file_secrets 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: c7940eaadebd9fd56d314ab394abb88f417ff2d7
4
+ data.tar.gz: ce12bb59eec4b1ab69099f58990430f873f9b079
5
+ SHA512:
6
+ metadata.gz: 251cf3a0b0bedfb008f0dfe2ea938fdfa54c3426c7380d2f0f208772623208fc968b3dc3c7853753108c829d47722ba82499368053887dae7af7f08e12f20700
7
+ data.tar.gz: b2bbbbda6420609f97f45350239f9ce24c0c31ca4b0a33628a57504b23187f9a2fbc7745d33b575b464f504bc34ed7c91d5c20eaab56b019c9e2caa6b78d8580
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2018 Brian Durand
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,35 @@
1
+ # FileSecrets
2
+
3
+ This gem provides a simple method to support the pattern of reading sensitive information that is stored in files that is deployed separately from the code that needs them.
4
+
5
+ The basic pattern is to deploy your sensitive information into a directory structure like:
6
+
7
+ ```
8
+ /srv
9
+ |-- /secrets
10
+ |--/api
11
+ |-- secret_key
12
+ |-- token
13
+ ```
14
+
15
+ You could then read your secrets with `FileSecrets`:
16
+
17
+ ```
18
+ secrets = FileSecrets.new("/srv/secrets")
19
+ secrets["api/secret_key"]
20
+ secrets["api/token"]
21
+ ```
22
+
23
+ If the file doesn't exist, `nil` will be returned.
24
+
25
+ Each `FileSecrets` object will have a base directory where it will locate the files from. If this is not provided in the initializer, it will be set from the FILE_SECRETS_BASE environment variable. If that isn't set, then it will be set to the current working directory.
26
+
27
+ There is also a handy class level accessor that you can use either if you want to use the default base path:
28
+
29
+ ```
30
+ ENV["FILE_SECRETS_BASE"] = "/srv/secrets"
31
+ FileSecrets["api/secret_key"]
32
+ FileSecrets["api/token"]
33
+ ```
34
+
35
+ The paths passed to get the file values are virtual paths using the `/` character as a file separator. So, you would pass the same keys on Windows that you would on Linux.
@@ -0,0 +1,18 @@
1
+ require "bundler/gem_tasks"
2
+
3
+ desc 'Default: run unit tests.'
4
+ task :default => :test
5
+
6
+ desc 'RVM likes to call it tests'
7
+ task :tests => :test
8
+
9
+ begin
10
+ require 'rspec'
11
+ require 'rspec/core/rake_task'
12
+ desc 'Run the unit tests'
13
+ RSpec::Core::RakeTask.new(:test)
14
+ rescue LoadError
15
+ task :test do
16
+ STDERR.puts "You must have rspec >= 3 installed to run the tests"
17
+ end
18
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 1.0.0
@@ -0,0 +1,36 @@
1
+ class FileSecrets
2
+
3
+ attr_reader :base
4
+
5
+ class << self
6
+ # Get a file value using from the default base.
7
+ def get(key)
8
+ new.get(key)
9
+ end
10
+
11
+ alias_method :[], :get
12
+ end
13
+
14
+ # Create a new file secrets accessor. The files will be loaded relative to the
15
+ # provided base directory. If none is provided, it will default to using the
16
+ # directory set in the FILE_SECRETS_BASE environment variable or the current
17
+ # working directory.
18
+ def initialize(base = nil)
19
+ @base = (base || ENV['FILE_SECRETS_BASE'] || Dir.pwd)
20
+ end
21
+
22
+ # Get the contents of the file specified (relative to the base directory).
23
+ # If the file does not exist, this method will return nil. Any trailing
24
+ # line delimiters will be stripped from the returned value.
25
+ def get(key)
26
+ file_name = File.join(key.split('/'))
27
+ file_path = File.expand_path(file_name, base)
28
+ if File.exist?(file_path) && File.file?(file_path)
29
+ File.read(file_path).chomp
30
+ else
31
+ nil
32
+ end
33
+ end
34
+
35
+ alias_method :[], :get
36
+ end
@@ -0,0 +1,47 @@
1
+ require 'spec_helper'
2
+
3
+ describe FileSecrets do
4
+
5
+ before :each do
6
+ ENV['FILE_SECRETS_BASE'] = nil
7
+ end
8
+
9
+ it "should read the value of a file relative to the base" do
10
+ secrets = FileSecrets.new("spec/fixtures")
11
+ expect(secrets.get("api/key")).to eq "key_value"
12
+ expect(secrets.get("api/token")).to eq "token_value"
13
+ end
14
+
15
+ it "should return nil if the file doesn't exist" do
16
+ secrets = FileSecrets.new("spec/fixtures")
17
+ expect(secrets.get("foo")).to eq nil
18
+ end
19
+
20
+ it "should chomp any trailing line separators from the file" do
21
+ secrets = FileSecrets.new("spec/fixtures")
22
+ expect(secrets.get("trailing_line")).to eq "Trailing line"
23
+ end
24
+
25
+ it "should default to using the working directory as the base" do
26
+ ENV['FILE_SECRETS_BASE'] = nil
27
+ secrets = FileSecrets.new
28
+ expect(secrets.get("spec/fixtures/api/key")).to eq "key_value"
29
+ end
30
+
31
+ it "should use the FILE_SECRETS_BASE environment variable as the base" do
32
+ ENV['FILE_SECRETS_BASE'] = "spec"
33
+ secrets = FileSecrets.new
34
+ expect(secrets.get("fixtures/api/key")).to eq "key_value"
35
+ end
36
+
37
+ it "should be able to use [] instead of get" do
38
+ secrets = FileSecrets.new("spec/fixtures")
39
+ expect(secrets["api/key"]).to eq "key_value"
40
+ end
41
+
42
+ it "should be able to use class method helpers" do
43
+ expect(FileSecrets.get("spec/fixtures/api/key")).to eq "key_value"
44
+ expect(FileSecrets["spec/fixtures/api/key"]).to eq "key_value"
45
+ end
46
+
47
+ end
@@ -0,0 +1 @@
1
+ key_value
@@ -0,0 +1 @@
1
+ token_value
@@ -0,0 +1 @@
1
+ Trailing line
@@ -0,0 +1,10 @@
1
+ require File.expand_path("../../lib/file_secrets.rb", __FILE__)
2
+
3
+ RSpec.configure do |config|
4
+ config.expect_with :rspec do |c|
5
+ c.syntax = [:expect]
6
+ end
7
+ config.mock_with :rspec do |c|
8
+ c.syntax = [:expect]
9
+ end
10
+ end
metadata ADDED
@@ -0,0 +1,70 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: file_secrets
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Brian Durand
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2018-03-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rspec
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '3.0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '3.0'
27
+ description: A simple wrapper for reading sensitive information stored in files to
28
+ support the pattern of storing secrets in external files outside of a project's
29
+ code.
30
+ email:
31
+ - bbdurand@gmail.com
32
+ executables: []
33
+ extensions: []
34
+ extra_rdoc_files: []
35
+ files:
36
+ - MIT_LICENSE
37
+ - README.md
38
+ - Rakefile
39
+ - VERSION
40
+ - lib/file_secrets.rb
41
+ - spec/file_secrets_spec.rb
42
+ - spec/fixtures/api/key
43
+ - spec/fixtures/api/token
44
+ - spec/fixtures/trailing_line
45
+ - spec/spec_helper.rb
46
+ homepage: http://github.com/bdurand/file_secrets
47
+ licenses:
48
+ - MIT
49
+ metadata: {}
50
+ post_install_message:
51
+ rdoc_options: []
52
+ require_paths:
53
+ - lib
54
+ required_ruby_version: !ruby/object:Gem::Requirement
55
+ requirements:
56
+ - - ">="
57
+ - !ruby/object:Gem::Version
58
+ version: '0'
59
+ required_rubygems_version: !ruby/object:Gem::Requirement
60
+ requirements:
61
+ - - ">="
62
+ - !ruby/object:Gem::Version
63
+ version: '0'
64
+ requirements: []
65
+ rubyforge_project:
66
+ rubygems_version: 2.6.12
67
+ signing_key:
68
+ specification_version: 4
69
+ summary: A simple wrapper for reading sensitive information stored in files.
70
+ test_files: []