fastlane-plugin-secret_keeper 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/LICENSE +21 -0
- data/README.md +108 -0
- data/lib/fastlane/plugin/secret_keeper.rb +16 -0
- data/lib/fastlane/plugin/secret_keeper/actions/add_item_to_keychain_action.rb +59 -0
- data/lib/fastlane/plugin/secret_keeper/actions/read_item_from_keychain_action.rb +46 -0
- data/lib/fastlane/plugin/secret_keeper/actions/remove_item_from_keychain_action.rb +41 -0
- data/lib/fastlane/plugin/secret_keeper/helper/secret_keeper_helper.rb +12 -0
- data/lib/fastlane/plugin/secret_keeper/version.rb +5 -0
- metadata +149 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: a063ea2c1222ba379c38c0a602f8c981f5f81fb5
|
4
|
+
data.tar.gz: 0aa4e7d4640cbab0bc853d9d9dcca38796ba7c26
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 523991a02c0eed7c4d64a36bb100b3a6f9d40c1c66178c0e9c7672710ea2df9b8297bade571e7d947f7decac1eaddbc1d29eef3f8106690797173ec30895154c
|
7
|
+
data.tar.gz: 472ecdc17e679b3dcdda87e7b1e6da5b084bc032961de6870b538d07875eebd5cde215209d95da6d643b1d31562d1567972a6297a1e10122ab7bd910369a9aa2
|
data/LICENSE
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2019 Daniel Jankowski <daniell.jankowskii@gmail.com>
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,108 @@
|
|
1
|
+
# secret_keeper plugin
|
2
|
+
|
3
|
+
[![fastlane Plugin Badge](https://rawcdn.githack.com/fastlane/fastlane/master/fastlane/assets/plugin-badge.svg)](https://rubygems.org/gems/fastlane-plugin-secret_keeper)
|
4
|
+
|
5
|
+
## Getting Started
|
6
|
+
|
7
|
+
This project is a [_fastlane_](https://github.com/fastlane/fastlane) plugin. To get started with `fastlane-plugin-secret_keeper`, add it to your project by running:
|
8
|
+
|
9
|
+
```bash
|
10
|
+
fastlane add_plugin secret_keeper
|
11
|
+
```
|
12
|
+
|
13
|
+
## About secret_keeper
|
14
|
+
|
15
|
+
You should keep your secret keys, tokens and passwords secure and private. Never store keys in a code repository, in client-side code.
|
16
|
+
One of the recommend way of storing sensitive data is the [keychain](https://support.apple.com/guide/keychain-access/what-is-keychain-access-kyca1083/mac).
|
17
|
+
secret_keeper allows you to store, remove and read the items from the keychain on macOS system.
|
18
|
+
|
19
|
+
## Actions
|
20
|
+
|
21
|
+
### ➕ add_item_to_keychain
|
22
|
+
|
23
|
+
``` ruby
|
24
|
+
add_item_to_keychain # Adds the credentials to the keychain on behalf of the user
|
25
|
+
```
|
26
|
+
|
27
|
+
``` ruby
|
28
|
+
add_item_to_keychain(
|
29
|
+
item_name: "personal-access-token", # Item name to be stored in the keychain
|
30
|
+
account_name: "username", # An account name associated with the keychain item
|
31
|
+
password: ENV["PERSONAL_ACCESS_TOKEN"] # Password to be stored in the keychain
|
32
|
+
)
|
33
|
+
```
|
34
|
+
|
35
|
+
It returns password as a plain text.
|
36
|
+
|
37
|
+
⚠️ If an item you are trying to add already exists, the lane fails.
|
38
|
+
|
39
|
+
### ➖ remove_item_from_keychain
|
40
|
+
|
41
|
+
``` ruby
|
42
|
+
remove_item_from_keychain # Removes the credentials from the keychain on behalf of the user
|
43
|
+
```
|
44
|
+
|
45
|
+
``` ruby
|
46
|
+
remove_item_from_keychain(
|
47
|
+
item_name: "personal-access-token", # Item name to be removed from the keychain
|
48
|
+
)
|
49
|
+
```
|
50
|
+
|
51
|
+
⚠️ If an item you are trying to remove does not exist, the lane fails.
|
52
|
+
|
53
|
+
### 👓 read_item_from_keychain
|
54
|
+
|
55
|
+
``` ruby
|
56
|
+
read_item_from_keychain # Reads the password from the keychain for a given item
|
57
|
+
```
|
58
|
+
|
59
|
+
``` ruby
|
60
|
+
read_item_from_keychain(
|
61
|
+
item_name: "personal-access-token", # Item name for a given password stored in the keychain
|
62
|
+
)
|
63
|
+
```
|
64
|
+
|
65
|
+
It returns password as a plain text if the item has been found, nil otherwise.
|
66
|
+
|
67
|
+
## Example
|
68
|
+
|
69
|
+
One of the common usage of a secret_keeper plugin is storing and reading API tokens for a 3rd party services you need to communicate with.
|
70
|
+
|
71
|
+
```ruby
|
72
|
+
lane :request_3rd_party_API do
|
73
|
+
password = read_item_from_keychain(
|
74
|
+
item_name: PERSONAL_ACCESS_TOKEN
|
75
|
+
)
|
76
|
+
|
77
|
+
if password
|
78
|
+
# You can use your password here
|
79
|
+
else
|
80
|
+
# The password for a given item has not been found in the keychain. Request a user to provide the password.
|
81
|
+
UI.message 'Falstlane will talk to the 3rd party service on your behalf. In order to do so, it needs a personal access token. It will ask about it only once and store it in the keychain. Please provide your token 🙏🏻'
|
82
|
+
|
83
|
+
# Since `password` field is non-optional, Fastlane will ask to provide it via a user input.
|
84
|
+
password = add_item_to_keychain(
|
85
|
+
item_name: PERSONAL_ACCESS_TOKEN,
|
86
|
+
account_name: ENV["USER"]
|
87
|
+
)
|
88
|
+
|
89
|
+
# Now you can read a password successfully.
|
90
|
+
end
|
91
|
+
end
|
92
|
+
```
|
93
|
+
|
94
|
+
## Issues and Feedback
|
95
|
+
|
96
|
+
For any other issues and feedback about this plugin, please submit it to this repository.
|
97
|
+
|
98
|
+
## Troubleshooting
|
99
|
+
|
100
|
+
If you have trouble using plugins, check out the [Plugins Troubleshooting](https://docs.fastlane.tools/plugins/plugins-troubleshooting/) guide.
|
101
|
+
|
102
|
+
## Using _fastlane_ Plugins
|
103
|
+
|
104
|
+
For more information about how the `fastlane` plugin system works, check out the [Plugins documentation](https://docs.fastlane.tools/plugins/create-plugin/).
|
105
|
+
|
106
|
+
## About _fastlane_
|
107
|
+
|
108
|
+
_fastlane_ is the easiest way to automate beta deployments and releases for your iOS and Android apps. To learn more, check out [fastlane.tools](https://fastlane.tools).
|
@@ -0,0 +1,16 @@
|
|
1
|
+
require 'fastlane/plugin/secret_keeper/version'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module SecretKeeper
|
5
|
+
# Return all .rb files inside the "actions" and "helper" directory
|
6
|
+
def self.all_classes
|
7
|
+
Dir[File.expand_path('**/{actions,helper}/*.rb', File.dirname(__FILE__))]
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
# By default we want to import all available actions and helpers
|
13
|
+
# A plugin can contain any number of actions and plugins
|
14
|
+
Fastlane::SecretKeeper.all_classes.each do |current|
|
15
|
+
require current
|
16
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'security'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module Actions
|
5
|
+
class AddItemToKeychainAction < Action
|
6
|
+
def self.run(params)
|
7
|
+
item_name = params[:item_name]
|
8
|
+
account_name = params[:account_name]
|
9
|
+
password = params[:password]
|
10
|
+
|
11
|
+
success = Security::InternetPassword.add(item_name, account_name, password)
|
12
|
+
if success
|
13
|
+
UI.success("Sucessfully added new item to the keychain 🎉")
|
14
|
+
return password
|
15
|
+
else
|
16
|
+
UI.error("Could not store password in keychain ❌")
|
17
|
+
UI.user_error!("Could not store password in the keychain. This can happen if the item you are trying to store already exists in the keychain.")
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.description
|
22
|
+
"Adds the credentials to the keychain on behalf of the user"
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.return_value
|
26
|
+
"Returns password as a plain text"
|
27
|
+
end
|
28
|
+
|
29
|
+
def self.authors
|
30
|
+
["Daniel Jankowski"]
|
31
|
+
end
|
32
|
+
|
33
|
+
def self.available_options
|
34
|
+
[
|
35
|
+
FastlaneCore::ConfigItem.new(key: :item_name,
|
36
|
+
env_name: "SECRET_KEEPER_ITEM_NAME",
|
37
|
+
description: "Item name to be stored in the keychain",
|
38
|
+
optional: false,
|
39
|
+
type: String),
|
40
|
+
FastlaneCore::ConfigItem.new(key: :account_name,
|
41
|
+
env_name: "SECRET_KEEPER_ACCOUNT_NAME",
|
42
|
+
description: "An account name associated with the keychain item",
|
43
|
+
optional: false,
|
44
|
+
type: String),
|
45
|
+
FastlaneCore::ConfigItem.new(key: :password,
|
46
|
+
env_name: "SECRET_KEEPER_PASSWORD",
|
47
|
+
description: "Password to be stored in the keychain",
|
48
|
+
optional: false,
|
49
|
+
sensitive: true,
|
50
|
+
type: String)
|
51
|
+
]
|
52
|
+
end
|
53
|
+
|
54
|
+
def self.is_supported?(platform)
|
55
|
+
true
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
require 'security'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module Actions
|
5
|
+
class ReadItemFromKeychainAction < Action
|
6
|
+
def self.run(params)
|
7
|
+
item_name = params[:item_name]
|
8
|
+
|
9
|
+
item = Security::InternetPassword.find(server: item_name)
|
10
|
+
if item
|
11
|
+
UI.success("Sucessfully read an item from the keychain 🎉")
|
12
|
+
return item.password
|
13
|
+
else
|
14
|
+
UI.error("Could not read an item from the keychain. Please make sure '#{item_name}' item exists in the keychain ❌")
|
15
|
+
return nil
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def self.description
|
20
|
+
"Reads the password from the keychain for a given item"
|
21
|
+
end
|
22
|
+
|
23
|
+
def self.authors
|
24
|
+
["Daniel Jankowski"]
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.return_value
|
28
|
+
"Returns password as a plain text"
|
29
|
+
end
|
30
|
+
|
31
|
+
def self.available_options
|
32
|
+
[
|
33
|
+
FastlaneCore::ConfigItem.new(key: :item_name,
|
34
|
+
env_name: "SECRET_KEEPER_ITEM_NAME",
|
35
|
+
description: "Item name for a given password stored in the keychain",
|
36
|
+
optional: false,
|
37
|
+
type: String)
|
38
|
+
]
|
39
|
+
end
|
40
|
+
|
41
|
+
def self.is_supported?(platform)
|
42
|
+
true
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'security'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module Actions
|
5
|
+
class RemoveItemFromKeychainAction < Action
|
6
|
+
def self.run(params)
|
7
|
+
item_name = params[:item_name]
|
8
|
+
|
9
|
+
success = Security::InternetPassword.delete(server: item_name)
|
10
|
+
if success
|
11
|
+
UI.success("Sucessfully removed an item from the keychain 🎉")
|
12
|
+
else
|
13
|
+
UI.error("Could not remove an item from the keychain ❌")
|
14
|
+
UI.user_error!("Could not remove an item from the keychain. This can happen if an item you are trying to remove could not be found in the keychain.")
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def self.description
|
19
|
+
"Removes the credentials from the keychain on behalf of the user"
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.authors
|
23
|
+
["Daniel Jankowski"]
|
24
|
+
end
|
25
|
+
|
26
|
+
def self.available_options
|
27
|
+
[
|
28
|
+
FastlaneCore::ConfigItem.new(key: :item_name,
|
29
|
+
env_name: "SECRET_KEEPER_ITEM_NAME",
|
30
|
+
description: "Item name to be removed from the keychain",
|
31
|
+
optional: false,
|
32
|
+
type: String)
|
33
|
+
]
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.is_supported?(platform)
|
37
|
+
true
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
module Fastlane
|
2
|
+
module Helper
|
3
|
+
class SecretKeeperHelper
|
4
|
+
# class methods that you define here become available in your action
|
5
|
+
# as `Helper::SecretKeeperHelper.your_method`
|
6
|
+
#
|
7
|
+
def self.show_message
|
8
|
+
UI.message("Hello from the secret_keeper plugin helper!")
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
metadata
ADDED
@@ -0,0 +1,149 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: fastlane-plugin-secret_keeper
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Daniel Jankowski
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-01-22 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: pry
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rubocop
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: simplecov
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: fastlane
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: 2.62.0
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: 2.62.0
|
111
|
+
description:
|
112
|
+
email: daniell.jankowskii@gmail.com
|
113
|
+
executables: []
|
114
|
+
extensions: []
|
115
|
+
extra_rdoc_files: []
|
116
|
+
files:
|
117
|
+
- LICENSE
|
118
|
+
- README.md
|
119
|
+
- lib/fastlane/plugin/secret_keeper.rb
|
120
|
+
- lib/fastlane/plugin/secret_keeper/actions/add_item_to_keychain_action.rb
|
121
|
+
- lib/fastlane/plugin/secret_keeper/actions/read_item_from_keychain_action.rb
|
122
|
+
- lib/fastlane/plugin/secret_keeper/actions/remove_item_from_keychain_action.rb
|
123
|
+
- lib/fastlane/plugin/secret_keeper/helper/secret_keeper_helper.rb
|
124
|
+
- lib/fastlane/plugin/secret_keeper/version.rb
|
125
|
+
homepage: https://github.com/mollyIV/fastlane-plugin-secret_keeper
|
126
|
+
licenses:
|
127
|
+
- MIT
|
128
|
+
metadata: {}
|
129
|
+
post_install_message:
|
130
|
+
rdoc_options: []
|
131
|
+
require_paths:
|
132
|
+
- lib
|
133
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
134
|
+
requirements:
|
135
|
+
- - ">="
|
136
|
+
- !ruby/object:Gem::Version
|
137
|
+
version: '0'
|
138
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
139
|
+
requirements:
|
140
|
+
- - ">="
|
141
|
+
- !ruby/object:Gem::Version
|
142
|
+
version: '0'
|
143
|
+
requirements: []
|
144
|
+
rubyforge_project:
|
145
|
+
rubygems_version: 2.6.10
|
146
|
+
signing_key:
|
147
|
+
specification_version: 4
|
148
|
+
summary: secret_keeper is a wrapped on keychain access.
|
149
|
+
test_files: []
|