
end
|
40
|
+
|
41
|
+
# Returns a hash like structure that should be the ENV. It defaults to ::ENV
|
42
|
+
def self.env
|
43
|
+
@env || ::ENV
|
44
|
+
end
|
45
|
+
|
46
|
+
# Allows the setting of the environment to something other then ::ENV. Good for testing or if you are serializing
|
47
|
+
# to something. The items passed should behave like a Hash
|
48
|
+
def self.env=(env)
|
49
|
+
@env = env
|
50
|
+
end
|
51
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
require 'thor'
|
2
|
+
require 'encrypted_env'
|
3
|
+
|
4
|
+
module EncryptedEnv
|
5
|
+
class Cli < Thor
|
6
|
+
desc "bash key=value key1=value1 ...", "prints output that bash can understand"
|
7
|
+
method_option :key, :aliases => '-k', :type => :string, :required => true
|
8
|
+
def bash(*args)
|
9
|
+
encrypt(*args) do |key,value|
|
10
|
+
puts %Q(export "#{key}"="#{value}")
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
desc "heroku key=value key1=value1 ...", 'prints output that heroku can understand'
|
15
|
+
method_option :remote, :aliases => '-r', :type => :string
|
16
|
+
method_option :key, :aliases => '-k', :type => :string, :required => true
|
17
|
+
def heroku(*args)
|
18
|
+
heroku_opt = "-r #{options[:remote]}" if options[:remote]
|
19
|
+
encrypt(*args) do |key,value|
|
20
|
+
puts %Q(heroku config:add #{heroku_opt} "#{key}=#{value}")
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
no_tasks do
|
25
|
+
def encrypt(*args, &block)
|
26
|
+
EncryptedEnv.default_options = {:key => options[:key]}
|
27
|
+
args.each do |arg|
|
28
|
+
key,value = arg.split('=')
|
29
|
+
yield key, EncryptedEnv.encrypt(value)
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
desc 'decrypt key ...', 'Decrypts a key in the ENV'
|
35
|
+
method_option :key, :aliases => '-k', :type => :string, :required => true
|
36
|
+
def decrypt(*args)
|
37
|
+
EncryptedEnv.default_options = {:key => options[:key]}
|
38
|
+
args.each do |key|
|
39
|
+
puts "#{key}: #{::ENV.decrypt key}" rescue nil
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe EncryptedEnv do
|
4
|
+
before do
|
5
|
+
EncryptedEnv.class_eval "@default_options = nil"
|
6
|
+
end
|
7
|
+
|
8
|
+
context "#default_options" do
|
9
|
+
it 'should be Encryptor default value' do
|
10
|
+
EncryptedEnv.default_options.should == ::Encryptor.default_options
|
11
|
+
end
|
12
|
+
|
13
|
+
it 'should return overridden values' do
|
14
|
+
# maybe it isn't good to depend on this function, but it should work
|
15
|
+
EncryptedEnv.default_options = {:foo => :bar}
|
16
|
+
Encryptor.should_not_receive(:default_options)
|
17
|
+
|
18
|
+
EncryptedEnv.default_options[:foo].should == :bar
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
context "#default_options=" do
|
23
|
+
it 'should store any key passed' do
|
24
|
+
EncryptedEnv.default_options = {:key => :value}
|
25
|
+
|
26
|
+
EncryptedEnv.default_options.should include(:key)
|
27
|
+
end
|
28
|
+
|
29
|
+
it 'should allow rewriting of any previously written key' do
|
30
|
+
EncryptedEnv.default_options = {:algorithm => :bf}
|
31
|
+
|
32
|
+
EncryptedEnv.default_options[:algorithm].should == :bf
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
context "#encrypt" do
|
37
|
+
it 'should return the encrypted value' do
|
38
|
+
# we can't actually write to the env directly, but we can print a value that can be used directly
|
39
|
+
EncryptedEnv.encrypt('this is a test', :key => 'test').should_not be_nil
|
40
|
+
end
|
41
|
+
|
42
|
+
it 'should pass all optional args merged with defaults to the Encryptor' do
|
43
|
+
Encryptor.should_receive(:encrypt).with(Encryptor.default_options.merge(:foo => :bar, :baz => :aaa, :value => 'value', :key => 'test'))
|
44
|
+
EncryptedEnv.default_options = {:foo => :bar}
|
45
|
+
|
46
|
+
EncryptedEnv.encrypt(:value, :baz => :aaa, :key => 'test')
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'should base64 encode the value before dumping in the ENV' do
|
50
|
+
value = Encryptor.encrypt(:value => 'this is a test', :key => 'test')
|
51
|
+
Base64.should_receive(:strict_encode64).with(value)
|
52
|
+
|
53
|
+
EncryptedEnv.encrypt('this is a test', :key => 'test')
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
context "#decrypt" do
|
58
|
+
before do
|
59
|
+
EncryptedEnv.default_options = {:key => 'hello world'}
|
60
|
+
@value = EncryptedEnv.encrypt('testing')
|
61
|
+
EncryptedEnv.env = {'TEST_VALUE' => @value}
|
62
|
+
end
|
63
|
+
|
64
|
+
|
65
|
+
it 'should pass all optional args merged with defaults to the Encryptor' do
|
66
|
+
Encryptor.should_receive(:decrypt).with(
|
67
|
+
Encryptor.default_options.merge(:foo => :bar, :baz => :aaa,:key => 'hello world',:value => Base64.decode64(@value))
|
68
|
+
)
|
69
|
+
EncryptedEnv.default_options = {:foo => :bar}
|
70
|
+
|
71
|
+
EncryptedEnv.decrypt('TEST_VALUE', :baz => :aaa)
|
72
|
+
end
|
73
|
+
|
74
|
+
it 'should base64 decode the ENV before processing' do
|
75
|
+
decoded = Base64.decode64 EncryptedEnv.env['TEST_VALUE']
|
76
|
+
Base64.should_receive(:decode64).with(@value).and_return decoded
|
77
|
+
|
78
|
+
EncryptedEnv.decrypt('TEST_VALUE')
|
79
|
+
end
|
80
|
+
|
81
|
+
it 'should return the decrypted value of the key' do
|
82
|
+
EncryptedEnv.decrypt('TEST_VALUE').should == 'testing'
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
data/spec/env_spec.rb
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe ENV do
|
4
|
+
context "#encypt" do
|
5
|
+
it 'should be a pass through to EncryptedEnv.encrypt method' do
|
6
|
+
EncryptedEnv.should_receive(:encrypt).with(:foo, :bar, :key => :baz)
|
7
|
+
|
8
|
+
ENV.encrypt(:foo, :bar, :key => :baz)
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
context "#decrypt" do
|
13
|
+
it 'should be a pass through to EncryptedEnv.decrypt method' do
|
14
|
+
EncryptedEnv.should_receive(:decrypt).with(:foo, :key => :baz)
|
15
|
+
|
16
|
+
ENV.decrypt(:foo, :key => :baz)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'bundler/setup'
|
3
|
+
|
4
|
+
require 'encrypted_env'
|
5
|
+
|
6
|
+
RSpec.configure do |config|
|
7
|
+
config.treat_symbols_as_metadata_keys_with_true_values = true
|
8
|
+
config.run_all_when_everything_filtered = true
|
9
|
+
config.filter_run :focus
|
10
|
+
|
11
|
+
# Run specs in random order to surface order dependencies. If you find an
|
12
|
+
# order dependency and want to debug it, you can fix the order by providing
|
13
|
+
# the seed, which is printed after each run.
|
14
|
+
# --seed 1234
|
15
|
+
config.order = 'random'
|
16
|
+
end
|
metadata
ADDED
@@ -0,0 +1,129 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: encrypted_env
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 29
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 1
|
10
|
+
version: 0.0.1
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- John Kamenik
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2012-08-14 00:00:00 Z
|
19
|
+
dependencies:
|
20
|
+
- !ruby/object:Gem::Dependency
|
21
|
+
name: encryptor
|
22
|
+
prerelease: false
|
23
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
24
|
+
none: false
|
25
|
+
requirements:
|
26
|
+
- - ">="
|
27
|
+
- !ruby/object:Gem::Version
|
28
|
+
hash: 3
|
29
|
+
segments:
|
30
|
+
- 0
|
31
|
+
version: "0"
|
32
|
+
type: :runtime
|
33
|
+
version_requirements: *id001
|
34
|
+
- !ruby/object:Gem::Dependency
|
35
|
+
name: thor
|
36
|
+
prerelease: false
|
37
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
38
|
+
none: false
|
39
|
+
requirements:
|
40
|
+
- - ">="
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
hash: 3
|
43
|
+
segments:
|
44
|
+
- 0
|
45
|
+
version: "0"
|
46
|
+
type: :runtime
|
47
|
+
version_requirements: *id002
|
48
|
+
- !ruby/object:Gem::Dependency
|
49
|
+
name: rspec
|
50
|
+
prerelease: false
|
51
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
52
|
+
none: false
|
53
|
+
requirements:
|
54
|
+
- - ~>
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
hash: 3
|
57
|
+
segments:
|
58
|
+
- 2
|
59
|
+
- 0
|
60
|
+
version: "2.0"
|
61
|
+
type: :development
|
62
|
+
version_requirements: *id003
|
63
|
+
description: Allows for reading and writing to the ENV in an encrypted way
|
64
|
+
email:
|
65
|
+
- john@waterfallfms.com
|
66
|
+
executables:
|
67
|
+
- encryptenv
|
68
|
+
extensions: []
|
69
|
+
|
70
|
+
extra_rdoc_files: []
|
71
|
+
|
72
|
+
files:
|
73
|
+
- .gitignore
|
74
|
+
- .rspec
|
75
|
+
- .rvmrc
|
76
|
+
- .travis.yml
|
77
|
+
- Gemfile
|
78
|
+
- Gemfile.lock
|
79
|
+
- LICENSE
|
80
|
+
- MIT-LICENSE
|
81
|
+
- README.md
|
82
|
+
- Rakefile
|
83
|
+
- bin/encryptenv
|
84
|
+
- encrypted_env.gemspec
|
85
|
+
- lib/encrypted_env.rb
|
86
|
+
- lib/encrypted_env/base64.rb
|
87
|
+
- lib/encrypted_env/cli.rb
|
88
|
+
- lib/encrypted_env/env.rb
|
89
|
+
- lib/encrypted_env/version.rb
|
90
|
+
- spec/encrypted_env_spec.rb
|
91
|
+
- spec/env_spec.rb
|
92
|
+
- spec/spec_helper.rb
|
93
|
+
homepage: https://github.com/WaterfallFMS/encrypted_env
|
94
|
+
licenses: []
|
95
|
+
|
96
|
+
post_install_message:
|
97
|
+
rdoc_options: []
|
98
|
+
|
99
|
+
require_paths:
|
100
|
+
- lib
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
102
|
+
none: false
|
103
|
+
requirements:
|
104
|
+
- - ">="
|
105
|
+
- !ruby/object:Gem::Version
|
106
|
+
hash: 3
|
107
|
+
segments:
|
108
|
+
- 0
|
109
|
+
version: "0"
|
110
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
111
|
+
none: false
|
112
|
+
requirements:
|
113
|
+
- - ">="
|
114
|
+
- !ruby/object:Gem::Version
|
115
|
+
hash: 3
|
116
|
+
segments:
|
117
|
+
- 0
|
118
|
+
version: "0"
|
119
|
+
requirements: []
|
120
|
+
|
121
|
+
rubyforge_project:
|
122
|
+
rubygems_version: 1.8.24
|
123
|
+
signing_key:
|
124
|
+
specification_version: 3
|
125
|
+
summary: Allows for reading and writing to the ENV in an encrypted way
|
126
|
+
test_files:
|
127
|
+
- spec/encrypted_env_spec.rb
|
128
|
+
- spec/env_spec.rb
|
129
|
+
- spec/spec_helper.rb
|