kreds 1.1.1 → 1.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4fa30f22ae5af3cd8d3cfbc20b59eacabe4c2b79db4033feca2e4e89740d27aa
-  data.tar.gz: 42a758a1e6b4c04d3a87f2d3320da866d6bda9355119cbcda77cee5d1e36881e
+  metadata.gz: 256854440242a87fc2debc95c8c7cda4c2c8fb836946179eccba3d8946863b25
+  data.tar.gz: 05c8465b2e8ab5a16f8b94cef84b85b074d5153bd60a143bd20719b0645b48e0
 SHA512:
-  metadata.gz: 0c406cca1bd875a184c0a0c2dc00e8d42865ae62eae6e5d820a344e06873ef399e1f7455239f3918c5a4ed75cec32a8c77c2c1597a54c3b36f6674d1e181a7af
-  data.tar.gz: 8ddcfa759c8b22eaebfe5ffc55bdac6ba63bebb316faa1dc18609a5eabf6c7e35531a76c6399f8ecee9fe0e6f8c67753885beb57ffbe3e115bf9b5d8417d1164
+  metadata.gz: ea580b8a4dca8c842c7e6f9c84a678cac94b3136b084dc1c91cb8c44b73d69077532441138c4a9c8bd91f84aec8c80bbb5919a27313cc18cb20d6d2df838bc6d
+  data.tar.gz: a36ab8f0fe482843697cc96e28c903f08a61e35d0554bf56e696a06b4116af25ab8bb546fc546d2fa781bc37d1b137501f122224059dba298269d2128cd3bfac

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## v1.1.2
+
+- Added input validation using `dry-types` for user-facing API
+- Internal code optimizations
+
 ## v1.1.1
 
 - Updated gemspec metadata to include the correct homepage URL

data/README.md

@@ -1,27 +1,56 @@
-# Kreds
+# Kreds: Streamlined Rails Credentials Access
 
 [![Gem Version](https://badge.fury.io/rb/kreds.svg)](http://badge.fury.io/rb/kreds)
 [![Github Actions badge](https://github.com/brownboxdev/kreds/actions/workflows/ci.yml/badge.svg)](https://github.com/brownboxdev/kreds/actions/workflows/ci.yml)
 
-Kreds is a simpler, shorter, and safer way to access Rails credentials, with a few additional features built in. Rails credentials are a convenient way to store secrets, but retrieving them could be more intuitive — that’s where Kreds comes in.
+Kreds is a simpler, shorter, and safer way to access Rails credentials, with a few extra features built in. Rails credentials are a convenient way to store secrets, but retrieving them could be more intuitive — that's where Kreds comes in.
 
-Instead of writing:
+**Key Features:**
+
+- Simplified credential access with clear error messages
+- Environment variable fallback support
+- Environment-scoped credentials access (production, staging, development)
+- Automatic blank value detection and prevention
+
+**Before and After:**
 
 ```ruby
+# Instead of this (long, silent failures if value is missing):
 Rails.application.credentials[:recaptcha][:site_key]
-```
+# => nil
 
-You can simply use:
+# Or this (long, unclear errors):
+Rails.application.credentials[:captcha][:site_key]
+# => undefined method `[]' for nil:NilClass (NoMethodError)
 
-```ruby
+# Or even this (longer, still unclear errors):
+Rails.application.credentials.fetch(:recaptcha).fetch(:key)
+# => key not found: :key (KeyError)
+
+# You can write this (shorter, human-readable errors):
 Kreds.fetch!(:recaptcha, :site_key)
+# => Blank value in credentials: [:recaptcha][:site_key] (Kreds::BlankCredentialsError)
+Kreds.fetch!(:captcha, :site_key)
+# => Credentials key not found: [:captcha] (Kreds::UnknownCredentialsError)
 ```
 
-This not only shortens your code but also ensures an exception is raised if a key is missing or a value is blank — with a clear, human-readable error message.
+## Table of Contents
+
+**Gem Usage:**
+  - [Installation](#installation)
+  - [Credential Fetching](#credential-fetching)
+  - [Environment-Scoped Credentials](#environment-scoped-credentials)
+  - [Environment Variables](#environment-variables)
+  - [Debug and Inspection](#debug-and-inspection)
+
+**Community Resources:**
+  - [Contributing](#contributing)
+  - [License](#license)
+  - [Code of Conduct](#code-of-conduct)
 
 ## Installation
 
-Add this line to your application's Gemfile:
+Add Kreds to your Gemfile:
 
 ```ruby
 gem "kreds"
@@ -29,98 +58,115 @@ gem "kreds"
 
 And then execute:
 
-```shell
+```bash
 bundle install
 ```
 
-## Usage
-
-### Fetch from credentials
+## Credential Fetching
 
-```ruby
-Kreds.fetch!(:aws, :s3, :credentials, :access_key_id)
-```
-
-If you make a typo, such as writing `access_key` instead of `access_key_id`, Kreds will raise `Kreds::UnknownCredentialsError` with the message: `Credentials key not found: [:aws][:s3][:credentials][:access_key]`.
+**`Kreds.fetch!(*keys, var: nil, &block)`**
 
-Similarly, if you add an extra key that doesn’t exist: `Kreds.fetch!(:aws, :s3, :credentials, :access_key_id, :id)`, Kreds will raise `Kreds::UnknownCredentialsError` with the message: `Credentials key not found: [:aws][:s3][:credentials][:access_key_id][:id]`.
+Fetches credentials from the Rails credentials store.
 
-If all keys are correct but the value is blank, Kreds will raise `Kreds::BlankCredentialsError` with the message: `Blank value in credentials: [:aws][:s3][:credentials][:access_key_id]`.
+**Parameters:**
+- `*keys` - Variable number of symbols representing the key path
+- `var` - Optional environment variable name as fallback
+- `&block` - Optional block to execute if fetch fails
 
-### Fallback to environment variables
+**Returns:** The credential value
 
-You can optionally provide a fallback environment variable:
+**Raises:**
+- `Kreds::UnknownCredentialsError` - if the key path doesn't exist
+- `Kreds::BlankCredentialsError` - if the value exists but is blank
 
 ```ruby
-Kreds.fetch!(:aws, :s3, :credentials, :access_key_id, var: "AWS_ACCESS_KEY_ID")
-```
+# Basic usage
+Kreds.fetch!(:aws, :s3, :credentials, :access_key_id)
 
-If the key is missing or blank in credentials, Kreds will attempt to fetch the value from the specified environment variable.
+# With environment variable fallback
+Kreds.fetch!(:aws, :access_key_id, var: "AWS_ACCESS_KEY_ID")
 
-If both sources are missing or blank, a combined error is raised.
+# With block
+Kreds.fetch!(:api_key) do
+  raise MyCustomError, "API key not configured"
+end
+```
 
-### Directly fetch from environment variable
+## Environment-Scoped Credentials
 
-You can also fetch directly from an environment variable:
+**`Kreds.env_fetch!(*keys, var: nil, &block)`**
 
-```ruby
-Kreds.var!("AWS_ACCESS_KEY_ID")
-```
+Fetches credentials scoped by the current Rails environment (e.g., `:production`, `:staging`, `:development`).
 
-This raises `Kreds::UnknownEnvironmentVariableError` if the variable is missing, and `Kreds::BlankEnvironmentVariableError` if it is present but the value is blank.
+**Parameters:** Same as `fetch!`
 
-### Fetch per Rails environment
+**Returns:** The credential value from `Rails.application.credentials[Rails.env]` followed by the provided key path
 
-If your credentials are scoped by Rails environment (e.g., `:production`, `:staging`, `:development`), you can fetch keys under the current environment using:
+**Raises:** Same exceptions as `fetch!`
 
 ```ruby
+# Looks in credentials[:production][:recaptcha][:site_key] in production
 Kreds.env_fetch!(:recaptcha, :site_key)
 ```
 
-This will look for the key in `Rails.application.credentials[Rails.env]`. For example, in the `production` environment, it will look for `Rails.application.credentials[:production][:recaptcha][:site_key]`, and raise the same errors if the key is missing or the value is blank.
+## Environment Variables
 
-You can also provide an optional fallback environment variable:
+**`Kreds.var!(name, &block)`**
 
-```ruby
-Kreds.env_fetch!(:recaptcha, :site_key, var: "RECAPTCHA_SITE_KEY")
-```
+Fetches a value directly from environment variables.
+
+**Parameters:**
+- `name` - Environment variable name
+- `&block` - Optional block to execute if variable is missing/blank
 
-### Pass a block on failure
+**Returns:** The environment variable value
 
-You can pass a block to `fetch!`, `env_fetch!`, and `var!`, which will be executed if the method fails to retrieve the value.
+**Raises:**
+- `Kreds::UnknownEnvironmentVariableError` - if the variable doesn't exist
+- `Kreds::BlankEnvironmentVariableError` - if the variable exists but is blank
 
 ```ruby
-Kreds.fetch!(:aws, :s3, :credentials, :access_key_id) do
-  raise MyCustomError, "Custom error message"
-end
+# Direct environment variable access
+Kreds.var!("AWS_ACCESS_KEY_ID")
 
+# With block
 Kreds.var!("THREADS") { 1 }
 ```
 
-### Show credentials
+## Debug and Inspection
 
-To inspect all credentials as a hash:
+**`Kreds.show`**
+
+Useful for debugging and exploring available credentials in the Rails console.
+
+**Returns:** Hash containing all credentials
 
 ```ruby
 Kreds.show
+# => { aws: { access_key_id: "...", secret_access_key: "..." }, ... }
 ```
 
-Useful for debugging or working in the Rails console.
-
-## Problems?
-
-Facing a problem or want to suggest an enhancement?
-
-- **Open a Discussion**: If you have a question, experience difficulties using the gem, or have a suggestion for improvements, feel free to use the Discussions section.
-
-Encountered a bug?
-
-- **Create an Issue**: If you've identified a bug, please create an issue. Be sure to provide detailed information about the problem, including the steps to reproduce it.
-- **Contribute a Solution**: Found a fix for the issue? Feel free to create a pull request with your changes.
-
 ## Contributing
 
-Before creating an issue or a pull request, please read the [contributing guidelines](https://github.com/brownboxdev/kreds/blob/master/CONTRIBUTING.md).
+### Getting Help
+Have a question or need assistance? Open a discussion in our [discussions section](https://github.com/brownboxdev/kreds/discussions) for:
+- Usage questions
+- Implementation guidance
+- Feature suggestions
+
+### Reporting Issues
+Found a bug? Please [create an issue](https://github.com/brownboxdev/kreds/issues) with:
+- A clear description of the problem
+- Steps to reproduce the issue
+- Your environment details (Rails version, Ruby version, etc.)
+
+### Contributing Code
+Ready to contribute? You can:
+- Fix bugs by submitting pull requests
+- Improve documentation
+- Add new features (please discuss first in our [discussions section](https://github.com/brownboxdev/kreds/discussions))
+
+Before contributing, please read the [contributing guidelines](https://github.com/brownboxdev/kreds/blob/master/CONTRIBUTING.md)
 
 ## License
 

data/kreds.gemspec

@@ -7,7 +7,7 @@ Gem::Specification.new do |spec|
   spec.homepage = "https://github.com/brownboxdev/kreds"
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = spec.homepage
-  spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/main/CHANGELOG.md"
+  spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/master/CHANGELOG.md"
   spec.metadata["rubygems_mfa_required"] = "true"
   spec.summary = "The missing shorthand for Rails credentials"
   spec.license = "MIT"
@@ -19,5 +19,6 @@ Gem::Specification.new do |spec|
 
   spec.require_paths = ["lib"]
 
+  spec.add_dependency "dry-types", "~> 1.8"
   spec.add_dependency "rails", ">= 7.1", "< 8.1"
 end

data/lib/kreds/fetch.rb

@@ -1,82 +1,59 @@
 module Kreds
   module Fetch
     def fetch!(*keys, var: nil, &)
-      validate_keys!(keys)
-      validate_var!(var)
+      symbolized_keys = Kreds::Inputs.process(keys, as: :symbol_array)
 
       path = []
 
-      keys.reduce(Rails.application.credentials) do |hash, key|
+      symbolized_keys.reduce(Kreds.show) do |hash, key|
         path << key
-        fetch_key(hash, key, path, keys)
+        fetch_key(hash, key, path, symbolized_keys)
       end
     rescue Kreds::BlankCredentialsError, Kreds::UnknownCredentialsError => e
-      fallback_to_var(e, var, &)
+      fallback_to_var(e, Kreds::Inputs.process(var, as: :string, optional: true), &)
     end
 
     def env_fetch!(*keys, var: nil, &)
-      fetch!(Rails.env, *keys, var: var, &)
+      fetch!(Rails.env, *keys, var:, &)
     end
 
     def var!(var, &)
-      validate_var!(var)
+      value = ENV.fetch(Kreds::Inputs.process(var, as: :string))
 
-      result, success = check_var(var)
+      return raise_or_yield(Kreds::BlankEnvironmentVariableError.new("Blank value in environment variable: #{var.inspect}"), &) if value.blank?
 
-      return result if success
-
-      raise_or_yield(result, &)
+      value
+    rescue KeyError
+      raise_or_yield(Kreds::UnknownEnvironmentVariableError.new("Environment variable not found: #{var.inspect}"), &)
     end
 
     private
 
-    def validate_keys!(keys)
-      raise Kreds::InvalidArgumentError, "No keys provided" if keys.empty?
-
-      return if keys.all? { _1.is_a?(Symbol) || _1.is_a?(String) }
-
-      raise Kreds::InvalidArgumentError, "Credentials Key must be a Symbol or a String"
-    end
-
-    def validate_var!(var)
-      raise Kreds::InvalidArgumentError, "Environment variable must be a String" if var.present? && !var.is_a?(String)
-    end
-
     def fetch_key(hash, key, path, keys)
-      value = hash.fetch(key.to_sym)
+      value = hash.fetch(key)
 
-      raise Kreds::BlankCredentialsError, "Blank value in credentials: [:#{path.join("][:")}]" if value.blank?
-      raise Kreds::UnknownCredentialsError, "Credentials key not found: [:#{path.join("][:")}][:#{keys[path.size]}]" if !value.is_a?(Hash) && keys != path
+      raise Kreds::BlankCredentialsError, "Blank value in credentials: #{path_to_s(path)}" if value.blank?
+      raise Kreds::UnknownCredentialsError, "Credentials key not found: #{path_to_s(path)}[:#{keys[path.size]}]" unless value.is_a?(Hash) || keys == path
 
       value
     rescue KeyError
-      raise Kreds::UnknownCredentialsError, "Credentials key not found: [:#{path.join("][:")}]"
+      raise Kreds::UnknownCredentialsError, "Credentials key not found: #{path_to_s(path)}"
     end
 
     def fallback_to_var(error, var, &)
-      if var.present?
-        result, success = check_var(var)
-
-        return result if success
+      return raise_or_yield(error, &) if var.blank?
 
-        raise_or_yield(Kreds::Error.new([error.message, result.message].join(", ")), &)
-      end
-
-      raise_or_yield(error, &)
-    end
-
-    def check_var(var)
-      value = ENV.fetch(var)
-
-      return [Kreds::BlankEnvironmentVariableError.new("Blank value in environment variable: #{var.inspect}"), false] if value.blank?
-
-      [value, true]
-    rescue KeyError
-      [Kreds::UnknownEnvironmentVariableError.new("Environment variable not found: #{var.inspect}"), false]
+      var!(var, &)
+    rescue Kreds::BlankEnvironmentVariableError, Kreds::UnknownEnvironmentVariableError => e
+      raise_or_yield(Kreds::Error.new("#{error.message}, #{e.message}"), &)
     end
 
     def raise_or_yield(error, &)
       block_given? ? yield : raise(error)
     end
+
+    def path_to_s(path)
+      "[:#{path.join("][:")}]"
+    end
   end
 end

data/lib/kreds/inputs.rb

@@ -0,0 +1,28 @@
+require "dry-types"
+
+module Kreds
+  module Inputs
+    extend self
+
+    include Dry.Types()
+
+    TYPES = {
+      symbol_array: -> { self::Array.of(self::Coercible::Symbol).constrained(min_size: 1) },
+      string: -> { self::Strict::String },
+      boolean: -> { self::Strict::Bool }
+    }.freeze
+
+    def process(value, as:, optional: false)
+      checker = type_for(as)
+      checker = checker.optional if optional
+
+      checker[value]
+    rescue Dry::Types::CoercionError => e
+      raise Kreds::InvalidArgumentError, e
+    end
+
+    private
+
+    def type_for(name) = Kreds::Inputs::TYPES.fetch(name).call
+  end
+end

data/lib/kreds/version.rb

@@ -1,3 +1,3 @@
 module Kreds
-  VERSION = "1.1.1"
+  VERSION = "1.1.2"
 end

data/lib/kreds.rb

@@ -2,6 +2,7 @@ require_relative "kreds/version"
 
 require "rails"
 
+require_relative "kreds/inputs"
 require_relative "kreds/fetch"
 require_relative "kreds/show"
 
@@ -13,6 +14,6 @@ module Kreds
   class UnknownCredentialsError < Error; end
   class UnknownEnvironmentVariableError < Error; end
 
-  extend ::Kreds::Fetch
   extend ::Kreds::Show
+  extend ::Kreds::Fetch
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kreds
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 1.1.2
 platform: ruby
 authors:
 - enjaku4
@@ -9,6 +9,20 @@ bindir: bin
 cert_chain: []
 date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: dry-types
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -39,6 +53,7 @@ files:
 - kreds.gemspec
 - lib/kreds.rb
 - lib/kreds/fetch.rb
+- lib/kreds/inputs.rb
 - lib/kreds/show.rb
 - lib/kreds/version.rb
 homepage: https://github.com/brownboxdev/kreds
@@ -47,7 +62,7 @@ licenses:
 metadata:
   homepage_uri: https://github.com/brownboxdev/kreds
   source_code_uri: https://github.com/brownboxdev/kreds
-  changelog_uri: https://github.com/brownboxdev/kreds/blob/main/CHANGELOG.md
+  changelog_uri: https://github.com/brownboxdev/kreds/blob/master/CHANGELOG.md
   rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths: