mrf 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +16 -15
- data/README.md +40 -15
- data/lib/mrf/keyring.rb +15 -13
- data/lib/mrf/version.rb +1 -1
- data/spec/mrf/keyring_spec.rb +4 -2
- metadata +17 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cd0828720854c113d3aeb5d0dbe97c0261bfd5ee
|
4
|
+
data.tar.gz: 790fa84aad37e2f8be4307b798d3b75ffd7649df
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a49a20505b262fa0f9178e8c310a0d080a7ad674b26040420f25b35163ecb3af7c20bef8a9e7e7caa943631bd5e73ea4529c9221ed6a554d0f4bc16b254ad1ed
|
7
|
+
data.tar.gz: dba7e06f7a59b8b9438d78da02beb9230761222ccccd61e2d3568a2469ef9e79f8c0b4a71fbc33b0c123718303048c3e6966f0596639f077b892cb00c6bd3ab4
|
data/Gemfile.lock
CHANGED
@@ -1,29 +1,26 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
mrf (0.0.
|
4
|
+
mrf (0.0.4)
|
5
5
|
capistrano
|
6
6
|
gpgme
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: https://rubygems.org/
|
10
10
|
specs:
|
11
|
-
capistrano (2.
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
net-ssh-gateway (>= 1.1.0)
|
11
|
+
capistrano (3.2.1)
|
12
|
+
i18n
|
13
|
+
rake (>= 10.0.0)
|
14
|
+
sshkit (~> 1.3)
|
15
|
+
colorize (0.7.3)
|
17
16
|
diff-lcs (1.2.4)
|
18
|
-
gpgme (2.0.
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
net-
|
23
|
-
net-ssh (>= 2.6.5)
|
24
|
-
net-ssh (2.7.0)
|
25
|
-
net-ssh-gateway (1.2.0)
|
17
|
+
gpgme (2.0.6)
|
18
|
+
mini_portile (>= 0.5.0, <= 0.6.0)
|
19
|
+
i18n (0.6.11)
|
20
|
+
mini_portile (0.6.0)
|
21
|
+
net-scp (1.2.1)
|
26
22
|
net-ssh (>= 2.6.5)
|
23
|
+
net-ssh (2.9.1)
|
27
24
|
rake (10.1.0)
|
28
25
|
rspec (2.14.1)
|
29
26
|
rspec-core (~> 2.14.0)
|
@@ -33,6 +30,10 @@ GEM
|
|
33
30
|
rspec-expectations (2.14.2)
|
34
31
|
diff-lcs (>= 1.1.3, < 2.0)
|
35
32
|
rspec-mocks (2.14.3)
|
33
|
+
sshkit (1.5.1)
|
34
|
+
colorize
|
35
|
+
net-scp (>= 1.1.2)
|
36
|
+
net-ssh (>= 2.8.0)
|
36
37
|
|
37
38
|
PLATFORMS
|
38
39
|
ruby
|
data/README.md
CHANGED
@@ -4,19 +4,19 @@
|
|
4
4
|
|
5
5
|
A libary for uploading gpg secrets with capistrano.
|
6
6
|
|
7
|
-
put your secrets in a gpg encrypted file.
|
8
|
-
In rails the default is `config/secrets.{{Rails.env}}.yml.gpg`
|
7
|
+
put your secrets in a gpg encrypted file. Ex: `config/secrets.{{Rails.env}}.yml.gpg`
|
9
8
|
|
10
9
|
Then add mrf to you deploy script like this
|
11
10
|
|
12
11
|
```ruby
|
13
12
|
require 'mrf/capistrano'
|
14
|
-
|
13
|
+
set :mrf_secrets_path, "myproject/config/secrets.#{rails env maybe?}.yml.gpg"
|
14
|
+
set :mrf_remote_config_dir, "myrelease/config"
|
15
15
|
after "deploy", "mrf:upload_secrets"
|
16
16
|
```
|
17
17
|
|
18
|
-
|
19
|
-
file
|
18
|
+
It will ask you for your gpg passphrase while deploying.
|
19
|
+
And upload the files listed in secrets to your server (file mode 0600 by default)
|
20
20
|
|
21
21
|
## A Example secrets file
|
22
22
|
|
@@ -32,18 +32,43 @@ other_service.yml:
|
|
32
32
|
production:
|
33
33
|
password: 115024d2-7c74-326e-c9ec-064f42d08b31
|
34
34
|
username: 1e27a053-60a4-af61-f38d-9f1f123740d6
|
35
|
-
```
|
36
35
|
|
37
|
-
|
36
|
+
non_yaml_suff.key: |
|
37
|
+
-----BEGIN PGP PRIVATE KEY BLOCK-----
|
38
|
+
Version: GnuPG v1.4.14 (Darwin)
|
38
39
|
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
40
|
+
lQH+BFI4SpEBBAC7culGRvKFA6mob902i8u4irg1jYP4WtJDtNMoMbCjhLrjE3kg
|
41
|
+
Z8I9f0xpaBFZ2kHuD5Om7XH1w1OQ9G5EFiDBReCToe+xz7GLtFuJ/lDwLYLVHJiZ
|
42
|
+
yPQKOv64kZ8F+063dr8j2NryBhKiJvcTIF2l0LWsI4OkfboLATVOUu1TqwARAQAB
|
43
|
+
/gMDAremiA+pJjFcYPk8Ox0ynig50LCn1QuTja77+/ZjGoYsO9e7l11/6YcAGSb6
|
44
|
+
e6zKkQqiSXUOLS912pRQk976Xl0mXLzQCLEufkdooh9SrQjfRoZVulwIjtrJj/CC
|
45
|
+
r4iCSFyilrZOeSNIVGMXjkvSykHkiKc8XJiC3iXvaZa9nxJZOfvCVOW80NaNwDEv
|
46
|
+
h7a1va+vlQAtlkiplXt/n2Y+4TfY2PjZnBC2hXn7FRxj45upOxuTo1B4RSEiN+8q
|
47
|
+
IP3jbBSeq11Z7KMJXH/mEKRdjdxSFql9gnhX3XvWMifTULbw5ynur8ZKc8J99kGU
|
48
|
+
/NYEo197z5KjvG5iBlHgiv7tGQOcpETaN635X2er95itKwdOhda0chJY2u4TybSn
|
49
|
+
ali2e6GVk0qFmv5Q74I/j/YqzCX02K1LOkVsWvFS+7LE/tZejtovFSv8bTnXrxTa
|
50
|
+
Q4lEjfIKPXH1Ckw08mLx2FtpQYbSdIrGLZxPmfMsKXH2tC1Ub2JpYXMgRnVua2Ug
|
51
|
+
KE1yIEYpIDx0b2JpYXNAYmx1ZW1hbmdyb3VwLm9yZz6IuAQTAQIAIgUCUjhKkQIb
|
52
|
+
AwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQcYQDPAkatwFLswP7BIViV0+9
|
53
|
+
6EvKVULGRtHPO2vZil7AR+WL8BEk22bGlFmGjRxBYmfs4TTmzJPO+KSplSgsAz/h
|
54
|
+
eXlyKYlHL3CgM01GUi00gqpqZ+ppMhvgs5l5gYmTo9s2iuIuNi1EFyNLf+ocwMgB
|
55
|
+
tEQm2yzjhRqSOq4aTIbj+vG7sYGRNyREsZadAf0EUjhKkQEEAL+8DiuGPFj+gpmL
|
56
|
+
qeJ13M9Kh9HG+dIK3vfWw4bW49UFB4xr2hugBuMqh5vlGvJvpqei3MZNiEWegHD0
|
57
|
+
5dr7e/KA6qX0PlTgl4hovhU2G/2DKn3wXAmBFj8Y98y1GCiPG3e6+PeZkzveTmNb
|
58
|
+
yWKFLunJSgbouvEpRREU3JabN7d1ABEBAAH+AwMCt6aID6kmMVxgiqLxlLOL1l53
|
59
|
+
erOOeSIUMkGG9odtsVNCk/Ot/5nhMGbolZ5tZlCoatwC3T3ZBSbKG6pElTb53sXn
|
60
|
+
ORGRUPD/bUxDHLe+6jF8BuW0l/SkpBQ2265MTyF9EQE59JVibm+75nHhA8DZzUaz
|
61
|
+
fkKNXcEqQaB2oiBVD+BH5Io51aUFtZTcahSUtK+2GK1IKiSfRA/kF8ZkbjXMURcY
|
62
|
+
qil68hGVR6CNXgoCtbDK5TFueGiGu+p9lsrMexmvp+zxPtpQN+ewaWsIajfpcXPg
|
63
|
+
evl/Vw/5v/IPMJPMG3qiqZTEPaf/NWdO+wkCd1Q0CsIMiYQbBQmXgh7YOxK5y62q
|
64
|
+
J7biPD+G2txFWT1xlDjW9FTIiTp0vOvpD4YQ/ehxyhWgMmDHoSb6ed5pLpAiLkgb
|
65
|
+
/1TNVkdeigkRdO/2nu92uLMENJP2QSGKEH0cX5ao8jmiRz84T69pgOH9nyQeyy1C
|
66
|
+
pSpEQlhITl0m/YifBBgBAgAJBQJSOEqRAhsMAAoJEHGEAzwJGrcBerkD/R5RkyKi
|
67
|
+
8K4p+zX4dSYP/i9PhLZeVP0tjCYj48eTJg17fnyFbeK6VwZ30bMK7VYBJzPCCeza
|
68
|
+
5xTiZlBAC/BByRZiSGWTEiec6U4y6GSpkdi8fWrWp8KkFhHm9yviJk0Up8g9QLo3
|
69
|
+
a1W2egzD5CeUVPSYxEIj7FgEMA39UxYwVABv
|
70
|
+
=NGkh
|
71
|
+
-----END PGP PRIVATE KEY BLOCK-----
|
47
72
|
```
|
48
73
|
|
49
74
|
## Running the specs
|
data/lib/mrf/keyring.rb
CHANGED
@@ -43,22 +43,24 @@ module MrF
|
|
43
43
|
io = IO.for_fd(fd, 'w')
|
44
44
|
io.puts(password)
|
45
45
|
io.flush
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
# Prompt user
|
50
|
-
begin
|
51
|
-
console = IO.console
|
52
|
-
console.write("Passphrase for #{uid_hint}: ")
|
53
|
-
console.noecho do |noecho|
|
46
|
+
else
|
47
|
+
# Prompt user
|
48
|
+
begin
|
54
49
|
io = IO.for_fd(fd, 'w')
|
55
|
-
|
56
|
-
|
50
|
+
|
51
|
+
console = IO.console
|
52
|
+
console.write("Passphrase for #{uid_hint}: ")
|
53
|
+
console.noecho do |noecho|
|
54
|
+
io.puts(noecho.gets)
|
55
|
+
io.flush
|
56
|
+
end
|
57
|
+
console.puts
|
58
|
+
ensure
|
59
|
+
(0 ... $_.length).each do |i| $_[i] = ?0 end if $_
|
57
60
|
end
|
58
|
-
console.puts
|
59
|
-
ensure
|
60
|
-
(0 ... $_.length).each do |i| $_[i] = ?0 end if $_
|
61
61
|
end
|
62
|
+
|
63
|
+
$stderr.puts
|
62
64
|
end
|
63
65
|
|
64
66
|
def crypto
|
data/lib/mrf/version.rb
CHANGED
data/spec/mrf/keyring_spec.rb
CHANGED
@@ -13,13 +13,15 @@ module MrF
|
|
13
13
|
expect(keyring.data).to eq('production' => { 'secret' => 'hello' })
|
14
14
|
end
|
15
15
|
|
16
|
-
it "can
|
16
|
+
it "can retrieve passphrase from console if no passphrase is given" do
|
17
|
+
io = double("IO")
|
17
18
|
console = double("IO::Console")
|
18
19
|
expect(console).to receive(:write).with(
|
19
20
|
"Passphrase for EEF971D578000737 Tobias Funke (Mr F) <tobias@bluemangroup.org>: "
|
20
21
|
)
|
21
22
|
expect(console).to receive(:noecho).and_yield(double("FD", gets: "1234"))
|
22
|
-
expect(
|
23
|
+
expect(io).to receive(:puts)
|
24
|
+
expect(IO).to receive("for_fd").and_return(io)
|
23
25
|
expect(IO).to receive("console").and_return(console)
|
24
26
|
|
25
27
|
keyring = Keyring.new(path: fixture_path('app.yml.gpg'))
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mrf
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Patrik Kårlin
|
@@ -10,76 +10,76 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2014-07-17 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: gpgme
|
17
17
|
requirement: !ruby/object:Gem::Requirement
|
18
18
|
requirements:
|
19
|
-
- -
|
19
|
+
- - ">="
|
20
20
|
- !ruby/object:Gem::Version
|
21
21
|
version: '0'
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
25
25
|
requirements:
|
26
|
-
- -
|
26
|
+
- - ">="
|
27
27
|
- !ruby/object:Gem::Version
|
28
28
|
version: '0'
|
29
29
|
- !ruby/object:Gem::Dependency
|
30
30
|
name: capistrano
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
32
32
|
requirements:
|
33
|
-
- -
|
33
|
+
- - ">="
|
34
34
|
- !ruby/object:Gem::Version
|
35
35
|
version: '0'
|
36
36
|
type: :runtime
|
37
37
|
prerelease: false
|
38
38
|
version_requirements: !ruby/object:Gem::Requirement
|
39
39
|
requirements:
|
40
|
-
- -
|
40
|
+
- - ">="
|
41
41
|
- !ruby/object:Gem::Version
|
42
42
|
version: '0'
|
43
43
|
- !ruby/object:Gem::Dependency
|
44
44
|
name: bundler
|
45
45
|
requirement: !ruby/object:Gem::Requirement
|
46
46
|
requirements:
|
47
|
-
- -
|
47
|
+
- - ">="
|
48
48
|
- !ruby/object:Gem::Version
|
49
49
|
version: '0'
|
50
50
|
type: :development
|
51
51
|
prerelease: false
|
52
52
|
version_requirements: !ruby/object:Gem::Requirement
|
53
53
|
requirements:
|
54
|
-
- -
|
54
|
+
- - ">="
|
55
55
|
- !ruby/object:Gem::Version
|
56
56
|
version: '0'
|
57
57
|
- !ruby/object:Gem::Dependency
|
58
58
|
name: rake
|
59
59
|
requirement: !ruby/object:Gem::Requirement
|
60
60
|
requirements:
|
61
|
-
- -
|
61
|
+
- - ">="
|
62
62
|
- !ruby/object:Gem::Version
|
63
63
|
version: '0'
|
64
64
|
type: :development
|
65
65
|
prerelease: false
|
66
66
|
version_requirements: !ruby/object:Gem::Requirement
|
67
67
|
requirements:
|
68
|
-
- -
|
68
|
+
- - ">="
|
69
69
|
- !ruby/object:Gem::Version
|
70
70
|
version: '0'
|
71
71
|
- !ruby/object:Gem::Dependency
|
72
72
|
name: rspec
|
73
73
|
requirement: !ruby/object:Gem::Requirement
|
74
74
|
requirements:
|
75
|
-
- -
|
75
|
+
- - ">="
|
76
76
|
- !ruby/object:Gem::Version
|
77
77
|
version: '0'
|
78
78
|
type: :development
|
79
79
|
prerelease: false
|
80
80
|
version_requirements: !ruby/object:Gem::Requirement
|
81
81
|
requirements:
|
82
|
-
- -
|
82
|
+
- - ">="
|
83
83
|
- !ruby/object:Gem::Version
|
84
84
|
version: '0'
|
85
85
|
description: Rails Application Secrets With GPG
|
@@ -89,7 +89,7 @@ executables: []
|
|
89
89
|
extensions: []
|
90
90
|
extra_rdoc_files: []
|
91
91
|
files:
|
92
|
-
- .gitignore
|
92
|
+
- ".gitignore"
|
93
93
|
- Gemfile
|
94
94
|
- Gemfile.lock
|
95
95
|
- README.md
|
@@ -119,17 +119,17 @@ require_paths:
|
|
119
119
|
- lib
|
120
120
|
required_ruby_version: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
|
-
- -
|
122
|
+
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
124
|
version: 1.9.3
|
125
125
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
126
126
|
requirements:
|
127
|
-
- -
|
127
|
+
- - ">="
|
128
128
|
- !ruby/object:Gem::Version
|
129
129
|
version: '0'
|
130
130
|
requirements: []
|
131
131
|
rubyforge_project:
|
132
|
-
rubygems_version: 2.
|
132
|
+
rubygems_version: 2.2.2
|
133
133
|
signing_key:
|
134
134
|
specification_version: 4
|
135
135
|
summary: Rails Application Secrets With GPG
|
@@ -142,3 +142,4 @@ test_files:
|
|
142
142
|
- spec/mrf/keyring_spec.rb
|
143
143
|
- spec/mrf/project_spec.rb
|
144
144
|
- spec/spec_helper.rb
|
145
|
+
has_rdoc:
|