handsomefencer-environment 0.2.4 → 0.2.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +4 -3
- data/Gemfile.lock +1 -1
- data/Guardfile +3 -3
- data/README.md +47 -12
- data/handsomefencer-environment.gemspec +2 -2
- data/lib/handsomefencer/environment/crypto.rb +9 -4
- data/lib/handsomefencer/environment/version.rb +1 -1
- metadata +6 -10
- data/.env/backup.env +0 -4
- data/.env/circle.env +0 -4
- data/.env/development/backup.env +0 -4
- data/sourcefiles/circle.env +0 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4a022cae1c1d3ab7e88af0fb276719d54fd6ff0b1771221f32890adc2d2505c8
|
4
|
+
data.tar.gz: cf6c3c59a01bd32cba79299fc19a9d4eefb7156cfc5b232b70df7d348cce92cf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5b0989d9804b89e7ff45f4244ef3f08c16e2b4f6af2eddab6d08ee13437e3e98e793ebb739de16455fafdc2a5e85db7e8b5b77370f90b5f0c253e1fff15308aa
|
7
|
+
data.tar.gz: c11b2b5d43f637d559ed378ad17675d1a57434f314fb65194aeb3c3cf29ef7c62b50a2795da4e7f363f1282e788bb21da2d9e1527173fdfc4fc88238384f83b8
|
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
data/Guardfile
CHANGED
@@ -15,11 +15,11 @@
|
|
15
15
|
#
|
16
16
|
# and, you'll have to watch "config/Guardfile" instead of "Guardfile"
|
17
17
|
|
18
|
-
guard :minitest do
|
18
|
+
guard :minitest, all_on_start: false do
|
19
19
|
# with Minitest::Unit
|
20
|
-
watch(%r{^test/(.*)\/?test_(.*)\.rb$})
|
20
|
+
# watch(%r{^test/(.*)\/?test_(.*)\.rb$})
|
21
21
|
watch(%r{^test/(.*)\/?(.*)_test\.rb$})
|
22
|
-
watch(%r{^lib/(.*/)?([^/]+)\.rb$}) { |m| "test/#{m[1]}test_#{m[2]}.rb" }
|
22
|
+
# watch(%r{^lib/(.*/)?([^/]+)\.rb$}) { |m| "test/#{m[1]}test_#{m[2]}.rb" }
|
23
23
|
watch(%r{^test/test_helper\.rb$}) { 'test' }
|
24
24
|
watch(%r{^lib/(.*)\/?(.*)\.rb$}) { 'test' }
|
25
25
|
|
data/README.md
CHANGED
@@ -1,7 +1,6 @@
|
|
1
1
|
# Handsomefencer::Environment
|
2
2
|
|
3
|
-
|
4
|
-
|
3
|
+
Obscure your environment files in source control, expose them for deploys.
|
5
4
|
|
6
5
|
## Installation
|
7
6
|
|
@@ -21,24 +20,60 @@ Or install it yourself as:
|
|
21
20
|
|
22
21
|
## Usage
|
23
22
|
|
24
|
-
|
23
|
+
Create a .env directory at the root of your app. In it, place any environment files you'd like to obfuscate in source control:
|
25
24
|
|
26
|
-
|
25
|
+
.env/development.env
|
26
|
+
.env/staging.env
|
27
|
+
.env/production.env
|
27
28
|
|
28
|
-
|
29
|
+
Or you can namespace them like so:
|
30
|
+
|
31
|
+
.env/production/database.env
|
32
|
+
|
33
|
+
If you aren't using Rails, or don't otherwise already have a config directory, go ahead and create one because we're going to generate a deploy.key to put inside it:
|
34
|
+
|
35
|
+
`$ mkdir config`
|
36
|
+
|
37
|
+
Then write a ruby script at the root of your project called obfuscate_env.rb and put code like this inside:
|
38
|
+
|
39
|
+
```ruby
|
40
|
+
require 'handsomefencer/environment'
|
41
|
+
cipher = Handsomefencer::Environment::Crypto.new
|
42
|
+
cipher.obfuscate
|
43
|
+
```
|
44
|
+
|
45
|
+
Now you should be able to run the script like so:
|
46
|
+
|
47
|
+
`$ ruby obfuscate_env.rb`
|
48
|
+
|
49
|
+
You should now have a config/deploy.key file as well as an encoded version of each .env file in your .env directory. For example:
|
29
50
|
|
30
|
-
|
51
|
+
.env/development.env
|
52
|
+
.env/development.env.enc
|
31
53
|
|
32
|
-
|
54
|
+
You may wish to confirm that the deploy key and the .env files have been added to your .gitignore, and also that they are not still cached in your repo.
|
55
|
+
|
56
|
+
Next, write a ruby script at the root of your project called expose_env.rb and put code like this inside:
|
57
|
+
|
58
|
+
```ruby
|
59
|
+
require 'handsomefencer/environment'
|
60
|
+
cipher = Handsomefencer::Environment::Crypto.new
|
61
|
+
cipher.expose
|
62
|
+
|
63
|
+
```
|
64
|
+
|
65
|
+
Once your code is on the deploy server, you can either create a deploy key with the correct key inside, or set it as a DEPLOY_KEY environment variable. Then you can expose the variables with:
|
66
|
+
|
67
|
+
`$ ruby expose_env.rb`
|
68
|
+
|
69
|
+
## Development
|
70
|
+
|
71
|
+
After checking out the repo, run `bundle` to install dependencies. There are some issues with the test_helper loading that I don't understand at the moment, but the tests will run automatically and correctly when saved, after running `bundle exec guard`.
|
33
72
|
|
34
73
|
## Contributing
|
35
74
|
|
36
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/schadenfred/handsomefencer-environment.
|
75
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/schadenfred/handsomefencer-environment.
|
37
76
|
|
38
77
|
## License
|
39
78
|
|
40
79
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
41
|
-
|
42
|
-
## Code of Conduct
|
43
|
-
|
44
|
-
Everyone interacting in the Handsomefencer::Environment project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/schadenfred/handsomefencer-environment/blob/master/CODE_OF_CONDUCT.md).
|
@@ -34,10 +34,10 @@ Gem::Specification.new do |spec|
|
|
34
34
|
|
35
35
|
spec.add_development_dependency "bundler"
|
36
36
|
spec.add_development_dependency "rake"
|
37
|
-
spec.add_development_dependency "minitest"
|
38
|
-
spec.add_development_dependency "minitest-given"
|
39
37
|
spec.add_development_dependency "guard"
|
40
38
|
spec.add_development_dependency "guard-minitest"
|
39
|
+
spec.add_development_dependency "minitest"
|
40
|
+
spec.add_development_dependency "minitest-given"
|
41
41
|
spec.add_development_dependency "rb-readline"
|
42
42
|
spec.add_development_dependency "byebug"
|
43
43
|
end
|
@@ -20,12 +20,18 @@ class Handsomefencer::Environment::Crypto
|
|
20
20
|
def save_deploy_key
|
21
21
|
@new_key = @cipher.random_key
|
22
22
|
write_to_file Base64.encode64(@new_key), dkfile
|
23
|
-
|
24
|
-
open('.gitignore', 'a') { |f| f << "/" + dkfile }
|
25
|
-
end
|
23
|
+
ignore_sensitive_files
|
26
24
|
read_deploy_key
|
27
25
|
end
|
28
26
|
|
27
|
+
def ignore_sensitive_files
|
28
|
+
["/#{dkfile}", "/.env/*"].each do |pattern|
|
29
|
+
unless File.read('.gitignore').match pattern
|
30
|
+
open('.gitignore', 'a') { |f| f << pattern }
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
29
35
|
def read_deploy_key
|
30
36
|
File.exist?(dkfile) ? Base64.decode64(File.read dkfile) : nil
|
31
37
|
end
|
@@ -61,7 +67,6 @@ class Handsomefencer::Environment::Crypto
|
|
61
67
|
source_files(directory, extension).each { |file| decrypt(file) }
|
62
68
|
end
|
63
69
|
|
64
|
-
|
65
70
|
private
|
66
71
|
|
67
72
|
def dkfile
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: handsomefencer-environment
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- schadenfred
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-08-
|
11
|
+
date: 2018-08-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -39,7 +39,7 @@ dependencies:
|
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '0'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
42
|
+
name: guard
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
45
|
- - ">="
|
@@ -53,7 +53,7 @@ dependencies:
|
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '0'
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
|
-
name: minitest
|
56
|
+
name: guard-minitest
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
59
|
- - ">="
|
@@ -67,7 +67,7 @@ dependencies:
|
|
67
67
|
- !ruby/object:Gem::Version
|
68
68
|
version: '0'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
70
|
+
name: minitest
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
73
|
- - ">="
|
@@ -81,7 +81,7 @@ dependencies:
|
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: '0'
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
|
-
name:
|
84
|
+
name: minitest-given
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
87
|
- - ">="
|
@@ -130,9 +130,6 @@ executables: []
|
|
130
130
|
extensions: []
|
131
131
|
extra_rdoc_files: []
|
132
132
|
files:
|
133
|
-
- ".env/backup.env"
|
134
|
-
- ".env/circle.env"
|
135
|
-
- ".env/development/backup.env"
|
136
133
|
- ".gitignore"
|
137
134
|
- ".ruby-gemset"
|
138
135
|
- ".ruby-version"
|
@@ -154,7 +151,6 @@ files:
|
|
154
151
|
- lib/tasks/environment/expose.rake
|
155
152
|
- lib/tasks/environment/obfuscate.rake
|
156
153
|
- obfuscate_env.rb
|
157
|
-
- sourcefiles/circle.env
|
158
154
|
homepage: https://github.com/schadenfred/handsomefencer-environment
|
159
155
|
licenses:
|
160
156
|
- MIT
|
data/.env/backup.env
DELETED
data/.env/circle.env
DELETED
data/.env/development/backup.env
DELETED
data/sourcefiles/circle.env
DELETED