handsomefencer-environment 0.2.0 → 0.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.env/backup.env +1 -1
- data/.env/circle.env +1 -1
- data/.env/development/backup.env +1 -1
- data/.gitignore +3 -0
- data/Gemfile.lock +1 -3
- data/expose_env.rb +3 -0
- data/handsomefencer-environment.gemspec +7 -9
- data/lib/handsomefencer/environment/crypto.rb +42 -46
- data/lib/handsomefencer/environment/version.rb +1 -1
- data/obfuscate_env.rb +3 -0
- data/sourcefiles/circle.env +1 -1
- metadata +5 -23
- data/.env/backup.env.enc +0 -3
- data/.env/circle.env.enc +0 -3
- data/.env/development/backup.env.enc +0 -3
- data/CODE_OF_CONDUCT.md +0 -74
- data/config/master.key +0 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b77e623586da124d51c5005461619f94df0dc300fda62938fcd5ba5baf92cdcf
|
4
|
+
data.tar.gz: e38c8d0ea5e90551acd9ecce6bdb8189274908e4998e1e8d1f3101deb15ce565
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a214d95cbf7d3fcd22ec73a9480fc093a46a135e1cada6a47b4dbaf1b73b4436275047611b1da1e0ee1542490d044d84b8e6acb503ceafff3dc57aedbb54b7bc
|
7
|
+
data.tar.gz: 2ec84bc56f81fd8851d0c3ec4aa87256fd82b1e53ebbf81262ce67c9e105e3374183db4788a59e560e5be3c9d70dcaff55fd1f566b5e23ff4770f05a152f95e3
|
data/.env/backup.env
CHANGED
data/.env/circle.env
CHANGED
data/.env/development/backup.env
CHANGED
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,14 +1,13 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
handsomefencer-environment (0.2.
|
4
|
+
handsomefencer-environment (0.2.4)
|
5
5
|
|
6
6
|
GEM
|
7
7
|
remote: https://rubygems.org/
|
8
8
|
specs:
|
9
9
|
byebug (10.0.2)
|
10
10
|
coderay (1.1.2)
|
11
|
-
fakefs (0.18.0)
|
12
11
|
ffi (1.9.25)
|
13
12
|
formatador (0.2.5)
|
14
13
|
given_core (3.8.0)
|
@@ -59,7 +58,6 @@ PLATFORMS
|
|
59
58
|
DEPENDENCIES
|
60
59
|
bundler
|
61
60
|
byebug
|
62
|
-
fakefs
|
63
61
|
guard
|
64
62
|
guard-minitest
|
65
63
|
handsomefencer-environment!
|
data/expose_env.rb
ADDED
@@ -33,13 +33,11 @@ Gem::Specification.new do |spec|
|
|
33
33
|
spec.require_paths = ["lib"]
|
34
34
|
|
35
35
|
spec.add_development_dependency "bundler"
|
36
|
-
spec.add_development_dependency "rake"
|
37
|
-
spec.add_development_dependency "minitest"
|
38
|
-
spec.add_development_dependency "minitest-given"
|
39
|
-
spec.add_development_dependency "guard"
|
40
|
-
|
41
|
-
spec.add_development_dependency "
|
42
|
-
spec.add_development_dependency "
|
43
|
-
spec.add_development_dependency "fakefs" #, "0.5.5"
|
44
|
-
spec.add_development_dependency "byebug" #, "10.0.2"
|
36
|
+
spec.add_development_dependency "rake"
|
37
|
+
spec.add_development_dependency "minitest"
|
38
|
+
spec.add_development_dependency "minitest-given"
|
39
|
+
spec.add_development_dependency "guard"
|
40
|
+
spec.add_development_dependency "guard-minitest"
|
41
|
+
spec.add_development_dependency "rb-readline"
|
42
|
+
spec.add_development_dependency "byebug"
|
45
43
|
end
|
@@ -4,53 +4,44 @@ require 'base64'
|
|
4
4
|
class Handsomefencer::Environment::Crypto
|
5
5
|
|
6
6
|
def initialize
|
7
|
-
@cipher = OpenSSL::Cipher
|
8
|
-
@
|
9
|
-
|
10
|
-
@key = (get_deploy_key ||= @cipher.random_key)
|
7
|
+
@cipher = OpenSSL::Cipher.new 'AES-128-CBC'
|
8
|
+
@salt = '8 octets'
|
9
|
+
get_deploy_key
|
11
10
|
end
|
12
11
|
|
13
|
-
def
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
12
|
+
def get_deploy_key
|
13
|
+
if ENV['DEPLOY_KEY'].nil?
|
14
|
+
@pass_phrase = read_deploy_key.nil? ? save_deploy_key : read_deploy_key
|
15
|
+
else
|
16
|
+
@pass_phrase = ENV['DEPLOY_KEY']
|
17
|
+
end
|
18
18
|
end
|
19
19
|
|
20
|
-
def
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
decrypted_file = file.split('.enc').first
|
28
|
-
File.delete decrypted_file if File.exist? decrypted_file
|
29
|
-
write_to_file(decrypted, decrypted_file)
|
30
|
-
@cipher.reset
|
20
|
+
def save_deploy_key
|
21
|
+
@new_key = @cipher.random_key
|
22
|
+
write_to_file Base64.encode64(@new_key), dkfile
|
23
|
+
unless File.read('.gitignore').match dkfile
|
24
|
+
open('.gitignore', 'a') { |f| f << "/" + dkfile }
|
25
|
+
end
|
26
|
+
read_deploy_key
|
31
27
|
end
|
32
28
|
|
33
|
-
def
|
34
|
-
|
35
|
-
File.delete file if File.exist? file
|
36
|
-
key = Base64.encode64(@cipher.random_key)
|
37
|
-
write_to_file(key, file)
|
38
|
-
if File.exist? '.gitignore'
|
39
|
-
open('.gitignore', 'a') do |f|
|
40
|
-
f << "\/config\/deploy.key"
|
41
|
-
end
|
42
|
-
end
|
29
|
+
def read_deploy_key
|
30
|
+
File.exist?(dkfile) ? Base64.decode64(File.read dkfile) : nil
|
43
31
|
end
|
44
32
|
|
45
|
-
def
|
46
|
-
|
47
|
-
|
48
|
-
|
33
|
+
def encrypt(file)
|
34
|
+
@cipher.encrypt.pkcs5_keyivgen @pass_phrase, @salt
|
35
|
+
encrypted = @cipher.update(File.read file) + @cipher.final
|
36
|
+
write_to_file(Base64.encode64(encrypted), file + '.enc')
|
49
37
|
end
|
50
38
|
|
51
|
-
def
|
52
|
-
|
53
|
-
|
39
|
+
def decrypt(file)
|
40
|
+
encrypted = Base64.decode64 File.read(file)
|
41
|
+
@cipher.decrypt.pkcs5_keyivgen @pass_phrase, @salt
|
42
|
+
decrypted = @cipher.update(encrypted) + @cipher.final
|
43
|
+
decrypted_file = file.split('.enc').first
|
44
|
+
write_to_file decrypted, decrypted_file
|
54
45
|
end
|
55
46
|
|
56
47
|
def source_files(directory=nil, extension=nil)
|
@@ -61,19 +52,24 @@ class Handsomefencer::Environment::Crypto
|
|
61
52
|
def obfuscate(directory=nil, extension=nil)
|
62
53
|
extension = extension || '.env'
|
63
54
|
directory = directory || '.env'
|
64
|
-
|
65
|
-
|
66
|
-
files.each do |file|
|
67
|
-
encrypt(file)
|
68
|
-
end
|
55
|
+
source_files(directory, extension).each { |file| encrypt file }
|
69
56
|
end
|
70
57
|
|
71
58
|
def expose(directory=nil, extension=nil)
|
72
59
|
extension = extension || '.env.enc'
|
73
60
|
directory = directory || '.env'
|
74
|
-
|
75
|
-
files.each do |file|
|
76
|
-
decrypt(file)
|
77
|
-
end
|
61
|
+
source_files(directory, extension).each { |file| decrypt(file) }
|
78
62
|
end
|
63
|
+
|
64
|
+
|
65
|
+
private
|
66
|
+
|
67
|
+
def dkfile
|
68
|
+
"config/deploy.key"
|
69
|
+
end
|
70
|
+
|
71
|
+
def write_to_file(data, filename)
|
72
|
+
open(filename, "w") { |io| io.write data }
|
73
|
+
end
|
74
|
+
|
79
75
|
end
|
data/obfuscate_env.rb
ADDED
data/sourcefiles/circle.env
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: handsomefencer-environment
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- schadenfred
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-08-
|
11
|
+
date: 2018-08-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -108,20 +108,6 @@ dependencies:
|
|
108
108
|
- - ">="
|
109
109
|
- !ruby/object:Gem::Version
|
110
110
|
version: '0'
|
111
|
-
- !ruby/object:Gem::Dependency
|
112
|
-
name: fakefs
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
114
|
-
requirements:
|
115
|
-
- - ">="
|
116
|
-
- !ruby/object:Gem::Version
|
117
|
-
version: '0'
|
118
|
-
type: :development
|
119
|
-
prerelease: false
|
120
|
-
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
requirements:
|
122
|
-
- - ">="
|
123
|
-
- !ruby/object:Gem::Version
|
124
|
-
version: '0'
|
125
111
|
- !ruby/object:Gem::Dependency
|
126
112
|
name: byebug
|
127
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -145,15 +131,11 @@ extensions: []
|
|
145
131
|
extra_rdoc_files: []
|
146
132
|
files:
|
147
133
|
- ".env/backup.env"
|
148
|
-
- ".env/backup.env.enc"
|
149
134
|
- ".env/circle.env"
|
150
|
-
- ".env/circle.env.enc"
|
151
135
|
- ".env/development/backup.env"
|
152
|
-
- ".env/development/backup.env.enc"
|
153
136
|
- ".gitignore"
|
154
137
|
- ".ruby-gemset"
|
155
138
|
- ".ruby-version"
|
156
|
-
- CODE_OF_CONDUCT.md
|
157
139
|
- Gemfile
|
158
140
|
- Gemfile.lock
|
159
141
|
- Guardfile
|
@@ -162,8 +144,7 @@ files:
|
|
162
144
|
- Rakefile
|
163
145
|
- bin/console
|
164
146
|
- bin/setup
|
165
|
-
-
|
166
|
-
- config/master.key
|
147
|
+
- expose_env.rb
|
167
148
|
- handsomefencer-environment.gemspec
|
168
149
|
- lib/handsomefencer/environment.rb
|
169
150
|
- lib/handsomefencer/environment/crypto.rb
|
@@ -172,6 +153,7 @@ files:
|
|
172
153
|
- lib/rake_gem/railtie.rb
|
173
154
|
- lib/tasks/environment/expose.rake
|
174
155
|
- lib/tasks/environment/obfuscate.rake
|
156
|
+
- obfuscate_env.rb
|
175
157
|
- sourcefiles/circle.env
|
176
158
|
homepage: https://github.com/schadenfred/handsomefencer-environment
|
177
159
|
licenses:
|
@@ -194,7 +176,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
194
176
|
version: '0'
|
195
177
|
requirements: []
|
196
178
|
rubyforge_project:
|
197
|
-
rubygems_version: 2.7.
|
179
|
+
rubygems_version: 2.7.3
|
198
180
|
signing_key:
|
199
181
|
specification_version: 4
|
200
182
|
summary: Obfuscate and expose environment files
|
data/.env/backup.env.enc
DELETED
data/.env/circle.env.enc
DELETED
data/CODE_OF_CONDUCT.md
DELETED
@@ -1,74 +0,0 @@
|
|
1
|
-
# Contributor Covenant Code of Conduct
|
2
|
-
|
3
|
-
## Our Pledge
|
4
|
-
|
5
|
-
In the interest of fostering an open and welcoming environment, we as
|
6
|
-
contributors and maintainers pledge to making participation in our project and
|
7
|
-
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
-
size, disability, ethnicity, gender identity and expression, level of experience,
|
9
|
-
nationality, personal appearance, race, religion, or sexual identity and
|
10
|
-
orientation.
|
11
|
-
|
12
|
-
## Our Standards
|
13
|
-
|
14
|
-
Examples of behavior that contributes to creating a positive environment
|
15
|
-
include:
|
16
|
-
|
17
|
-
* Using welcoming and inclusive language
|
18
|
-
* Being respectful of differing viewpoints and experiences
|
19
|
-
* Gracefully accepting constructive criticism
|
20
|
-
* Focusing on what is best for the community
|
21
|
-
* Showing empathy towards other community members
|
22
|
-
|
23
|
-
Examples of unacceptable behavior by participants include:
|
24
|
-
|
25
|
-
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
-
advances
|
27
|
-
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
-
* Public or private harassment
|
29
|
-
* Publishing others' private information, such as a physical or electronic
|
30
|
-
address, without explicit permission
|
31
|
-
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
-
professional setting
|
33
|
-
|
34
|
-
## Our Responsibilities
|
35
|
-
|
36
|
-
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
-
behavior and are expected to take appropriate and fair corrective action in
|
38
|
-
response to any instances of unacceptable behavior.
|
39
|
-
|
40
|
-
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
-
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
-
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
-
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
-
threatening, offensive, or harmful.
|
45
|
-
|
46
|
-
## Scope
|
47
|
-
|
48
|
-
This Code of Conduct applies both within project spaces and in public spaces
|
49
|
-
when an individual is representing the project or its community. Examples of
|
50
|
-
representing a project or community include using an official project e-mail
|
51
|
-
address, posting via an official social media account, or acting as an appointed
|
52
|
-
representative at an online or offline event. Representation of a project may be
|
53
|
-
further defined and clarified by project maintainers.
|
54
|
-
|
55
|
-
## Enforcement
|
56
|
-
|
57
|
-
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
58
|
-
reported by contacting the project team at fred.schoeneman@gmail.com. All
|
59
|
-
complaints will be reviewed and investigated and will result in a response that
|
60
|
-
is deemed necessary and appropriate to the circumstances. The project team is
|
61
|
-
obligated to maintain confidentiality with regard to the reporter of an incident.
|
62
|
-
Further details of specific enforcement policies may be posted separately.
|
63
|
-
|
64
|
-
Project maintainers who do not follow or enforce the Code of Conduct in good
|
65
|
-
faith may face temporary or permanent repercussions as determined by other
|
66
|
-
members of the project's leadership.
|
67
|
-
|
68
|
-
## Attribution
|
69
|
-
|
70
|
-
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
71
|
-
available at [http://contributor-covenant.org/version/1/4][version]
|
72
|
-
|
73
|
-
[homepage]: http://contributor-covenant.org
|
74
|
-
[version]: http://contributor-covenant.org/version/1/4/
|
data/config/master.key
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
railsmasterkeyfrommasterkeyfile
|