fastlane-plugin-secret_keeper 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +21 -0
- data/README.md +108 -0
- data/lib/fastlane/plugin/secret_keeper.rb +16 -0
- data/lib/fastlane/plugin/secret_keeper/actions/add_item_to_keychain_action.rb +59 -0
- data/lib/fastlane/plugin/secret_keeper/actions/read_item_from_keychain_action.rb +46 -0
- data/lib/fastlane/plugin/secret_keeper/actions/remove_item_from_keychain_action.rb +41 -0
- data/lib/fastlane/plugin/secret_keeper/helper/secret_keeper_helper.rb +12 -0
- data/lib/fastlane/plugin/secret_keeper/version.rb +5 -0
- metadata +149 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: a063ea2c1222ba379c38c0a602f8c981f5f81fb5
|
4
|
+
data.tar.gz: 0aa4e7d4640cbab0bc853d9d9dcca38796ba7c26
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 523991a02c0eed7c4d64a36bb100b3a6f9d40c1c66178c0e9c7672710ea2df9b8297bade571e7d947f7decac1eaddbc1d29eef3f8106690797173ec30895154c
|
7
|
+
data.tar.gz: 472ecdc17e679b3dcdda87e7b1e6da5b084bc032961de6870b538d07875eebd5cde215209d95da6d643b1d31562d1567972a6297a1e10122ab7bd910369a9aa2
|
data/LICENSE
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2019 Daniel Jankowski <daniell.jankowskii@gmail.com>
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,108 @@
|
|
1
|
+
# secret_keeper plugin
|
2
|
+
|
3
|
+
[](https://rubygems.org/gems/fastlane-plugin-secret_keeper)
|
4
|
+
|
5
|
+
## Getting Started
|
6
|
+
|
7
|
+
This project is a [_fastlane_](https://github.com/fastlane/fastlane) plugin. To get started with `fastlane-plugin-secret_keeper`, add it to your project by running:
|
8
|
+
|
9
|
+
```bash
|
10
|
+
fastlane add_plugin secret_keeper
|
11
|
+
```
|
12
|
+
|
13
|
+
## About secret_keeper
|
14
|
+
|
15
|
+
You should keep your secret keys, tokens and passwords secure and private. Never store keys in a code repository, in client-side code.
|
16
|
+
One of the recommend way of storing sensitive data is the [keychain](https://support.apple.com/guide/keychain-access/what-is-keychain-access-kyca1083/mac).
|
17
|
+
secret_keeper allows you to store, remove and read the items from the keychain on macOS system.
|
18
|
+
|
19
|
+
## Actions
|
20
|
+
|
21
|
+
### ➕ add_item_to_keychain
|
22
|
+
|
23
|
+
``` ruby
|
24
|
+
add_item_to_keychain # Adds the credentials to the keychain on behalf of the user
|
25
|
+
```
|
26
|
+
|
27
|
+
``` ruby
|
28
|
+
add_item_to_keychain(
|
29
|
+
item_name: "personal-access-token", # Item name to be stored in the keychain
|
30
|
+
account_name: "username", # An account name associated with the keychain item
|
31
|
+
password: ENV["PERSONAL_ACCESS_TOKEN"] # Password to be stored in the keychain
|
32
|
+
)
|
33
|
+
```
|
34
|
+
|
35
|
+
It returns password as a plain text.
|
36
|
+
|
37
|
+
⚠️ If an item you are trying to add already exists, the lane fails.
|
38
|
+
|
39
|
+
### ➖ remove_item_from_keychain
|
40
|
+
|
41
|
+
``` ruby
|
42
|
+
remove_item_from_keychain # Removes the credentials from the keychain on behalf of the user
|
43
|
+
```
|
44
|
+
|
45
|
+
``` ruby
|
46
|
+
remove_item_from_keychain(
|
47
|
+
item_name: "personal-access-token", # Item name to be removed from the keychain
|
48
|
+
)
|
49
|
+
```
|
50
|
+
|
51
|
+
⚠️ If an item you are trying to remove does not exist, the lane fails.
|
52
|
+
|
53
|
+
### 👓 read_item_from_keychain
|
54
|
+
|
55
|
+
``` ruby
|
56
|
+
read_item_from_keychain # Reads the password from the keychain for a given item
|
57
|
+
```
|
58
|
+
|
59
|
+
``` ruby
|
60
|
+
read_item_from_keychain(
|
61
|
+
item_name: "personal-access-token", # Item name for a given password stored in the keychain
|
62
|
+
)
|
63
|
+
```
|
64
|
+
|
65
|
+
It returns password as a plain text if the item has been found, nil otherwise.
|
66
|
+
|
67
|
+
## Example
|
68
|
+
|
69
|
+
One of the common usage of a secret_keeper plugin is storing and reading API tokens for a 3rd party services you need to communicate with.
|
70
|
+
|
71
|
+
```ruby
|
72
|
+
lane :request_3rd_party_API do
|
73
|
+
password = read_item_from_keychain(
|
74
|
+
item_name: PERSONAL_ACCESS_TOKEN
|
75
|
+
)
|
76
|
+
|
77
|
+
if password
|
78
|
+
# You can use your password here
|
79
|
+
else
|
80
|
+
# The password for a given item has not been found in the keychain. Request a user to provide the password.
|
81
|
+
UI.message 'Falstlane will talk to the 3rd party service on your behalf. In order to do so, it needs a personal access token. It will ask about it only once and store it in the keychain. Please provide your token 🙏🏻'
|
82
|
+
|
83
|
+
# Since `password` field is non-optional, Fastlane will ask to provide it via a user input.
|
84
|
+
password = add_item_to_keychain(
|
85
|
+
item_name: PERSONAL_ACCESS_TOKEN,
|
86
|
+
account_name: ENV["USER"]
|
87
|
+
)
|
88
|
+
|
89
|
+
# Now you can read a password successfully.
|
90
|
+
end
|
91
|
+
end
|
92
|
+
```
|
93
|
+
|
94
|
+
## Issues and Feedback
|
95
|
+
|
96
|
+
For any other issues and feedback about this plugin, please submit it to this repository.
|
97
|
+
|
98
|
+
## Troubleshooting
|
99
|
+
|
100
|
+
If you have trouble using plugins, check out the [Plugins Troubleshooting](https://docs.fastlane.tools/plugins/plugins-troubleshooting/) guide.
|
101
|
+
|
102
|
+
## Using _fastlane_ Plugins
|
103
|
+
|
104
|
+
For more information about how the `fastlane` plugin system works, check out the [Plugins documentation](https://docs.fastlane.tools/plugins/create-plugin/).
|
105
|
+
|
106
|
+
## About _fastlane_
|
107
|
+
|
108
|
+
_fastlane_ is the easiest way to automate beta deployments and releases for your iOS and Android apps. To learn more, check out [fastlane.tools](https://fastlane.tools).
|
@@ -0,0 +1,16 @@
|
|
1
|
+
require 'fastlane/plugin/secret_keeper/version'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module SecretKeeper
|
5
|
+
# Return all .rb files inside the "actions" and "helper" directory
|
6
|
+
def self.all_classes
|
7
|
+
Dir[File.expand_path('**/{actions,helper}/*.rb', File.dirname(__FILE__))]
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
# By default we want to import all available actions and helpers
|
13
|
+
# A plugin can contain any number of actions and plugins
|
14
|
+
Fastlane::SecretKeeper.all_classes.each do |current|
|
15
|
+
require current
|
16
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'security'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module Actions
|
5
|
+
class AddItemToKeychainAction < Action
|
6
|
+
def self.run(params)
|
7
|
+
item_name = params[:item_name]
|
8
|
+
account_name = params[:account_name]
|
9
|
+
password = params[:password]
|
10
|
+
|
11
|
+
success = Security::InternetPassword.add(item_name, account_name, password)
|
12
|
+
if success
|
13
|
+
UI.success("Sucessfully added new item to the keychain 🎉")
|
14
|
+
return password
|
15
|
+
else
|
16
|
+
UI.error("Could not store password in keychain ❌")
|
17
|
+
UI.user_error!("Could not store password in the keychain. This can happen if the item you are trying to store already exists in the keychain.")
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.description
|
22
|
+
"Adds the credentials to the keychain on behalf of the user"
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.return_value
|
26
|
+
"Returns password as a plain text"
|
27
|
+
end
|
28
|
+
|
29
|
+
def self.authors
|
30
|
+
["Daniel Jankowski"]
|
31
|
+
end
|
32
|
+
|
33
|
+
def self.available_options
|
34
|
+
[
|
35
|
+
FastlaneCore::ConfigItem.new(key: :item_name,
|
36
|
+
env_name: "SECRET_KEEPER_ITEM_NAME",
|
37
|
+
description: "Item name to be stored in the keychain",
|
38
|
+
optional: false,
|
39
|
+
type: String),
|
40
|
+
FastlaneCore::ConfigItem.new(key: :account_name,
|
41
|
+
env_name: "SECRET_KEEPER_ACCOUNT_NAME",
|
42
|
+
description: "An account name associated with the keychain item",
|
43
|
+
optional: false,
|
44
|
+
type: String),
|
45
|
+
FastlaneCore::ConfigItem.new(key: :password,
|
46
|
+
env_name: "SECRET_KEEPER_PASSWORD",
|
47
|
+
description: "Password to be stored in the keychain",
|
48
|
+
optional: false,
|
49
|
+
sensitive: true,
|
50
|
+
type: String)
|
51
|
+
]
|
52
|
+
end
|
53
|
+
|
54
|
+
def self.is_supported?(platform)
|
55
|
+
true
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
require 'security'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module Actions
|
5
|
+
class ReadItemFromKeychainAction < Action
|
6
|
+
def self.run(params)
|
7
|
+
item_name = params[:item_name]
|
8
|
+
|
9
|
+
item = Security::InternetPassword.find(server: item_name)
|
10
|
+
if item
|
11
|
+
UI.success("Sucessfully read an item from the keychain 🎉")
|
12
|
+
return item.password
|
13
|
+
else
|
14
|
+
UI.error("Could not read an item from the keychain. Please make sure '#{item_name}' item exists in the keychain ❌")
|
15
|
+
return nil
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def self.description
|
20
|
+
"Reads the password from the keychain for a given item"
|
21
|
+
end
|
22
|
+
|
23
|
+
def self.authors
|
24
|
+
["Daniel Jankowski"]
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.return_value
|
28
|
+
"Returns password as a plain text"
|
29
|
+
end
|
30
|
+
|
31
|
+
def self.available_options
|
32
|
+
[
|
33
|
+
FastlaneCore::ConfigItem.new(key: :item_name,
|
34
|
+
env_name: "SECRET_KEEPER_ITEM_NAME",
|
35
|
+
description: "Item name for a given password stored in the keychain",
|
36
|
+
optional: false,
|
37
|
+
type: String)
|
38
|
+
]
|
39
|
+
end
|
40
|
+
|
41
|
+
def self.is_supported?(platform)
|
42
|
+
true
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'security'
|
2
|
+
|
3
|
+
module Fastlane
|
4
|
+
module Actions
|
5
|
+
class RemoveItemFromKeychainAction < Action
|
6
|
+
def self.run(params)
|
7
|
+
item_name = params[:item_name]
|
8
|
+
|
9
|
+
success = Security::InternetPassword.delete(server: item_name)
|
10
|
+
if success
|
11
|
+
UI.success("Sucessfully removed an item from the keychain 🎉")
|
12
|
+
else
|
13
|
+
UI.error("Could not remove an item from the keychain ❌")
|
14
|
+
UI.user_error!("Could not remove an item from the keychain. This can happen if an item you are trying to remove could not be found in the keychain.")
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def self.description
|
19
|
+
"Removes the credentials from the keychain on behalf of the user"
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.authors
|
23
|
+
["Daniel Jankowski"]
|
24
|
+
end
|
25
|
+
|
26
|
+
def self.available_options
|
27
|
+
[
|
28
|
+
FastlaneCore::ConfigItem.new(key: :item_name,
|
29
|
+
env_name: "SECRET_KEEPER_ITEM_NAME",
|
30
|
+
description: "Item name to be removed from the keychain",
|
31
|
+
optional: false,
|
32
|
+
type: String)
|
33
|
+
]
|
34
|
+
end
|
35
|
+
|
36
|
+
def self.is_supported?(platform)
|
37
|
+
true
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
module Fastlane
|
2
|
+
module Helper
|
3
|
+
class SecretKeeperHelper
|
4
|
+
# class methods that you define here become available in your action
|
5
|
+
# as `Helper::SecretKeeperHelper.your_method`
|
6
|
+
#
|
7
|
+
def self.show_message
|
8
|
+
UI.message("Hello from the secret_keeper plugin helper!")
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
metadata
ADDED
@@ -0,0 +1,149 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: fastlane-plugin-secret_keeper
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Daniel Jankowski
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-01-22 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: pry
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rubocop
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: simplecov
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: fastlane
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: 2.62.0
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: 2.62.0
|
111
|
+
description:
|
112
|
+
email: daniell.jankowskii@gmail.com
|
113
|
+
executables: []
|
114
|
+
extensions: []
|
115
|
+
extra_rdoc_files: []
|
116
|
+
files:
|
117
|
+
- LICENSE
|
118
|
+
- README.md
|
119
|
+
- lib/fastlane/plugin/secret_keeper.rb
|
120
|
+
- lib/fastlane/plugin/secret_keeper/actions/add_item_to_keychain_action.rb
|
121
|
+
- lib/fastlane/plugin/secret_keeper/actions/read_item_from_keychain_action.rb
|
122
|
+
- lib/fastlane/plugin/secret_keeper/actions/remove_item_from_keychain_action.rb
|
123
|
+
- lib/fastlane/plugin/secret_keeper/helper/secret_keeper_helper.rb
|
124
|
+
- lib/fastlane/plugin/secret_keeper/version.rb
|
125
|
+
homepage: https://github.com/mollyIV/fastlane-plugin-secret_keeper
|
126
|
+
licenses:
|
127
|
+
- MIT
|
128
|
+
metadata: {}
|
129
|
+
post_install_message:
|
130
|
+
rdoc_options: []
|
131
|
+
require_paths:
|
132
|
+
- lib
|
133
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
134
|
+
requirements:
|
135
|
+
- - ">="
|
136
|
+
- !ruby/object:Gem::Version
|
137
|
+
version: '0'
|
138
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
139
|
+
requirements:
|
140
|
+
- - ">="
|
141
|
+
- !ruby/object:Gem::Version
|
142
|
+
version: '0'
|
143
|
+
requirements: []
|
144
|
+
rubyforge_project:
|
145
|
+
rubygems_version: 2.6.10
|
146
|
+
signing_key:
|
147
|
+
specification_version: 4
|
148
|
+
summary: secret_keeper is a wrapped on keychain access.
|
149
|
+
test_files: []
|