fastlane-plugin-secrets 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 060d33a034c47e7318d5bad3cea1930afa705c920eddbbfb0ea9dd583e872e50
+  data.tar.gz: 7d65b0c138410241701d532f39fa9ea761cf72b1f25fefb1cdd5ab4f258b5e56
+SHA512:
+  metadata.gz: 2dc780c0f767a55d764f189157f381a54b1a22d371d045aebaf38f7b086ec9e19164ebaed37b360419800a7fe27997dc5f8042e6e2aaec09a8f7c5bd3943e2e0
+  data.tar.gz: 0a0adc5e09eb7b419d443911f65031d18e8d0b041371b1c5525f076d72f839e143813de2d63d01b60ca67563c68294f9d1ec08d10984ae615c9115746e8346c5

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2019 Cyril Cermak, Jörg Nestele
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,52 @@
+# secrets plugin
+
+[![fastlane Plugin Badge](https://rawcdn.githack.com/fastlane/fastlane/master/fastlane/assets/plugin-badge.svg)](https://rubygems.org/gems/fastlane-plugin-secrets)
+
+## Getting Started
+
+This project is a [_fastlane_](https://github.com/fastlane/fastlane) plugin. To get started with `fastlane-plugin-secrets`, add it to your project by running:
+
+```bash
+fastlane add_plugin secrets
+```
+
+## About secrets
+
+Securely store secrets in source code.
+
+**Note to author:** Add a more detailed description about this plugin here. If your plugin contains multiple actions, make sure to mention them here.
+
+## Example
+
+Check out the [example `Fastfile`](fastlane/Fastfile) to see how to use this plugin. Try it by cloning the repo, running `fastlane install_plugins` and `bundle exec fastlane test`.
+
+**Note to author:** Please set up a sample project to make it easy for users to explore what your plugin does. Provide everything that is necessary to try out the plugin in this project (including a sample Xcode/Android project if necessary)
+
+## Run tests for this plugin
+
+To run both the tests, and code style validation, run
+
+```
+rake
+```
+
+To automatically fix many of the styling issues, use
+```
+rubocop -a
+```
+
+## Issues and Feedback
+
+For any other issues and feedback about this plugin, please submit it to this repository.
+
+## Troubleshooting
+
+If you have trouble using plugins, check out the [Plugins Troubleshooting](https://docs.fastlane.tools/plugins/plugins-troubleshooting/) guide.
+
+## Using _fastlane_ Plugins
+
+For more information about how the `fastlane` plugin system works, check out the [Plugins documentation](https://docs.fastlane.tools/plugins/create-plugin/).
+
+## About _fastlane_
+
+_fastlane_ is the easiest way to automate beta deployments and releases for your iOS and Android apps. To learn more, check out [fastlane.tools](https://fastlane.tools).

data/lib/fastlane/plugin/secrets.rb

@@ -0,0 +1,16 @@
+require 'fastlane/plugin/secrets/version'
+
+module Fastlane
+  module Secrets
+    # Return all .rb files inside the "actions" and "helper" directory
+    def self.all_classes
+      Dir[File.expand_path('**/{actions,helper}/*.rb', File.dirname(__FILE__))]
+    end
+  end
+end
+
+# By default we want to import all available actions and helpers
+# A plugin can contain any number of actions and plugins
+Fastlane::Secrets.all_classes.each do |current|
+  require current
+end

data/lib/fastlane/plugin/secrets/actions/decrypt_secrets_action.rb

@@ -0,0 +1,85 @@
+require 'fastlane/action'
+require 'mobile-secrets'
+
+module Fastlane
+  module Actions
+    class DecryptSecretsAction < Action
+      def self.run(params)
+        secrets_path = params[:file_path]
+        password = params[:password]
+        empty = params[:empty]
+        private_key_path = params[:private_key_path]
+        target_path = "#{Dir.pwd}/#{params[:target_path]}/secrets.swift"
+        tmp_decrypted_secrets_file = "/tmp/secrets"
+        secrets_handler = MobileSecrets::SecretsHandler.new
+
+        return secrets_handler.inject_secrets [[]], target_path if empty
+
+
+        clean tmp_decrypted_secrets_file
+        if private_key_path && password
+          sh("gpg", "-v", "--pinentry-mode", "loopback", "--passphrase", password, "--import", private_key_path)
+          sh("gpg", "-a", "--pinentry-mode", "loopback", "--passphrase", password, "--output", tmp_decrypted_secrets_file, "--decrypt", secrets_path)
+        elsif password then
+          sh("gpg", "-a", "--pinentry-mode", "loopback", "--passphrase", password, "--output", tmp_decrypted_secrets_file, "--decrypt", secrets_path)
+        else
+          sh("gpg", "--output", tmp_decrypted_secrets_file, "--decrypt", secrets_path)
+        end
+
+        yml_config = File.read tmp_decrypted_secrets_file
+        bytes = secrets_handler.process_yaml_config yml_config
+        secrets_handler.inject_secrets bytes, target_path
+        clean tmp_decrypted_secrets_file
+      end
+
+      def self.description
+        "Securely store secrets in source code"
+      end
+
+      def self.authors
+        ["Cyril Cermak, Jörg Nestele"]
+      end
+
+      def self.details
+        # Optional:
+        ""
+      end
+
+      def self.clean file_path
+        File.delete(file_path) if File.exist?(file_path)
+      end
+
+      def self.available_options
+        [
+          FastlaneCore::ConfigItem.new(key: :file_path,
+                                       description: "Path to the encrypted secrets file",
+                                       is_string: true),
+          FastlaneCore::ConfigItem.new(key: :target_path,
+                                       description: "Output path for the auto generated source file",
+                                       is_string: true),
+          FastlaneCore::ConfigItem.new(key: :password,
+                                       description: "Password to open the GPG secrets file",
+                                       is_string: true,
+                                       optional: true),
+          FastlaneCore::ConfigItem.new(key: :private_key_path,
+                                       description: "Path to a private key for GPG",
+                                       is_string: true,
+                                       optional: true),
+          FastlaneCore::ConfigItem.new(key: :empty,
+                                       description: "Path to a private key for GPG",
+                                       type: Boolean,
+                                       optional: true,
+                                       default_value: false)
+        ]
+      end
+
+      def self.is_supported?(platform)
+        # Adjust this if your plugin only works for a particular platform (iOS vs. Android, for example)
+        # See: https://docs.fastlane.tools/advanced/#control-configuration-by-lane-and-by-platform
+        #
+        # [:ios, :mac, :android].include?(platform)
+        [:ios, :mac].include?(platform)
+      end
+    end
+  end
+end

data/lib/fastlane/plugin/secrets/actions/encrypt_secrets_action.rb

@@ -0,0 +1,62 @@
+require 'fastlane/action'
+require 'mobile-secrets'
+require 'yaml'
+
+module Fastlane
+  module Actions
+    class EncryptSecretsAction < Action
+      def self.run(params)
+        hash_key = params[:hash_key]
+        language = params[:language]
+        secrets_dir_path = params[:secrets_dir_path]
+        secrets_dict = params[:secrets]
+        config_yml = {"MobileSecrets" => {"hashKey"=>hash_key,"language"=>language, "secrets"=>secrets_dict}}.to_yaml
+
+        MobileSecrets::SecretsHandler.new.encrypt "#{secrets_dir_path}/secrets.gpg", config_yml, secrets_dir_path
+      end
+
+      def self.description
+        "Securely store secrets in source code"
+      end
+
+      def self.authors
+        ["Cyril Cermak, Jörg Nestele"]
+      end
+
+      def self.details
+        # Optional:
+        ""
+      end
+
+      def self.clean file_path
+        File.delete(file_path) if File.exist?(file_path)
+      end
+
+      def self.available_options
+        [
+          FastlaneCore::ConfigItem.new(key: :hash_key,
+                                       description: "Key that will be used to hash the secrets using XOR technique",
+                                       is_string: true),
+          FastlaneCore::ConfigItem.new(key: :language,
+                                       description: "Source code language, currently supported - [swift]",
+                                       is_string: true),
+          FastlaneCore::ConfigItem.new(key: :secrets_dir_path,
+                                        description: "Path to a directory where .gpg was initialized",
+                                        is_string: true),
+          FastlaneCore::ConfigItem.new(key: :secrets,
+                                       description: "Key-value dictionary of secrets",
+                                       type: Hash,
+                                       optional: true)
+        ]
+      end
+
+      def self.is_supported?(platform)
+        # Adjust this if your plugin only works for a particular platform (iOS vs. Android, for example)
+        # See: https://docs.fastlane.tools/advanced/#control-configuration-by-lane-and-by-platform
+        #
+        # [:ios, :mac, :android].include?(platform)
+        [:ios, :mac].include?(platform)
+      end
+    end
+  end
+end

data/lib/fastlane/plugin/secrets/helper/SecretsTemplate.swift

@@ -0,0 +1,28 @@
+//
+//  Autogenerated file by Fastlane-Plugin-Secret
+//
+
+import Foundation
+
+class Secrets {
+    static let standard = Secrets()
+    /* SECRET BYTES */
+
+    private init() {}
+
+    func string(forKey key: String) -> String? {
+        guard let index = bytes.index(where: { String(data: Data(bytes:$0), encoding: .utf8) == key }),
+              let value = decrypt(bytes[index + 1]) else { return nil }
+        return String(data: Data(bytes: value), encoding: .utf8)
+    }
+
+    private func decrypt(_ input: [UInt8]) -> [UInt8]? {
+        let key = bytes[0]
+        guard !key.isEmpty else { return nil }
+        var output = [UInt8]()
+        for byte in input.enumerated() {
+            output.append(byte.element ^ key[byte.offset % key.count])
+        }
+        return output
+    }
+}

data/lib/fastlane/plugin/secrets/version.rb

@@ -0,0 +1,5 @@
+module Fastlane
+  module Secrets
+    VERSION = "0.0.1"
+  end
+end

metadata

@@ -0,0 +1,190 @@
+--- !ruby/object:Gem::Specification
+name: fastlane-plugin-secrets
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Cyril Cermak
+- Jörg Nestele
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-10-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mobile-secrets
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.0.5
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.0.5
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec_junit_formatter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.49.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.49.1
+- !ruby/object:Gem::Dependency
+  name: rubocop-require_tools
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fastlane
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.131.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.131.0
+description: 
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/fastlane/plugin/secrets.rb
+- lib/fastlane/plugin/secrets/actions/decrypt_secrets_action.rb
+- lib/fastlane/plugin/secrets/actions/encrypt_secrets_action.rb
+- lib/fastlane/plugin/secrets/helper/SecretsTemplate.swift
+- lib/fastlane/plugin/secrets/version.rb
+homepage: https://github.com/nestele/fastlane-plugin-secrets
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.6
+signing_key: 
+specification_version: 4
+summary: Securely store secrets in source code.
+test_files: []