rails-creds 0.3.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a713e64a2dc6c6e291bb0973929f4cb44441eb59c0d359870e0b932e5d4fcc3c
-  data.tar.gz: 483da513f4671cde3fc1e2cf83a2b04b5bc456e3fbc564079afd2085002da33b
+  metadata.gz: cbc1c067d2f4b0a326231eb8c98d1ad5a79f308cc6ef82c2bc9ba2409dd6656d
+  data.tar.gz: 35af2f8b5ba9d9488a466dd64f04da29a78065eb94678e774a8e810b669cbccb
 SHA512:
-  metadata.gz: 12c4b010d5370eaabfbafcac7c02b2bb9173b2a0e106f76523719f6c5c6fe8273b2ead284fe85ca767ff789c62e844d0f12cbc9679a05823c1343fa1c5a5fbf3
-  data.tar.gz: f3446191d7149a213fcff4277b78354a652a41166743ea341e4191bfe79e5a1bed73a5ee83bcfed8162252c5b8d204ef025a6f400d7656f5ba42bf41aa0f39f3
+  metadata.gz: 8b8e7609ef17e6ea9a5b96ba66ccdd3ff2cd21d916ca30f2df1d52a9c1ef318c6f5e81bdbe417faf5fd26fd15a28e22db9753adf17689205bfa010ff4231a97f
+  data.tar.gz: 19d31443777ff80b7f4dbea23dd7ccd2e2c888136797377274b3fdd606fe812be96454cedfa35d0fe27296666616ef05d85a4a076a614d82dbf17d4365281146

data/.github/workflows/ci.yml

@@ -0,0 +1,46 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - "3.0"
+          - "3.1"
+          - "3.2"
+          - "3.3"
+          - "3.4"
+
+    steps:
+      - name: Install packages
+        run: sudo apt-get update && sudo apt-get install --no-install-recommends -y build-essential git pkg-config google-chrome-stable
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ruby-3.4.1
+          bundler-cache: true
+
+      - name: Run tests
+        env:
+          RAILS_ENV: test
+        run: bin/rails test
+
+      - name: Keep screenshots from failed system tests
+        uses: actions/upload-artifact@v4
+        if: failure()
+        with:
+          name: screenshots
+          path: ${{ github.workspace }}/tmp/screenshots
+          if-no-files-found: ignore

data/.rspec

@@ -1,3 +1,2 @@
---format documentation
 --color
 --require spec_helper

data/CHANGELOG.md

@@ -1,3 +1,20 @@
+# Changelog
+
+## 0.5.0
+
+**NB:** Probably breaking change.
+
+We now rely on YAML for merging credentials. See `bin/rails creds:example` for an example configuration.
+
+- New: Missing keys always raise.
+- Added example task.
+
+## 0.4.0 (2023-07-08)
+
+### Added
+
+- Return `nil` and don't read credentials nor complain when SECRET_KEY_BASE_DUMMY=1
+
 ## 0.3.0 (2019-09-19)
 
 ### Breaking changes
@@ -8,22 +25,22 @@
 
 ### Fixed:
 
-  - Require strip_heredoc extension before use
+- Require strip_heredoc extension before use
 
 ## 0.2.1
 
 ## Changed:
 
-  - Credentials are now memoized after successful read.
+- Credentials are now memoized after successful read.
 
 ## 0.2.0
 
 ### Changed:
 
-  - Creds will now warn about missing credentials when the encrypted file isn't
-    found. It will afterwards be a Null Object and return `nil` on every key.
-  - When encrypted credentials are found but the master key file AND env
-    variable is missing, Creds will return a special error with explanation.
+- Creds will now warn about missing credentials when the encrypted file isn't
+  found. It will afterwards be a Null Object and return `nil` on every key.
+- When encrypted credentials are found but the master key file AND env
+  variable is missing, Creds will return a special error with explanation.
 
 ## 0.1.0
 

data/Rakefile

@@ -3,4 +3,4 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
 
-task default: :spec
+task(default: :spec)

data/creds.gemspec

@@ -17,14 +17,14 @@ Gem::Specification.new do |spec|
   spec.files = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
+
   spec.bindir = "exe"
   spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "rails", "> 5.2"
+  spec.add_dependency("rails", ">= 5.2")
 
-  spec.add_development_dependency "bundler", "~> 2.0"
-  spec.add_development_dependency "rake", "~> 12.3"
-  spec.add_development_dependency "rspec", "~> 3.0"
-  spec.add_development_dependency "standard", "~> 0.1.0"
-end
+  spec.add_development_dependency("bundler", "~> 2.0")
+  spec.add_development_dependency("rake", "~> 12.3")
+  spec.add_development_dependency("rspec", "~> 3.0")
+end

data/lib/creds/railtie.rb

@@ -0,0 +1,7 @@
+module Creds
+  class Railtie < ::Rails::Railtie
+    rake_tasks do
+      Dir[File.join(__dir__, "../tasks/**/*.rake")].each { |f| load f }
+    end
+  end
+end

data/lib/creds/version.rb

@@ -1,3 +1,3 @@
-class Creds
-  VERSION = "0.3.0".freeze
+module Creds
+  VERSION = "0.5.0".freeze
 end

data/lib/creds.rb

@@ -1,79 +1,63 @@
-# frozen_string_literal: true
-
 require "rails"
+require "active_support/core_ext/string/strip"
 
 require "creds/version"
-require "creds/errors"
+require "creds/railtie"
 
 # The main module of rails-creds
-class Creds
-  include Singleton
+module Creds
+  EXAMPLE_CONFIG = <<-YAML
+  ---
+  secret_key_base: "abc123"
 
-  # Credentials that are always nil
-  class NullCredentials
-    def respond_to_missing?(_name)
-      true
-    end
+  shared: &shared
+    secret: 123
 
-    # rubocop:disable Style/MethodMissingSuper
-    def method_missing(*_args)
-      nil
-    end
-    # rubocop:enable Style/MethodMissingSuper
+  test:
+    <<: *shared
 
-    def nil?
-      true
-    end
-  end
+  development:
+    <<: *shared
 
-  def self.respond_to_missing?(_name)
-    true
-  end
+  production:
+    <<: *shared
+    secret: 456
+  YAML
+    .strip_heredoc
+    .freeze
 
-  # rubocop:disable Style/MethodMissingSuper
-  def self.method_missing(name, *_args)
-    instance.credentials.fetch(name)
-  rescue KeyError
-    raise MissingKeyError.new(name, Rails.env)
-  end
-  # rubocop:enable Style/MethodMissingSuper
+  class MissingKeyError < StandardError
+    MESSAGE = "Key :%<key>s missing from credentials in \"%<env>s\" env".freeze
 
-  def self.to_h
-    instance.credentials
-  end
-
-  def credentials
-    return @credentials if @credentials
-
-    unless encrypted_credentials_exist?
-      Rails.logger.warn MissingCredentialsWarning
-      return NullCredentials.new
+    def initialize(key, env)
+      super(format(MESSAGE, key: key, env: env))
     end
+  end
 
-    raise MissingMasterKeyError unless master_key_present?
+  class MissingEnvError < StandardError
+    MESSAGE = <<-MSG
+      It seems you are missing a scope for the environment "%<env>s".
 
-    @credentials = fetch_credentials_for_current_env
-  end
+      Here's an example of how your credentials could look:
 
-  private
+#{Creds::EXAMPLE_CONFIG.gsub(/^([^\n]+)$/m, "        \\1")}
+    MSG
+      .strip_heredoc
+      .freeze
 
-  def fetch_credentials_for_current_env
-    base = Rails.application.credentials.config
-    scoped = base.fetch(Rails.env.to_sym)
-    base.delete(Rails.env.to_sym)
-    base.merge(scoped)
-  rescue KeyError
-    raise MissingEnvError, Rails.env
+    def initialize(env)
+      super(format(MESSAGE, env: env))
+    end
   end
 
-  def encrypted_credentials_exist?
-    File.exist? Rails.root.join("config", "credentials.yml.enc")
-  end
+  def self.method_missing(mth, *args, &block)
+    @cache ||= Rails.application.credentials[Rails.env].tap do |scoped|
+      raise MissingEnvError.new(Rails.env) unless scoped.is_a?(Hash)
+      raise MissingKeyError.new(mth, Rails.env) unless scoped.key?(mth.to_sym)
 
-  def master_key_present?
-    return true if ENV["RAILS_MASTER_KEY"]
-    return true if File.exist?(Rails.root.join("config", "master.key"))
+      scoped
+    end
 
-    false
+    @cache.fetch(mth.to_sym)
   end
 end

data/lib/tasks/creds.rake

@@ -0,0 +1,6 @@
+namespace(:creds) do
+  desc("Print an example credentials file")
+  task(:example => :environment) do
+    puts(Creds::EXAMPLE_CONFIG)
+  end
+end

metadata

@@ -1,27 +1,26 @@
 --- !ruby/object:Gem::Specification
 name: rails-creds
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Mikkel Malmberg
-autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-09-19 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.2'
 - !ruby/object:Gem::Dependency
@@ -66,20 +65,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: standard
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.1.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.1.0
 description: ''
 email:
 - mikkel@brnbw.com
@@ -87,11 +72,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
 - CHANGELOG.md
-- CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -99,15 +83,16 @@ files:
 - config/master.key
 - creds.gemspec
 - lib/creds.rb
-- lib/creds/errors.rb
+- lib/creds/railtie.rb
 - lib/creds/version.rb
 - lib/rails-creds.rb
+- lib/tasks/creds.rake
+- log/test.log
 homepage: https://github.com/mikker/rails-creds
 licenses:
 - MIT
 metadata:
   source_code_uri: https://github.com/mikker/rails-creds
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -122,8 +107,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.6.8
 specification_version: 4
 summary: Shorter, env-scoped version of Rails' credentials
 test_files: []

data/.travis.yml

@@ -1,11 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.3
-  - 2.4
-  - 2.5
-  - 2.6
-  - jruby
-before_install:
-  - gem update --system
-  - gem install bundler

data/CODE_OF_CONDUCT.md

@@ -1,74 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at mikkel@brnbw.com. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/

data/lib/creds/errors.rb

@@ -1,64 +0,0 @@
-require "active_support/core_ext/string/strip"
-
-class Creds
-  class MissingCredentialsWarning
-    MESSAGE =
-      <<-MSG
-      You have no encrypted credentials at config/credentials.yml.enc.
-      Creds will return nil for any key.
-      Run this to generate your credentials file:
-        $ bin/rails credentials:edit
-      MSG
-        .strip_heredoc.freeze
-  end
-
-  # @api private
-  class MissingKeyError < StandardError
-    MESSAGE = 'Key :%<key>s missing from credentials in "%<env>s" env'.freeze
-
-    def initialize(key, env)
-      super format(MESSAGE, key: key, env: env)
-    end
-  end
-
-  # @api private
-  class MissingEnvError < StandardError
-    # rubocop:disable Layout/TrailingWhitespace
-    MESSAGE =
-      <<-MSG
-  Creds scopes credentials to the current Rails environment.
-  It seems you are missing a scope for the environment "%<env>s".
-
-  Here's an example of how your credentials could look:
-
-  ---
-  aws_key: 'shared between environments'
-  
-  production:
-    <<: *default
-    aws_key: 'you can override defaults for individual environments'
-      MSG
-        .strip_heredoc.freeze
-    # rubocop:enable Layout/TrailingWhitespace
-
-    def initialize(env)
-      super format(MESSAGE, env: env)
-    end
-  end
-
-  # @api private
-  class MissingMasterKeyError < StandardError
-    MESSAGE =
-      <<-MSG
-        You have encrypted credentials but no master key.
-
-        Either get or recover the file config/master.key
-        or set the environment variable RAILS_MASTER_KEY
-      MSG
-        .strip_heredoc.freeze
-
-    def initalize
-      super(MESSAGE)
-    end
-  end
-end