RubyGems - eyaml - Versions diffs - 0.4.3 → 0.4.4 - Mend

eyaml 0.4.3 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 00bde71da67e58726c900ee6a7136634ae077bec36610404aeb2ed79f6879408
-  data.tar.gz: 43c9ccc56469095c1c3f3e9fec7ef3d0f81506e0779729cac3f868131f96d72d
+  metadata.gz: e41f45dc204d0eca7c3f2dfa63a08c048937448fc1f9bda4adc1e208a6ccc08c
+  data.tar.gz: 46af6f44adf19aa9a5f79c049f0c95478337db8a644717a610b0330af167b1bf
 SHA512:
-  metadata.gz: bc297dd8373669826b9573d81657656a29dfcd57bfad2d549c7c3b6e8e79087b8c5035083bdb99f53ef5579fb0b384b60f8c6c72f6ccdfce9a103beab36a2e9a
-  data.tar.gz: 277e8b83fafa73c21e3136684d648fc0b6ebff29c7656e25d26594490da18635af4ae84bf6db06895c8372180816f056f746303a27642463886a599ed5165eda
+  metadata.gz: '082086ac47e16c02435e404cbfc9454ff761811c39f02618cdbe6cbf4afc67cc0c523919549fe467903dfb4c504b83a444d1f445af6a42e82110698d415ef61e'
+  data.tar.gz: 253fb1d949046d0cc7a79b2f33a8e9e5fa02fe13b7d82cc15a887f0452a262401f314a533f34dd642bbbb85bec8dccd6f417f0d4f834d3e90f21ef7cf2dd80aa

data/README.md CHANGED Viewed

@@ -114,6 +114,9 @@ Instead of needing a private key locally, you can provide it to EYAML by setting
 If you put your rails master key encrypted in the eyaml file, make sure you don't have another `master.key` file somewhere, since that can interfere.
+When setting the SECRET_KEY_BASE_DUMMY environment variable, the secrets/credentials loading will be skipped.
+This can be handy to for example do an asset precompilation step in production where you don't need any secrets/credentials.
 ### Example setup
 To add encryption + credentials to a rails project do the following things:

data/lib/eyaml/railtie.rb CHANGED Viewed

@@ -12,34 +12,37 @@ module EYAML
       end
       config.before_configuration do
-        if File.exist?(Rails.root.join("config", "master.key"))
-          raise ConflictError, "A config/master.key has been found. The rails credentials lookup conflicts with eyaml. Please remove rails credentials management by removing the master.key file to keep using eyaml."
-        end
-        secret_files_present = Dir.glob(auth_files(:secrets)).any?
-        credential_files_present = Dir.glob(auth_files(:credentials)).any?
+        unless ENV.fetch("SECRET_KEY_BASE_DUMMY", false)
+          # Allow rails to run without loading the credentials
+          if File.exist?(Rails.root.join("config", "master.key"))
+            raise ConflictError, "A config/master.key has been found. The rails credentials lookup conflicts with eyaml. Please remove rails credentials management by removing the master.key file to keep using eyaml."
+          end
+          secret_files_present = Dir.glob(auth_files(:secrets)).any?
+          credential_files_present = Dir.glob(auth_files(:credentials)).any?
-        secrets_or_credentials = if Rails.version >= "7.2"
-          :credentials
-        else
-          if credential_files_present
+          secrets_or_credentials = if Rails.version >= "7.2"
             :credentials
-          elsif secret_files_present
-            :secrets
+          else
+            if credential_files_present
+              :credentials
+            elsif secret_files_present
+              :secrets
+            end
           end
-        end
-        auth_files(secrets_or_credentials).each do |file|
-          next unless valid?(file)
+          auth_files(secrets_or_credentials).each do |file|
+            next unless valid?(file)
-          # If private_key is nil (i.e. when $EJSON_PRIVATE_KEY is not set), EYAML will search
-          # for a public/private key in the key directory (either $EJSON_KEYDIR, if set, or /opt/ejson/keys)
-          cipherdata = YAML.load_file(file)
-          secrets = EYAML.decrypt(cipherdata, private_key: ENV[PRIVATE_KEY_ENV_VAR])
-            .except("_public_key")
-          secrets = EYAML::Util.with_deep_deundescored_keys(secrets)
-            .deep_symbolize_keys
+            # If private_key is nil (i.e. when $EJSON_PRIVATE_KEY is not set), EYAML will search
+            # for a public/private key in the key directory (either $EJSON_KEYDIR, if set, or /opt/ejson/keys)
+            cipherdata = YAML.load_file(file)
+            secrets = EYAML.decrypt(cipherdata, private_key: ENV[PRIVATE_KEY_ENV_VAR])
+              .except("_public_key")
+            secrets = EYAML::Util.with_deep_deundescored_keys(secrets)
+              .deep_symbolize_keys
-          break Rails.application.send(secrets_or_credentials).deep_merge!(secrets)
+            break Rails.application.send(secrets_or_credentials).deep_merge!(secrets)
+          end
         end
       end

data/lib/eyaml/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module EYAML
-  VERSION = "0.4.3"
+  VERSION = "0.4.4"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: eyaml
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 0.4.4
 platform: ruby
 authors:
 - Emil Stolarsky
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-07-17 00:00:00.000000000 Z
+date: 2024-08-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor