hephaestus 0.7.2.5 → 0.7.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c7765d138fdb8d7567ed081a07b5445ac63ed443d157a0622a9976c8fbdb3d8d
4
- data.tar.gz: aad9b84f65184358444a6230a102b65f851543c95e3e45c71e1234780d112b3f
3
+ metadata.gz: db088f028c2b24af00eacbc327b259254d38d523762cff49273226cc6e566723
4
+ data.tar.gz: b8ef763acf61503ddd3094855700b237dc5ce8ce7bf9e9bcce93746e45e05542
5
5
  SHA512:
6
- metadata.gz: 49665bc3c14076f8b51bb2bb0716e5ee42f4ec86628a273e5c68e9c1a2c3c6dc1f1d25c82b59ec61a078df0cb4e43c1668e3bf71b7d0ead49a9d846ff5980b22
7
- data.tar.gz: d922e000736affd17405f938395aecb86e843a152174e73f07d6f43180e57c0c11f95f45c252ef755ca6a0da9e5244298b164c5e341db39cadc2f1439ea178ce
6
+ metadata.gz: 7287b9003e6d4e78383291c036811620c2dcf8368803d97f8ea9c6998680af30bed8374f27016674246dcd76705e88b4326625d45c74c9421bc8f4ba12184759
7
+ data.tar.gz: dd2fd426b4670f4b9fd3abb25cb734ff4e021adbbbd5de77a43b5c8fa90c762557efc977b088974873a3b7500e4ae6e27b4ad735db3795037cc7dc7161b98cbe
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ # [v0.7.3] - 18-11-2024
2
+ ## What's Changed
3
+ * Grab entire document of secrets by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/41
4
+
5
+
6
+ **Full Changelog**: https://github.com/yettoapp/hephaestus/compare/v0.7.2.5...v0.7.3
1
7
  # [v0.7.2.5] - 18-11-2024
2
8
  ## What's Changed
3
9
  * This can be empty by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/39
@@ -13,7 +13,15 @@ def fetch_infra_secret(label:, default:)
13
13
  if productionish?
14
14
  op_read("op://Infra/Global Secrets/#{label}")
15
15
  else
16
- ENV.fetch(label.to_s, default.is_a?(Pathname) ? default.read : default)
16
+ ENV.fetch(label, default.is_a?(Pathname) ? default.read : default)
17
+ end
18
+ end
19
+
20
+ def fetch_document_secret(document_secrets:, label:, default:)
21
+ if productionish?
22
+ document_secrets[label]
23
+ else
24
+ ENV.fetch(label, default.is_a?(Pathname) ? default.read : default)
17
25
  end
18
26
  end
19
27
 
@@ -21,6 +29,13 @@ def op_read(label)
21
29
  %x(op read "#{label}").chomp
22
30
  end
23
31
 
32
+ # technically, this gets every secret, including ones UNIQUE
33
+ # to the platform, but we're not using those yet. feels "better"
34
+ # to have the plugs manage those on their own
35
+ def op_get_secrets(vault:, tag:)
36
+ %x(op item list --vault #{vault} --tags #{tag} --format json | op item get - --reveal --format=json)
37
+ end
38
+
24
39
  def productionish?
25
40
  Rails.env.production? || Rails.env.staging?
26
41
  end
@@ -75,7 +90,12 @@ module Hephaestus
75
90
  "web.yetto.test"
76
91
  end
77
92
 
78
- SLACK_LOG_URL = fetch_infra_secret(
93
+ # Every plug has these secrets; to reduce the amount of API calls to 1Password,
94
+ # we can grab one document that contains all the secrets we need
95
+ fetched_secrets = op_get_secrets(vault: "Plug-#{plug_name}", tag: ENV["RAILS_ENV"])
96
+
97
+ SLACK_LOG_URL = fetch_document_secret(
98
+ fetched_secrets,
79
99
  label: "SLACK_LOG_URL",
80
100
  default: "https://slack.com/the_log_room",
81
101
  )
@@ -83,8 +103,21 @@ module Hephaestus
83
103
  YETTO_API_URL = "#{YETTO_URL}/api"
84
104
  YETTO_REDIRECT_URL = productionish? ? "#{PROTOCOL}#{YETTO_URL}" : "#{PROTOCOL}127.0.0.1:3000"
85
105
 
86
- # Every plug has these secrets
87
- YETTO_PLUG_PEM = fetch_plug_env_secret(label: "YETTO_PLUG_PEM", default: Rails.root.join("test/fixtures/files/fake_pem_file/fake.pem"))
88
- YETTO_SIGNING_SECRET = fetch_plug_env_secret(label: "YETTO_SIGNING_SECRET", default: "super-secret")
89
- YETTO_PLUG_ID = fetch_plug_env_secret(label: "YETTO_PLUG_ID", default: "plug-id")
106
+ YETTO_PLUG_PEM = fetch_document_secret(
107
+ fetched_secrets,
108
+ label: "YETTO_PLUG_PEM",
109
+ default: Rails.root.join("test/fixtures/files/fake_pem_file/fake.pem"),
110
+ )
111
+
112
+ YETTO_SIGNING_SECRET = fetch_document_secret(
113
+ fetched_secrets,
114
+ label: "YETTO_SIGNING_SECRET",
115
+ default: "super-secret",
116
+ )
117
+
118
+ YETTO_PLUG_ID = fetch_document_secret(
119
+ fetched_secrets,
120
+ label: "YETTO_PLUG_ID",
121
+ default: "plug-id",
122
+ )
90
123
  end
@@ -2,7 +2,7 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Hephaestus
5
- VERSION = "0.7.2.5"
5
+ VERSION = "0.7.3"
6
6
  RAILS_VERSION = ">= 8.0"
7
7
  RUBY_VERSION = File
8
8
  .read("#{File.dirname(__FILE__)}/../../.ruby-version")
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hephaestus
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.2.5
4
+ version: 0.7.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Garen Torikian