hephaestus 0.7.2.5 → 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/config/initializers/environment.rb +39 -6
  4. data/lib/hephaestus/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c7765d138fdb8d7567ed081a07b5445ac63ed443d157a0622a9976c8fbdb3d8d
4
- data.tar.gz: aad9b84f65184358444a6230a102b65f851543c95e3e45c71e1234780d112b3f
3
+ metadata.gz: db088f028c2b24af00eacbc327b259254d38d523762cff49273226cc6e566723
4
+ data.tar.gz: b8ef763acf61503ddd3094855700b237dc5ce8ce7bf9e9bcce93746e45e05542
5
5
  SHA512:
6
- metadata.gz: 49665bc3c14076f8b51bb2bb0716e5ee42f4ec86628a273e5c68e9c1a2c3c6dc1f1d25c82b59ec61a078df0cb4e43c1668e3bf71b7d0ead49a9d846ff5980b22
7
- data.tar.gz: d922e000736affd17405f938395aecb86e843a152174e73f07d6f43180e57c0c11f95f45c252ef755ca6a0da9e5244298b164c5e341db39cadc2f1439ea178ce
6
+ metadata.gz: 7287b9003e6d4e78383291c036811620c2dcf8368803d97f8ea9c6998680af30bed8374f27016674246dcd76705e88b4326625d45c74c9421bc8f4ba12184759
7
+ data.tar.gz: dd2fd426b4670f4b9fd3abb25cb734ff4e021adbbbd5de77a43b5c8fa90c762557efc977b088974873a3b7500e4ae6e27b4ad735db3795037cc7dc7161b98cbe
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ # [v0.7.3] - 18-11-2024
2
+ ## What's Changed
3
+ * Grab entire document of secrets by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/41
4
+
5
+
6
+ **Full Changelog**: https://github.com/yettoapp/hephaestus/compare/v0.7.2.5...v0.7.3
1
7
  # [v0.7.2.5] - 18-11-2024
2
8
  ## What's Changed
3
9
  * This can be empty by @gjtorikian in https://github.com/yettoapp/hephaestus/pull/39
data/config/initializers/environment.rb CHANGED
@@ -13,7 +13,15 @@ def fetch_infra_secret(label:, default:)
13
13
  if productionish?
14
14
  op_read("op://Infra/Global Secrets/#{label}")
15
15
  else
16
- ENV.fetch(label.to_s, default.is_a?(Pathname) ? default.read : default)
16
+ ENV.fetch(label, default.is_a?(Pathname) ? default.read : default)
17
+ end
18
+ end
19
+
20
+ def fetch_document_secret(document_secrets:, label:, default:)
21
+ if productionish?
22
+ document_secrets[label]
23
+ else
24
+ ENV.fetch(label, default.is_a?(Pathname) ? default.read : default)
17
25
  end
18
26
  end
19
27
 
@@ -21,6 +29,13 @@ def op_read(label)
21
29
  %x(op read "#{label}").chomp
22
30
  end
23
31
 
32
+ # technically, this gets every secret, including ones UNIQUE
33
+ # to the platform, but we're not using those yet. feels "better"
34
+ # to have the plugs manage those on their own
35
+ def op_get_secrets(vault:, tag:)
36
+ %x(op item list --vault #{vault} --tags #{tag} --format json | op item get - --reveal --format=json)
37
+ end
38
+
24
39
  def productionish?
25
40
  Rails.env.production? || Rails.env.staging?
26
41
  end
@@ -75,7 +90,12 @@ module Hephaestus
75
90
  "web.yetto.test"
76
91
  end
77
92
 
78
- SLACK_LOG_URL = fetch_infra_secret(
93
+ # Every plug has these secrets; to reduce the amount of API calls to 1Password,
94
+ # we can grab one document that contains all the secrets we need
95
+ fetched_secrets = op_get_secrets(vault: "Plug-#{plug_name}", tag: ENV["RAILS_ENV"])
96
+
97
+ SLACK_LOG_URL = fetch_document_secret(
98
+ fetched_secrets,
79
99
  label: "SLACK_LOG_URL",
80
100
  default: "https://slack.com/the_log_room",
81
101
  )
@@ -83,8 +103,21 @@ module Hephaestus
83
103
  YETTO_API_URL = "#{YETTO_URL}/api"
84
104
  YETTO_REDIRECT_URL = productionish? ? "#{PROTOCOL}#{YETTO_URL}" : "#{PROTOCOL}127.0.0.1:3000"
85
105
 
86
- # Every plug has these secrets
87
- YETTO_PLUG_PEM = fetch_plug_env_secret(label: "YETTO_PLUG_PEM", default: Rails.root.join("test/fixtures/files/fake_pem_file/fake.pem"))
88
- YETTO_SIGNING_SECRET = fetch_plug_env_secret(label: "YETTO_SIGNING_SECRET", default: "super-secret")
89
- YETTO_PLUG_ID = fetch_plug_env_secret(label: "YETTO_PLUG_ID", default: "plug-id")
106
+ YETTO_PLUG_PEM = fetch_document_secret(
107
+ fetched_secrets,
108
+ label: "YETTO_PLUG_PEM",
109
+ default: Rails.root.join("test/fixtures/files/fake_pem_file/fake.pem"),
110
+ )
111
+
112
+ YETTO_SIGNING_SECRET = fetch_document_secret(
113
+ fetched_secrets,
114
+ label: "YETTO_SIGNING_SECRET",
115
+ default: "super-secret",
116
+ )
117
+
118
+ YETTO_PLUG_ID = fetch_document_secret(
119
+ fetched_secrets,
120
+ label: "YETTO_PLUG_ID",
121
+ default: "plug-id",
122
+ )
90
123
  end
data/lib/hephaestus/version.rb CHANGED
@@ -2,7 +2,7 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  module Hephaestus
5
- VERSION = "0.7.2.5"
5
+ VERSION = "0.7.3"
6
6
  RAILS_VERSION = ">= 8.0"
7
7
  RUBY_VERSION = File
8
8
  .read("#{File.dirname(__FILE__)}/../../.ruby-version")
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hephaestus
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.2.5
4
+ version: 0.7.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Garen Torikian