hephaestus 0.7.5 → 0.7.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -0
- data/config/initializers/environment.rb +16 -2
- data/lib/hephaestus/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 86f3a565b2f72b7554045e961efb160be49c89ede06c633e18cf4464b2a1b098
|
|
4
|
+
data.tar.gz: f970244378be6c08670923ac548fb20654aa618f51dedcf99d159e9b7599995c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3a7a3e78ec00d955c0b4fd160593ccf29ed4972d63302476f51b34104464a188f048e5eb0be15c511f95a6f72f8abfe997f94a5fa582695eeaafbcf488855c86
|
|
7
|
+
data.tar.gz: 907bf42577991b390b195e50dfab101aa7738d5f24421652e5e618a969c10cec3a57f6936a605933fb946183252388db7eccd0723fce927479fe65ad623e49a9
|
data/CHANGELOG.md
CHANGED
|
@@ -26,14 +26,27 @@ def fetch_document_secret(document_secrets, label:, default:)
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
def op_read(label)
|
|
29
|
-
%x(#{include_sudo?}op read "#{label}").chomp
|
|
29
|
+
%x(#{include_sudo?}op read "#{label}").chomp.tap do
|
|
30
|
+
raise "Failed to fetch `#{label}` from 1Password" unless $CHILD_STATUS.success?
|
|
31
|
+
end
|
|
30
32
|
end
|
|
31
33
|
|
|
32
34
|
# technically, this gets every secret, including ones UNIQUE
|
|
33
35
|
# to the platform, but we're not using those yet. feels "better"
|
|
34
36
|
# to have the plugs manage those on their own
|
|
35
37
|
def op_get_secrets(vault:, tag:)
|
|
36
|
-
%x(#{include_sudo?}op item list --vault #{vault} --tags #{tag} --format json | op item get - --reveal --format=json)
|
|
38
|
+
%x(#{include_sudo?}op item list --vault #{vault} --tags #{tag} --format json | op item get - --reveal --format=json).tap do
|
|
39
|
+
raise "Failed to fetch value `#{vault}` for `#{tag}` from 1Password" unless $CHILD_STATUS.success?
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def check_dependencies!
|
|
44
|
+
raise "1Password CLI is not installed" unless cli_installed?
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def cli_installed?
|
|
48
|
+
%x(#{include_sudo?}op --version 2> /dev/null)
|
|
49
|
+
$CHILD_STATUS.success?
|
|
37
50
|
end
|
|
38
51
|
|
|
39
52
|
def include_sudo?
|
|
@@ -97,6 +110,7 @@ module Hephaestus
|
|
|
97
110
|
# Every plug has these secrets; to reduce the amount of API calls to 1Password,
|
|
98
111
|
# we can grab one document that contains all the secrets we need
|
|
99
112
|
if productionish?
|
|
113
|
+
check_dependencies!
|
|
100
114
|
fetched_secrets = op_get_secrets(vault: "Plug-#{plug_name}", tag: ENV["RAILS_ENV"])
|
|
101
115
|
end
|
|
102
116
|
|
data/lib/hephaestus/version.rb
CHANGED