RubyGems - hekate - Versions diffs - 0.1.0.pre6 → 0.1.0.pre7 - Mend

hekate 0.1.0.pre6 → 0.1.0.pre7

Files changed (6) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: faf6890a4b44d13a6e08b85928dd6e1c884821d3
-  data.tar.gz: 82df5130cbdf42864498cfa72539c0e6b05db1d1
+  metadata.gz: 20df888c0a62cc6f59feb453035229be2abea3aa
+  data.tar.gz: 9955e6f9662c80458c789c35cc324956621400fd
 SHA512:
-  metadata.gz: f33c2ad07d6be4ef3eb7496d3dec102c2a98fbc48c1d205ba319768dcdeced9a74cfc118798ada9d51ccf0995a048b9573b4189a49df060d2330b4df16c60802
-  data.tar.gz: cdeb35a1ba11023ac591d1649f22110a2bd998c848c7f375d987692dd613c21a4894afad4575f8149c5c2340ef1021732e440b804ea53164e31d9017cfe2295e
+  metadata.gz: 95dab678895dbcb99efeacee42ccaab1ea0d66883ab2d9579f8b44e3450dc7d71c16bcc0abaf099686d95584e251243afe43fff3ff9c2d5da43e70849d30eaac
+  data.tar.gz: 2095bc4ae40024a1c04dd2c2180c9333685833c818cb5f365d5df35d30b065e006d9518cd22699152d97b0c09ba064d811a64cd73f093380e289b2da5176bff9

data/Gemfile.lock CHANGED

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    hekate (0.1.0.pre5)
+    hekate (0.1.0.pre6)
       aws-sdk (~> 2.9, >= 2.9.0)
       commander (~> 4.4, >= 4.4.0)
       ec2-metadata (~> 0.2, >= 0.2.0)

data/README.md CHANGED

@@ -1,8 +1,6 @@
 # Hekate
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/hekate`. To experiment with that code, run `bin/console` for an interactive prompt.
-TODO: Delete this and the text above, and describe your gem
+Hekate is a gem for encrypting, storing and consuming rails application secrets as Amazon SSM parameters
 ## Installation
@@ -20,15 +18,75 @@ Or install it yourself as:
     $ gem install hekate
+When included in a rails application Hekate will read credentials directly from AWS SMS Parameter store based on the RAILS_ENV, HEKATE_APPLICATION and AWS_REGION environment variables and store them as local ENV variables available to the rails applicaiton.
 ## Usage
+Hekate requires AWS authentication and assumes credentials are provided to the executing system via one of the available amazon authentication methods. It does not ever accept credentials via command line.
+It is recommended that you use 2 different roles in IAM similar to the following.
+#### Hekate User - read only parameter access
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1497208350000",
+            "Effect": "Allow",
+            "Action": [
+                "ssm:DescribeParameters",
+                "ssm:GetParameters"
+            ],
+            "Resource": [
+                "*"
+            ]
+        },
+        {
+            "Sid": "Stmt1497208350001",
+            "Effect": "Allow",
+            "Action": "kms:Decrypt",
+            "Resource": "*"
+        }
+    ]
+}
+```
+#### Hekate Admin
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1497208350000",
+            "Effect": "Allow",
+            "Action": [
+                "ssm:DescribeParameters",
+                "ssm:GetParameters",
+                "ssm:PutParameter"
+            ],
+            "Resource": [
+                "*"
+            ]
+        },
+        {
+            "Sid": "Stmt1497208350001",
+            "Effect": "Allow",
+            "Action": "kms:*",
+            "Resource": "*"
+        }
+    ]
+}
+```
+### Commands
+help - lists avalable commands. For help on a specific command issue `hekate command --help`
-TODO: Write usage instructions here
+put - adds one item to the parameter store
-## Development
+delete - deletes on item from the parameter store
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+import - imports a .env formatted secrets file
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+export - exports to a .env formatted secrets file
 ## Contributing

data/lib/hekate/engine.rb CHANGED

@@ -67,10 +67,16 @@ module Hekate
     def get_parameter(key)
       parameter_key = "#{@application}.#{@environment}.#{key}"
-      ssm.get_parameters(
+      parameters = ssm.get_parameters(
         names: [parameter_key],
         with_decryption: true
-      ).parameters.first["value"]
+      ).parameters
+      if parameters.to_a.empty?
+        puts "Could not find parameter #{parameter_key}"
+      else
+        puts parameters.first["value"]
+      end
     end
     def delete_parameter(key)

data/lib/hekate/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Hekate
-  VERSION = '0.1.0.pre6'.freeze
+  VERSION = '0.1.0.pre7'.freeze
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hekate
 version: !ruby/object:Gem::Version
-  version: 0.1.0.pre6
+  version: 0.1.0.pre7
 platform: ruby
 authors:
 - jasonrisch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-06-19 00:00:00.000000000 Z
+date: 2017-07-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -191,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.1
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.12
+rubygems_version: 2.5.1
 signing_key:
 specification_version: 4
 summary: A simple rails interface for hiding secrets in AWS EC2 Parameters