portunus 0.3.1 → 0.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -5
- data/README.md +19 -1
- data/lib/portunus/field_configurer.rb +0 -1
- data/lib/portunus/tasks/rotate_keys.rake +6 -6
- data/lib/portunus/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ce3eac0af0a8a0fa451fb24de5cdddbc7741ce5bf043e669b580b2ae8f7045d
|
|
4
|
+
data.tar.gz: 901ec596dc6b5ca9f2a304fd90fe5cb260bffce513209b3b28cfdbf98d199fd5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 721a12bf89394e876fac117f866e2938fb2a57805472fd53978cba626e6a9cbc82cf4c4462a6402ca31dbab2c8577a657cfe3445271df022b558d908db5d177d
|
|
7
|
+
data.tar.gz: 370cb0e5ae67bde8c1d0517586fd19802f14527337c087809578162411a06f7c97d9a109fc1f2c207557141ba474d42de75a66816e2f96e03f3ae90cb9aebbca
|
data/Gemfile.lock
CHANGED
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
portunus (0.3.
|
|
5
|
-
aes
|
|
4
|
+
portunus (0.3.5)
|
|
6
5
|
openssl (>= 2.1.0)
|
|
7
6
|
rails (>= 5.0.0)
|
|
8
7
|
|
|
@@ -64,7 +63,6 @@ GEM
|
|
|
64
63
|
minitest (~> 5.1)
|
|
65
64
|
tzinfo (~> 1.1)
|
|
66
65
|
zeitwerk (~> 2.2)
|
|
67
|
-
aes (0.5.0)
|
|
68
66
|
binding_of_caller (0.8.0)
|
|
69
67
|
debug_inspector (>= 0.0.1)
|
|
70
68
|
builder (3.2.4)
|
|
@@ -81,7 +79,6 @@ GEM
|
|
|
81
79
|
activesupport (>= 4.2.0)
|
|
82
80
|
i18n (1.8.2)
|
|
83
81
|
concurrent-ruby (~> 1.0)
|
|
84
|
-
ipaddr (1.2.2)
|
|
85
82
|
json (2.3.0)
|
|
86
83
|
loofah (2.4.0)
|
|
87
84
|
crass (~> 1.0.2)
|
|
@@ -99,7 +96,6 @@ GEM
|
|
|
99
96
|
nokogiri (1.10.9)
|
|
100
97
|
mini_portile2 (~> 2.4.0)
|
|
101
98
|
openssl (2.1.2)
|
|
102
|
-
ipaddr
|
|
103
99
|
pry (0.12.2)
|
|
104
100
|
coderay (~> 1.1.0)
|
|
105
101
|
method_source (~> 0.9.0)
|
|
@@ -187,3 +183,6 @@ DEPENDENCIES
|
|
|
187
183
|
rspec
|
|
188
184
|
simplecov (~> 0.17.1)
|
|
189
185
|
sqlite3
|
|
186
|
+
|
|
187
|
+
BUNDLED WITH
|
|
188
|
+
2.1.4
|
data/README.md
CHANGED
|
@@ -54,13 +54,31 @@ include Portunus::Encryptable
|
|
|
54
54
|
```
|
|
55
55
|
|
|
56
56
|
### Set up your master keys
|
|
57
|
+
|
|
57
58
|
Portunus comes with two adaptors for your master keys, "credentials" and
|
|
58
59
|
"environment". This should cover the most common deploy scenarios. Before
|
|
59
60
|
Portunus can function, enabled master keys need to be added. There is a
|
|
60
61
|
generator to create the keys for you to then install in the proper
|
|
61
|
-
location.
|
|
62
|
+
location.
|
|
62
63
|
|
|
63
64
|
$ bundle exec rake portunus:generate_master_keys
|
|
65
|
+
|
|
66
|
+
If you are using the credentials adaptor (default), add the keys here.
|
|
67
|
+
Make sure to generate keys for each environment.
|
|
68
|
+
|
|
69
|
+
$ bundle exec rails credentials:edit --environment=development
|
|
70
|
+
|
|
71
|
+
#### Spring / Postgres / OSX
|
|
72
|
+
|
|
73
|
+
When using this combination a bug may arise that prompts a weird error message:
|
|
74
|
+
|
|
75
|
+
$ objc[4182]: +[__NSPlaceholderDictionary initialize] may have been in progress in another thread when fork() was called.
|
|
76
|
+
|
|
77
|
+
You can circumvent it by using the below command in High Sierra / Catalina. It
|
|
78
|
+
might not work in Mojave but I believe this issue unrelated to Portunus.
|
|
79
|
+
Alternatively just don't use spring.
|
|
80
|
+
|
|
81
|
+
$ export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
|
|
64
82
|
|
|
65
83
|
### Additional devise notes
|
|
66
84
|
|
|
@@ -3,9 +3,9 @@ namespace :portunus do
|
|
|
3
3
|
task rotate_keks: :environment do
|
|
4
4
|
scope = ::Portunus::DataEncryptionKey.
|
|
5
5
|
where(
|
|
6
|
-
"last_kek_rotation < ? or (created_at < ? and last_kek_rotation is null",
|
|
7
|
-
::Portunus.configuration.max_key_duration,
|
|
8
|
-
::Portunus.configuration.max_key_duration
|
|
6
|
+
"last_kek_rotation < ? or (created_at < ? and last_kek_rotation is null)",
|
|
7
|
+
DateTime.now - ::Portunus.configuration.max_key_duration,
|
|
8
|
+
DateTime.now - ::Portunus.configuration.max_key_duration
|
|
9
9
|
)
|
|
10
10
|
|
|
11
11
|
scope.in_batches do |relation|
|
|
@@ -22,9 +22,9 @@ namespace :portunus do
|
|
|
22
22
|
else
|
|
23
23
|
scope = ::Portunus::DataEncryptionKey.
|
|
24
24
|
where(
|
|
25
|
-
"last_dek_rotation < ? or (created_at < ? and last_dek_rotation is null",
|
|
26
|
-
::Portunus.configuration.max_key_duration,
|
|
27
|
-
::Portunus.configuration.max_key_duration
|
|
25
|
+
"last_dek_rotation < ? or (created_at < ? and last_dek_rotation is null)",
|
|
26
|
+
DateTime.now - ::Portunus.configuration.max_key_duration,
|
|
27
|
+
DateTime.now - ::Portunus.configuration.max_key_duration
|
|
28
28
|
)
|
|
29
29
|
end
|
|
30
30
|
scope.in_batches do |relation|
|
data/lib/portunus/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: portunus
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Colin Petruno
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -234,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
234
234
|
- !ruby/object:Gem::Version
|
|
235
235
|
version: '0'
|
|
236
236
|
requirements: []
|
|
237
|
-
rubygems_version: 3.
|
|
237
|
+
rubygems_version: 3.1.4
|
|
238
238
|
signing_key:
|
|
239
239
|
specification_version: 4
|
|
240
240
|
summary: DEK and KEK Encryption for Rails
|