rails_environment_credentials 0.0.1 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8831db67391191047589682a975a189698cf6ba971835a9057b3d9e308938b50
4
- data.tar.gz: 7879944840d8771d97098524cb9792ea66049365cc3f92a7db75581f7bcc61e9
3
+ metadata.gz: c6e5fd661f637909b8425e534736c598f2966c940228fc65fa2de8b9b1102520
4
+ data.tar.gz: 776113ab4beef6d69866b8f1d5c7a32e670a5579b282f54424b25792334df84a
5
5
  SHA512:
6
- metadata.gz: 7898632f7087e6e5b922c5b29c61e1410287efa114ec67512cc81caf9f6297149bb4243baf6b25b5e74f645334cc8eeaef5a2eda5a1c9f6679cd89a17bd6f7b2
7
- data.tar.gz: ac3c92f5610a920d5c0b46f172a72fb75cf0e4a573e58b77277d5d5dba6cd92487f89307b208b73369a2dfbed3683eff383ee0bdbf50362439ebd2612c4d60a4
6
+ metadata.gz: 2bed86493a1351a91ace41e95ee5d90ba33acb77ea3974f685ffcf834947d3bfd65e4be421e4ed6aba0e6afe1d0cd6b07ddd871e299c4eff887da4ca3f24bde3
7
+ data.tar.gz: 327c2396d25b0fa9ae25f9a8b28760b56dfeb620bd19751adecf8c7edf0beafe226fd690a9c8f18d2cfef2e9f61aa3d226764f9ce38b64bcb04a03550db3d268
data/README.md CHANGED
@@ -1 +1,52 @@
1
- # rails-environment-credentials
1
+ # rails-environment-credentials
2
+
3
+ This gem expands the capabilities of `Rails.application.credentials` to support many different environments, as well as multiple ways to load the key.
4
+
5
+ By default, the credentials will be loaded from `config/credentials/#{Rails.env}.{yml.enc|.key}`, a different environment can be specified in the credentials config file.
6
+
7
+
8
+ ## Show/Edit Credentials
9
+
10
+ `bin/rails env_creds:show\[some_special_environment\]`
11
+
12
+ `bin/rails env_creds:edit\[some_special_environment\]`
13
+
14
+
15
+ ## Key Strategies
16
+
17
+ ### nil/none/rails
18
+ This is the default strategy. Tthe key will be loaded the same way rails does it traditionally, by looking at the `RAILS_MASTER_KEY` environment variable, then from `config/credentials/some_environment.key`.
19
+
20
+ ### raw
21
+ The key will be defined in the credentials config file.
22
+
23
+ Example `config/credentials.yml`:
24
+ ```yaml
25
+ key_strategy: raw
26
+ key_strategy_options:
27
+ key: 123abc456def789
28
+ ```
29
+
30
+ ### azure_key_vault_managed_identity
31
+ The key will be loaded from Azure Key Vault using an `access_token` from the VM's managed identity.
32
+
33
+ Example `config/credentials.yml`:
34
+ ```yaml
35
+ key_strategy: azure_key_vault_managed_identity
36
+ key_strategy_options:
37
+ vault: some-key-vault
38
+ secret_name: some-environment-master-key
39
+ ```
40
+
41
+
42
+ ## Credentials Config File
43
+
44
+ It is recommended to keep this file in `.gitignore`
45
+
46
+ ```yaml
47
+ environment: some-special-environment # Which environment credentials to load: `config/credentials/some-special-environment.yml.enc`
48
+
49
+ key_strategy: none|rails|raw|azure_key_vault_managed_identity # Which key strategy to use
50
+
51
+ key_strategy_options: # The options for the chosen key strategy
52
+ ```
@@ -6,6 +6,8 @@ module RailsEnvironmentCredentials
6
6
  class None < Base; end
7
7
 
8
8
  add(nil, None)
9
+ add('none', None)
10
+ add('rails', None)
9
11
 
10
12
  end
11
13
  end
@@ -6,7 +6,7 @@ module RailsEnvironmentCredentials
6
6
  class Raw < Base
7
7
 
8
8
  def key
9
- Rails.application.config.credentials.raw_key
9
+ Rails.application.config.credentials.key_strategy_options['key']
10
10
  end
11
11
 
12
12
  end
@@ -0,0 +1,12 @@
1
+ require 'rails'
2
+
3
+ module RailsEnvironmentCredentials
4
+ class Railtie < Rails::Railtie
5
+ railtie_name :rails_environment_credentials
6
+
7
+ rake_tasks do
8
+ load 'tasks/credentials.rake'
9
+ end
10
+
11
+ end
12
+ end
@@ -4,8 +4,8 @@ module RailsEnvironmentCredentials
4
4
 
5
5
  module Version
6
6
  MAJOR = 0
7
- MINOR = 0
8
- PATCH = 1
7
+ MINOR = 1
8
+ PATCH = 0
9
9
 
10
10
  end
11
11
 
@@ -10,6 +10,7 @@ require 'rails_environment_credentials/configuration'
10
10
  require 'rails_environment_credentials/encrypted_configuration'
11
11
  require 'rails_environment_credentials/encrypted_file'
12
12
  require 'rails_environment_credentials/key_strategies'
13
+ require 'rails_environment_credentials/railtie'
13
14
  require 'rails_environment_credentials/version'
14
15
 
15
16
  Rails::Application::Configuration.send(:include, RailsEnvironmentCredentials::Configuration)
@@ -0,0 +1,26 @@
1
+ namespace :env_creds do
2
+ task :show, [:environment] do |_, args|
3
+ env = args[:environment]
4
+ if env.blank?
5
+ system('bin/rails credentials:show')
6
+ else
7
+ env.downcase!
8
+ file = "config/credentials/#{env}.yml.enc"
9
+ key = "config/credentials/#{env}.key"
10
+ system("bin/rails encrypted:show #{file} -k #{key}")
11
+ end
12
+ end
13
+
14
+ task :edit, [:environment] do |_, args|
15
+ ENV['EDITOR'] += ' --wait' if ENV['EDITOR'].present? && (ENV['EDITOR'] == 'code' || ENV['EDITOR'].ends_with?('/code')) # Stupid fix for vscode exiting too quickly
16
+ env = args[:environment]
17
+ if env.blank?
18
+ system('bin/rails credentials:edit')
19
+ else
20
+ env.downcase!
21
+ file = "config/credentials/#{env}.yml.enc"
22
+ key = "config/credentials/#{env}.key"
23
+ system("bin/rails encrypted:edit #{file} -k #{key}")
24
+ end
25
+ end
26
+ end
@@ -3,7 +3,7 @@
3
3
  $LOAD_PATH << File.join(File.dirname(__FILE__), 'lib')
4
4
  require 'rails_environment_credentials/version'
5
5
 
6
- Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
6
+ Gem::Specification.new do |s|
7
7
  s.name = 'rails_environment_credentials'
8
8
  s.version = RailsEnvironmentCredentials::VERSION
9
9
  s.authors = ['Taylor Yelverton']
@@ -29,4 +29,6 @@ Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
29
29
 
30
30
  s.add_dependency('activesupport', '>= 5.0.0')
31
31
  s.add_dependency('railties', '>= 5.0.0')
32
+
33
+ s.add_dependency('httparty', '~> 0.16.2')
32
34
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_environment_credentials
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Taylor Yelverton
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: 5.0.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: httparty
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: 0.16.2
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: 0.16.2
41
55
  description: Add support for different credentials for different environments to Rails
42
56
  email: rubygems@yelvert.io
43
57
  executables: []
@@ -55,7 +69,9 @@ files:
55
69
  - lib/rails_environment_credentials/key_strategies/base.rb
56
70
  - lib/rails_environment_credentials/key_strategies/none.rb
57
71
  - lib/rails_environment_credentials/key_strategies/raw.rb
72
+ - lib/rails_environment_credentials/railtie.rb
58
73
  - lib/rails_environment_credentials/version.rb
74
+ - lib/tasks/credentials.rake
59
75
  - rails_environment_credentials.gemspec
60
76
  homepage: https://github.com/ComplyMD/rails_environment_credentials
61
77
  licenses: