harmony-service 0.7.0 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7a9f1a09d3f2d8cb45f24d0c825764a5b23631d1
-  data.tar.gz: e6f38c4ce94e70c4874dd961fe85fad85cb8ec91
+  metadata.gz: a0e2e9b81534396e787c62e5ed43f2bbfe149c78
+  data.tar.gz: c6dba159e3c9c28cca2b1e4c7765fc3fc31df7aa
 SHA512:
-  metadata.gz: 9c941268679edb75fdc3df9bccd1dd1b40c41422d723766239c3492f228860e0e0c42f6e0cc9497bbdfc5961c3bf0ab75137d746f107c9dfbe2983adf64d92e5
-  data.tar.gz: 68c485584262f239749bf187a8468a7a8cdbd2809cefe42ce3fde4b3235edb7e06f5373e264ef57b3e241952efcf3af3a89358912cf1494c1f9eacdd5d6440f3
+  metadata.gz: 0ad4ca5561c19d837f9eccdd298c19a743e93016742f04bb289b096fff762ec170385498944ec53929bfea6d5d7ddad788eba456e04d44cd2ca7e628cb8653a8
+  data.tar.gz: 3cc272bc177e8d5396455012d0efb8bf9a83b4753397b1dcfdcc38cf9bb926d0bd6137d13d2a0f840b23e9beb39117af4b466498125955585e49bb150a387178

data/lib/harmony/service/rake_tasks.rb

@@ -7,19 +7,23 @@ namespace :harmony do
   task :generate_key do
     puts SecureRandom.hex
   end
-  
-  desc 'Write initial secrets to encrypted file.'
-  task :write_secrets  do |t, args|
-    abort "ENV['SEKRETS_KEY'] must be set." unless ENV['SEKRETS_KEY'] 
+
+  desc 'Generate keys and create encrypted sekret files'
+  task :write_secrets do |_t, _args|
     abort "ENV['QUEUE_NAME'] must be set." unless ENV['QUEUE_NAME']
-    abort "ENV['STAGING_AMPQ_URL'] must be set." unless ENV['STAGING_AMPQ_URL'] 
-    abort "ENV['PRODUCTION_AMPQ_URL'] must be set." unless ENV['PRODUCTION_AMPQ_URL'] 
-        
+    abort "ENV['STAGING_AMPQ_URL'] must be set." unless ENV['STAGING_AMPQ_URL']
+    abort "ENV['PRODUCTION_AMPQ_URL'] must be set." unless ENV['PRODUCTION_AMPQ_URL']
+
     secrets = {
-      development: {harmony_queue: ENV['QUEUE_NAME'], ampq_address: ENV['STAGING_AMPQ_URL'], ampq_vhost: 'harmony-staging-queue'},
-      staging: {harmony_queue: ENV['QUEUE_NAME'], ampq_address: ENV['STAGING_AMPQ_URL'], ampq_vhost: 'harmony-staging-queue'},
-      production: {harmony_queue: ENV['QUEUE_NAME'], ampq_address: ENV['PRODUCTION_AMPQ_URL'], ampq_vhost: 'harmony'}
+      development: { harmony_queue: ENV['QUEUE_NAME'], ampq_address: ENV['STAGING_AMPQ_URL'], ampq_vhost: 'harmony-staging-queue' },
+      staging: { harmony_queue: ENV['QUEUE_NAME'], ampq_address: ENV['STAGING_AMPQ_URL'], ampq_vhost: 'harmony-staging-queue' },
+      production: { harmony_queue: ENV['QUEUE_NAME'], ampq_address: ENV['PRODUCTION_AMPQ_URL'], ampq_vhost: 'harmony' }
     }
-    `ruby -r yaml -e'puts(#{secrets}.to_yaml)' | sekrets write config/settings.yml.enc --key #{ENV['SEKRETS_KEY']}`
-  end  
+
+    secrets.each do |env, data|
+      key = SecureRandom.hex
+      `ruby -r yaml -e'puts(#{data}.to_yaml)' | sekrets write config/#{env}.yml.enc --key #{key}`
+      puts "Created config/#{env}.yml.enc using the key #{key}. Store this key-data association in a secure place."
+    end
+  end
 end

data/lib/harmony/service/utils/secrets.rb

@@ -12,7 +12,7 @@ module Harmony
           sekrets_file_path = "./config/#{env}.yml.enc"
           if File.exist?(sekrets_file_path)
             puts "Reading secrets from file: #{sekrets_file_path}"
-            secrets = Sekrets.settings_for(sekrets_file_path)[env] 
+            secrets = Sekrets.settings_for(sekrets_file_path)
             secrets.each_pair{|k,v| ENV[k] = v.to_s } 
           else
             warn "Secrets file doesn't exist: #{sekrets_file_path}"

data/lib/harmony/service/version.rb

@@ -1,6 +1,6 @@
 module Harmony
   module Service
-    VERSION = "0.7.0"
+    VERSION = "0.7.1"
   end
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: harmony-service
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.7.1
 platform: ruby
 authors:
 - Matt Brooke-Smith
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-21 00:00:00.000000000 Z
+date: 2017-11-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sneakers