fastlane-plugin-secrets_manager_storage 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c9b69ff500f148a9edeeb146cfa5e3ffba6dce103bedf4d3cd16786585ea9877
|
4
|
+
data.tar.gz: '03019b799cbefa7ffed66fbbe7d9dc0c723a9569710c50825ec21aec15e6836b'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0cd28afc80d5851792f1eacd8c52a9606d7d8770bf5e6d0de21c6276c3abbcab464abdceab66a9b3047724a43fabda8f26bf73e2e8e80299a6e34309e3f770ca
|
7
|
+
data.tar.gz: 9683290a4bbfe3e6e76a66b616daff855f137a6aeb994a335d87b9a9e2b518a8cc384c721c8cd6614aaec46e6824921a612ad41b46d997ef00be521d0a333512
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Secrets Manager Storage
|
2
2
|
|
3
|
-
This plugin enables Fastlane users to store their provisioning profiles and
|
3
|
+
This plugin enables Fastlane users to store their provisioning profiles and signing keys securely in
|
4
4
|
AWS Secrets Manager by adding a `secrets_manager` storage backend to Fastlane match.
|
5
5
|
|
6
6
|
[![Build Status][ci-image]][ci-url] [![License][license-image]][license-url]
|
@@ -9,15 +9,15 @@ AWS Secrets Manager by adding a `secrets_manager` storage backend to Fastlane ma
|
|
9
9
|
|
10
10
|
Reasons to use this (compared to the git or s3 backend):
|
11
11
|
|
12
|
-
-
|
12
|
+
- your signing keys are stored securley (always encrypted) by default
|
13
13
|
- all access is controlled via AWS IAM and is fine-grained:
|
14
14
|
- users can be granted access to review the secret's metadata separate from the ability to read
|
15
15
|
the actual, unencrypted values
|
16
16
|
- no need to manage a `MATCH_PASSWORD` – just use your existing AWS access controls
|
17
|
-
- all access to the decrypted
|
18
|
-
access
|
17
|
+
- all access to the decrypted keys is logged into AWS CloudTrail, providing an audit-trail to access
|
19
18
|
- Secret lifecycle can be tracked independently of Fastlane, enabling you to have alerts on secret
|
20
|
-
age by using the secret's version metadata (e.g. Created On)
|
19
|
+
age by using the secret's version metadata (e.g. Created On). **This is interesting because Apple
|
20
|
+
provides no means of being notified about certificate expiration**.
|
21
21
|
- certificates and mobileprovision Secrets will be tagged with `ExpiresOn` and other metadata
|
22
22
|
|
23
23
|
> :information_source: Fastlane plugins are only automatically loaded when using a Fastfile. This
|
@@ -233,6 +233,7 @@ module Fastlane
|
|
233
233
|
secret_specific_tags["Name"] = cert_info
|
234
234
|
.find { |attribute| attribute.first == "Common Name" }
|
235
235
|
.last
|
236
|
+
.gsub(/[^a-zA-Z0-9_ .:\/=+-]/, "")
|
236
237
|
expiry = cert_info.find { |attribute| attribute.first == "End Datetime" }.last
|
237
238
|
when ".mobileprovision"
|
238
239
|
secret_specific_tags[
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fastlane-plugin-secrets_manager_storage
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Case Taintor
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2025-01-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-secretsmanager
|
@@ -24,7 +24,7 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '1.0'
|
27
|
-
description:
|
27
|
+
description:
|
28
28
|
email: case.taintor@klarna.com
|
29
29
|
executables: []
|
30
30
|
extensions: []
|
@@ -41,7 +41,7 @@ licenses:
|
|
41
41
|
- Apache-2.0
|
42
42
|
metadata:
|
43
43
|
rubygems_mfa_required: 'true'
|
44
|
-
post_install_message:
|
44
|
+
post_install_message:
|
45
45
|
rdoc_options: []
|
46
46
|
require_paths:
|
47
47
|
- lib
|
@@ -56,8 +56,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
56
56
|
- !ruby/object:Gem::Version
|
57
57
|
version: '0'
|
58
58
|
requirements: []
|
59
|
-
rubygems_version: 3.
|
60
|
-
signing_key:
|
59
|
+
rubygems_version: 3.0.3.1
|
60
|
+
signing_key:
|
61
61
|
specification_version: 4
|
62
62
|
summary: Enables fastlane match to use AWS Secrets Manager as backing storage
|
63
63
|
test_files: []
|