gpgenv 0.1.2 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a766f9fb2e19f31afb07dccee60a02b2a5223e56
4
- data.tar.gz: e8491b464059bd169ec725760f64f80cad1f119c
3
+ metadata.gz: 18ffeb8806fa8cf718542dcf4df7580c00fe2bda
4
+ data.tar.gz: 63135d2cdbc03f735a96e37c944f6d6902816685
5
5
  SHA512:
6
- metadata.gz: 3dfc1f23d9ad0d63f0402ca33d3ef69485cbe714f302443fa20aa3b6c0fd28982b53b33fad6eef9b1f6147948343ad2dc2647aa4bb795492507e32196919e031
7
- data.tar.gz: d1cb7b8b2665462d61a4f72bc4e32fbaa637051780a3f1af497b7b718ad0779432844488ee29ba96f4fbe17bb996f320170cbb8fb10d328414eb6da1a1ebe50c
6
+ metadata.gz: 21589ca5e2e14842a39144100bb474ff54359a6f4f5d7cdd2de356be452c3adc915a6af6750264e590a610c7caacb4c952c36f436e5189ea07e8cbeaa666ae7a
7
+ data.tar.gz: e5a7e462444ee4f5eed8db030d547fa1285330f013aba67986a02dfb2cd68c70f24639f8ea097e028b4ce8c9b762f85b8d388f4d7a67f07eca563a52d414ccee
data/README.md CHANGED
@@ -5,30 +5,6 @@ Gpgenv is similar to [envdir](http://cr.yp.to/daemontools/envdir.html), but it l
5
5
  files. This is very useful if you want to store sensitive credentials on your machine, but you want to
6
6
  keep them encrypted.
7
7
 
8
- Please note that this is *not meant to run services*, despite its similarity to
9
- envdir: When you use it, you will be required to enter the passphrase to decrypt the gpg files. Robots and
10
- automated processes should not have this passphrase (otherwise, why encrypt at all?). The primary use case for this is to stop *you, personally*,
11
- from storing unencrypted, sensitive credentials on disk (like in your .netrc file, your ~/.aws/credentials file, etc), but to still make it
12
- easy for you to actually use these sensitive credentials.
13
-
14
- Also note that gpgenv will ask you to decrypt files *repeatedly* unless you have `gpg-agent` configured, which will make it borderline unusable.
15
-
16
- Gpgenv plays very nicely with [pass](http://www.passwordstore.org/). For example:
17
-
18
- ```bash
19
- # Set up a shortcut to your passwordstore home directory
20
- export GPGENV_HOME=$HOME/.password-store/env
21
-
22
- # Insert your oauth token into your password store:
23
- pass insert env/myservice/OAUTH_TOKEN
24
-
25
- # Use gpgenv to spawn a bash session:
26
- gpgenv myservice bash
27
-
28
- # From the new bash session, use your oauth token to hit the service:
29
- curl https://$user:$OAUTH_TOKEN@myservice.com/get_some_data
30
- ```
31
-
32
8
  ## Why?
33
9
  As an admin, I am guilty of occasionally storing sensitive credentials on disk. Personal experience leads me to believe that this is
34
10
  extremely common. Your .netrc file probably contains all sorts of sensitive data, and even if you use a gpg-encrypted .netrc file, many tools
@@ -42,16 +18,32 @@ on my own machine. I hope that you find it useful as well, and you use it to sto
42
18
 
43
19
  ## Usage
44
20
 
45
- ### Spawn a child process
21
+ ### Setup
22
+ ```bash
23
+ # You might want to add this to your profile.
24
+ export GPGENV_KEY_ID=<key-id-to-use-to-encrypt-stuff>
25
+ ```
26
+
27
+ ### Create or update files in a .gpgenv directory
28
+
29
+ Gpgenv can create a .gpgenv directory without you ever needing to store plaintext
30
+ files permanently on disk. Simply run `gpgedit` to either create a new .gpgenv
31
+ directory, or edit the keys and values in an existing one.
32
+
33
+ Alternatively, if you have a .env file and you'd like to switch to gpgenv, run
34
+ `dotenv2gpg`. You can switch back by running `gpg2dotenv`, if you choose.
35
+
36
+ ### Run a process
46
37
  Gpgenv can spawn a child process that inherits environment variables like so:
47
38
  ```bash
48
- gpgenv /some/dir /some/other/dir "process_to_run argument1 argument2"
39
+ gpgenv "process_to_run argument1 argument2"
49
40
  ```
50
41
 
51
42
  ### Export environment variables
52
43
  Gpgenv can export environment variables in your current shell session, like so:
53
44
  ```bash
54
- eval `gpgshell /some/dir /some/other/dir`
45
+ cd /dir/that/has/a/.gpgenv/subdirectory
46
+ eval `gpgshell`
55
47
  ```
56
48
 
57
49
  ## Contributing
@@ -8,7 +8,7 @@ module Gpgenv
8
8
  class EditCommand < Clamp::Command
9
9
 
10
10
  def execute
11
- env = Gpgenv.read_files
11
+ env = Hash[Gpgenv.read_files.map{|k,v| [ k, to_editable(v) ] }]
12
12
  Tempfile.open('.env', ENV.fetch('TMPDIR', '/tmp')) do |f|
13
13
  env.each do |k,v|
14
14
  f.write("#{k}=#{v}\n")
@@ -26,10 +26,32 @@ module Gpgenv
26
26
  i = line.index('=')
27
27
  key = line[0..i-1]
28
28
  value = line[i+1..-1]
29
- Gpgenv.set(key, value)
29
+ Gpgenv.set(key, from_editable(value))
30
30
  end
31
31
  end
32
32
  end
33
33
 
34
+ private
35
+
36
+ # Convert string to editable string. If it is a multiline string,
37
+ # enclose it in quotes and replace newlines with \n.
38
+ def to_editable(str)
39
+ if str =~ /\n/
40
+ "#{str.gsub(/\n/, '\n')}"
41
+ else
42
+ str
43
+ end
44
+ end
45
+
46
+ # Convert from editable back to the format to write to the file.
47
+ # Replace literal \n with newines, strip quotes.
48
+ def from_editable(str)
49
+ if str =~ /\\n/
50
+ str.gsub(/\\n/, "\n")
51
+ else
52
+ str
53
+ end
54
+ end
55
+
34
56
  end
35
57
  end
@@ -1,3 +1,3 @@
1
1
  module Gpgenv
2
- VERSION = "0.1.2"
2
+ VERSION = "0.1.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gpgenv
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Shea
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-04-08 00:00:00.000000000 Z
11
+ date: 2016-06-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: clamp