file_secrets 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c7940eaadebd9fd56d314ab394abb88f417ff2d7
+  data.tar.gz: ce12bb59eec4b1ab69099f58990430f873f9b079
+SHA512:
+  metadata.gz: 251cf3a0b0bedfb008f0dfe2ea938fdfa54c3426c7380d2f0f208772623208fc968b3dc3c7853753108c829d47722ba82499368053887dae7af7f08e12f20700
+  data.tar.gz: b2bbbbda6420609f97f45350239f9ce24c0c31ca4b0a33628a57504b23187f9a2fbc7745d33b575b464f504bc34ed7c91d5c20eaab56b019c9e2caa6b78d8580

data/MIT_LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2018 Brian Durand
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,35 @@
+# FileSecrets
+
+This gem provides a simple method to support the pattern of reading sensitive information that is stored in files that is deployed separately from the code that needs them.
+
+The basic pattern is to deploy your sensitive information into a directory structure like:
+
+```
+/srv
+|-- /secrets
+    |--/api
+       |-- secret_key
+       |-- token
+```
+
+You could then read your secrets with `FileSecrets`:
+
+```
+  secrets = FileSecrets.new("/srv/secrets")
+  secrets["api/secret_key"]
+  secrets["api/token"]
+```
+
+If the file doesn't exist, `nil` will be returned.
+
+Each `FileSecrets` object will have a base directory where it will locate the files from. If this is not provided in the initializer, it will be set from the FILE_SECRETS_BASE environment variable. If that isn't set, then it will be set to the current working directory.
+
+There is also a handy class level accessor that you can use either if you want to use the default base path:
+
+```
+  ENV["FILE_SECRETS_BASE"] = "/srv/secrets"
+  FileSecrets["api/secret_key"]
+  FileSecrets["api/token"]
+```
+
+The paths passed to get the file values are virtual paths using the `/` character as a file separator. So, you would pass the same keys on Windows that you would on Linux.

data/Rakefile

@@ -0,0 +1,18 @@
+require "bundler/gem_tasks"
+
+desc 'Default: run unit tests.'
+task :default => :test
+
+desc 'RVM likes to call it tests'
+task :tests => :test
+
+begin
+  require 'rspec'
+  require 'rspec/core/rake_task'
+  desc 'Run the unit tests'
+  RSpec::Core::RakeTask.new(:test)
+rescue LoadError
+  task :test do
+    STDERR.puts "You must have rspec >= 3 installed to run the tests"
+  end
+end

data/VERSION

@@ -0,0 +1 @@
+1.0.0

data/lib/file_secrets.rb

@@ -0,0 +1,36 @@
+class FileSecrets
+  
+  attr_reader :base
+  
+  class << self
+    # Get a file value using from the default base.
+    def get(key)
+      new.get(key)
+    end
+    
+    alias_method :[], :get
+  end
+
+  # Create a new file secrets accessor. The files will be loaded relative to the
+  # provided base directory. If none is provided, it will default to using the
+  # directory set in the FILE_SECRETS_BASE environment variable or the current
+  # working directory.
+  def initialize(base = nil)
+    @base = (base || ENV['FILE_SECRETS_BASE'] || Dir.pwd)
+  end
+  
+  # Get the contents of the file specified (relative to the base directory).
+  # If the file does not exist, this method will return nil. Any trailing
+  # line delimiters will be stripped from the returned value.
+  def get(key)
+    file_name = File.join(key.split('/'))
+    file_path = File.expand_path(file_name, base)
+    if File.exist?(file_path) && File.file?(file_path)
+      File.read(file_path).chomp
+    else
+      nil
+    end
+  end
+  
+  alias_method :[], :get
+end

data/spec/file_secrets_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe FileSecrets do
+  
+  before :each do
+    ENV['FILE_SECRETS_BASE'] = nil
+  end
+  
+  it "should read the value of a file relative to the base" do
+    secrets = FileSecrets.new("spec/fixtures")
+    expect(secrets.get("api/key")).to eq "key_value"
+    expect(secrets.get("api/token")).to eq "token_value"
+  end
+  
+  it "should return nil if the file doesn't exist" do
+    secrets = FileSecrets.new("spec/fixtures")
+    expect(secrets.get("foo")).to eq nil
+  end
+  
+  it "should chomp any trailing line separators from the file" do
+    secrets = FileSecrets.new("spec/fixtures")
+    expect(secrets.get("trailing_line")).to eq "Trailing line"
+  end
+  
+  it "should default to using the working directory as the base" do
+    ENV['FILE_SECRETS_BASE'] = nil
+    secrets = FileSecrets.new
+    expect(secrets.get("spec/fixtures/api/key")).to eq "key_value"
+  end
+  
+  it "should use the FILE_SECRETS_BASE environment variable as the base" do
+    ENV['FILE_SECRETS_BASE'] = "spec"
+    secrets = FileSecrets.new
+    expect(secrets.get("fixtures/api/key")).to eq "key_value"
+  end
+  
+  it "should be able to use [] instead of get" do
+    secrets = FileSecrets.new("spec/fixtures")
+    expect(secrets["api/key"]).to eq "key_value"
+  end
+  
+  it "should be able to use class method helpers" do
+    expect(FileSecrets.get("spec/fixtures/api/key")).to eq "key_value"
+    expect(FileSecrets["spec/fixtures/api/key"]).to eq "key_value"
+  end
+  
+end

data/spec/fixtures/api/key

@@ -0,0 +1 @@
+key_value

data/spec/fixtures/api/token

@@ -0,0 +1 @@
+token_value

data/spec/fixtures/trailing_line

@@ -0,0 +1 @@
+Trailing line

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+require File.expand_path("../../lib/file_secrets.rb", __FILE__)
+
+RSpec.configure do |config|
+  config.expect_with :rspec do |c|
+    c.syntax = [:expect]
+  end
+  config.mock_with :rspec do |c|
+    c.syntax = [:expect]
+  end
+end

metadata

@@ -0,0 +1,70 @@
+--- !ruby/object:Gem::Specification
+name: file_secrets
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Brian Durand
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-03-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: A simple wrapper for reading sensitive information stored in files to
+  support the pattern of storing secrets in external files outside of a project's
+  code.
+email:
+- bbdurand@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT_LICENSE
+- README.md
+- Rakefile
+- VERSION
+- lib/file_secrets.rb
+- spec/file_secrets_spec.rb
+- spec/fixtures/api/key
+- spec/fixtures/api/token
+- spec/fixtures/trailing_line
+- spec/spec_helper.rb
+homepage: http://github.com/bdurand/file_secrets
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.12
+signing_key: 
+specification_version: 4
+summary: A simple wrapper for reading sensitive information stored in files.
+test_files: []