portunus 0.3.0 → 0.3.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -5
- data/README.md +19 -1
- data/lib/portunus/field_configurer.rb +0 -1
- data/lib/portunus/tasks/rotate_keys.rake +2 -2
- data/lib/portunus/version.rb +1 -1
- data/portunus.gemspec +0 -1
- metadata +3 -17
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3550e3c505e933ed612ddb7fede00e9d5071428f6fc47cbec262982d303c4fa8
|
4
|
+
data.tar.gz: 8f249e798e8075a82aad74997be541bb55fdc41fbbb2cf313091269a13ddfd3b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 10b794b14f6f7e7eeb7e6c282c31eee4cb708c4417045237a46d516187cb4c649e206c75645c462cc333fb43378d4e26e0a9e03d9c3e083a17f440e96f40c758
|
7
|
+
data.tar.gz: 3018430d52d24319bc643bb7f3990379557e271869c1a6e396824d834bed24f1005b173ac0b2fda5879a1bdb1227224ce53e7e6a4058423de207bd3614102d2b
|
data/Gemfile.lock
CHANGED
@@ -1,8 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
portunus (0.3.
|
5
|
-
aes
|
4
|
+
portunus (0.3.5)
|
6
5
|
openssl (>= 2.1.0)
|
7
6
|
rails (>= 5.0.0)
|
8
7
|
|
@@ -64,7 +63,6 @@ GEM
|
|
64
63
|
minitest (~> 5.1)
|
65
64
|
tzinfo (~> 1.1)
|
66
65
|
zeitwerk (~> 2.2)
|
67
|
-
aes (0.5.0)
|
68
66
|
binding_of_caller (0.8.0)
|
69
67
|
debug_inspector (>= 0.0.1)
|
70
68
|
builder (3.2.4)
|
@@ -81,7 +79,6 @@ GEM
|
|
81
79
|
activesupport (>= 4.2.0)
|
82
80
|
i18n (1.8.2)
|
83
81
|
concurrent-ruby (~> 1.0)
|
84
|
-
ipaddr (1.2.2)
|
85
82
|
json (2.3.0)
|
86
83
|
loofah (2.4.0)
|
87
84
|
crass (~> 1.0.2)
|
@@ -99,7 +96,6 @@ GEM
|
|
99
96
|
nokogiri (1.10.9)
|
100
97
|
mini_portile2 (~> 2.4.0)
|
101
98
|
openssl (2.1.2)
|
102
|
-
ipaddr
|
103
99
|
pry (0.12.2)
|
104
100
|
coderay (~> 1.1.0)
|
105
101
|
method_source (~> 0.9.0)
|
@@ -187,3 +183,6 @@ DEPENDENCIES
|
|
187
183
|
rspec
|
188
184
|
simplecov (~> 0.17.1)
|
189
185
|
sqlite3
|
186
|
+
|
187
|
+
BUNDLED WITH
|
188
|
+
2.1.4
|
data/README.md
CHANGED
@@ -54,13 +54,31 @@ include Portunus::Encryptable
|
|
54
54
|
```
|
55
55
|
|
56
56
|
### Set up your master keys
|
57
|
+
|
57
58
|
Portunus comes with two adaptors for your master keys, "credentials" and
|
58
59
|
"environment". This should cover the most common deploy scenarios. Before
|
59
60
|
Portunus can function, enabled master keys need to be added. There is a
|
60
61
|
generator to create the keys for you to then install in the proper
|
61
|
-
location.
|
62
|
+
location.
|
62
63
|
|
63
64
|
$ bundle exec rake portunus:generate_master_keys
|
65
|
+
|
66
|
+
If you are using the credentials adaptor (default), add the keys here.
|
67
|
+
Make sure to generate keys for each environment.
|
68
|
+
|
69
|
+
$ bundle exec rails credentials:edit --environment=development
|
70
|
+
|
71
|
+
#### Spring / Postgres / OSX
|
72
|
+
|
73
|
+
When using this combination a bug may arise that prompts a weird error message:
|
74
|
+
|
75
|
+
$ objc[4182]: +[__NSPlaceholderDictionary initialize] may have been in progress in another thread when fork() was called.
|
76
|
+
|
77
|
+
You can circumvent it by using the below command in High Sierra / Catalina. It
|
78
|
+
might not work in Mojave but I believe this issue unrelated to Portunus.
|
79
|
+
Alternatively just don't use spring.
|
80
|
+
|
81
|
+
$ export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
|
64
82
|
|
65
83
|
### Additional devise notes
|
66
84
|
|
@@ -3,7 +3,7 @@ namespace :portunus do
|
|
3
3
|
task rotate_keks: :environment do
|
4
4
|
scope = ::Portunus::DataEncryptionKey.
|
5
5
|
where(
|
6
|
-
"last_kek_rotation < ? or (created_at < ? and last_kek_rotation is null",
|
6
|
+
"last_kek_rotation < ? or (created_at < ? and last_kek_rotation is null)",
|
7
7
|
::Portunus.configuration.max_key_duration,
|
8
8
|
::Portunus.configuration.max_key_duration
|
9
9
|
)
|
@@ -22,7 +22,7 @@ namespace :portunus do
|
|
22
22
|
else
|
23
23
|
scope = ::Portunus::DataEncryptionKey.
|
24
24
|
where(
|
25
|
-
"last_dek_rotation < ? or (created_at < ? and last_dek_rotation is null",
|
25
|
+
"last_dek_rotation < ? or (created_at < ? and last_dek_rotation is null)",
|
26
26
|
::Portunus.configuration.max_key_duration,
|
27
27
|
::Portunus.configuration.max_key_duration
|
28
28
|
)
|
data/lib/portunus/version.rb
CHANGED
data/portunus.gemspec
CHANGED
@@ -34,7 +34,6 @@ Gem::Specification.new do |spec|
|
|
34
34
|
spec.require_paths = ["lib"]
|
35
35
|
|
36
36
|
spec.add_runtime_dependency "rails", ">= 5.0.0"
|
37
|
-
spec.add_runtime_dependency "aes"
|
38
37
|
spec.add_runtime_dependency "openssl", ">= 2.1.0"
|
39
38
|
|
40
39
|
spec.add_development_dependency "bundler", "> 1.17"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: portunus
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Colin Petruno
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-07-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -24,20 +24,6 @@ dependencies:
|
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: 5.0.0
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: aes
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - ">="
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '0'
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - ">="
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '0'
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: openssl
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -248,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
248
234
|
- !ruby/object:Gem::Version
|
249
235
|
version: '0'
|
250
236
|
requirements: []
|
251
|
-
rubygems_version: 3.
|
237
|
+
rubygems_version: 3.1.4
|
252
238
|
signing_key:
|
253
239
|
specification_version: 4
|
254
240
|
summary: DEK and KEK Encryption for Rails
|