RubyGems - rails_environment_credentials - Versions diffs - 0.0.1 → 0.1.0 - Mend

rails_environment_credentials 0.0.1 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/README.md +52 -1
data/lib/rails_environment_credentials/key_strategies/none.rb +2 -0
data/lib/rails_environment_credentials/key_strategies/raw.rb +1 -1
data/lib/rails_environment_credentials/railtie.rb +12 -0
data/lib/rails_environment_credentials/version.rb +2 -2
data/lib/rails_environment_credentials.rb +1 -0
data/lib/tasks/credentials.rake +26 -0
data/rails_environment_credentials.gemspec +3 -1
metadata +17 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8831db67391191047589682a975a189698cf6ba971835a9057b3d9e308938b50
-  data.tar.gz: 7879944840d8771d97098524cb9792ea66049365cc3f92a7db75581f7bcc61e9
+  metadata.gz: c6e5fd661f637909b8425e534736c598f2966c940228fc65fa2de8b9b1102520
+  data.tar.gz: 776113ab4beef6d69866b8f1d5c7a32e670a5579b282f54424b25792334df84a
 SHA512:
-  metadata.gz: 7898632f7087e6e5b922c5b29c61e1410287efa114ec67512cc81caf9f6297149bb4243baf6b25b5e74f645334cc8eeaef5a2eda5a1c9f6679cd89a17bd6f7b2
-  data.tar.gz: ac3c92f5610a920d5c0b46f172a72fb75cf0e4a573e58b77277d5d5dba6cd92487f89307b208b73369a2dfbed3683eff383ee0bdbf50362439ebd2612c4d60a4
+  metadata.gz: 2bed86493a1351a91ace41e95ee5d90ba33acb77ea3974f685ffcf834947d3bfd65e4be421e4ed6aba0e6afe1d0cd6b07ddd871e299c4eff887da4ca3f24bde3
+  data.tar.gz: 327c2396d25b0fa9ae25f9a8b28760b56dfeb620bd19751adecf8c7edf0beafe226fd690a9c8f18d2cfef2e9f61aa3d226764f9ce38b64bcb04a03550db3d268

data/README.md CHANGED Viewed

@@ -1 +1,52 @@
-# rails-environment-credentials
+# rails-environment-credentials
+This gem expands the capabilities of `Rails.application.credentials` to support many different environments, as well as multiple ways to load the key.
+By default, the credentials will be loaded from `config/credentials/#{Rails.env}.{yml.enc|.key}`, a different environment can be specified in the credentials config file.
+## Show/Edit Credentials
+`bin/rails env_creds:show\[some_special_environment\]`
+`bin/rails env_creds:edit\[some_special_environment\]`
+## Key Strategies
+### nil/none/rails
+This is the default strategy. Tthe key will be loaded the same way rails does it traditionally, by looking at the `RAILS_MASTER_KEY` environment variable, then from `config/credentials/some_environment.key`.
+### raw
+The key will be defined in the credentials config file.
+Example `config/credentials.yml`:
+```yaml
+key_strategy: raw
+key_strategy_options:
+  key: 123abc456def789
+```
+### azure_key_vault_managed_identity
+The key will be loaded from Azure Key Vault using an `access_token` from the VM's managed identity.
+Example `config/credentials.yml`:
+```yaml
+key_strategy: azure_key_vault_managed_identity
+key_strategy_options:
+  vault: some-key-vault
+  secret_name: some-environment-master-key
+```
+## Credentials Config File
+It is recommended to keep this file in `.gitignore`
+```yaml
+environment: some-special-environment # Which environment credentials to load: `config/credentials/some-special-environment.yml.enc`
+key_strategy: none|rails|raw|azure_key_vault_managed_identity # Which key strategy to use
+key_strategy_options: # The options for the chosen key strategy
+```

data/lib/rails_environment_credentials/key_strategies/none.rb CHANGED Viewed

@@ -6,6 +6,8 @@ module RailsEnvironmentCredentials
     class None < Base; end
     add(nil, None)
+    add('none', None)
+    add('rails', None)
   end
 end

data/lib/rails_environment_credentials/key_strategies/raw.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module RailsEnvironmentCredentials
     class Raw < Base
       def key
-        Rails.application.config.credentials.raw_key
+        Rails.application.config.credentials.key_strategy_options['key']
       end
     end

data/lib/rails_environment_credentials/railtie.rb ADDED Viewed

@@ -0,0 +1,12 @@
+require 'rails'
+module RailsEnvironmentCredentials
+  class Railtie < Rails::Railtie
+    railtie_name :rails_environment_credentials
+    rake_tasks do
+      load 'tasks/credentials.rake'
+    end
+  end
+end

data/lib/rails_environment_credentials/version.rb CHANGED Viewed

@@ -4,8 +4,8 @@ module RailsEnvironmentCredentials
   module Version
     MAJOR = 0
-    MINOR = 0
-    PATCH = 1
+    MINOR = 1
+    PATCH = 0
   end

data/lib/rails_environment_credentials.rb CHANGED Viewed

@@ -10,6 +10,7 @@ require 'rails_environment_credentials/configuration'
 require 'rails_environment_credentials/encrypted_configuration'
 require 'rails_environment_credentials/encrypted_file'
 require 'rails_environment_credentials/key_strategies'
+require 'rails_environment_credentials/railtie'
 require 'rails_environment_credentials/version'
 Rails::Application::Configuration.send(:include, RailsEnvironmentCredentials::Configuration)

data/lib/tasks/credentials.rake ADDED Viewed

@@ -0,0 +1,26 @@
+namespace :env_creds do
+  task :show, [:environment] do |_, args|
+    env = args[:environment]
+    if env.blank?
+      system('bin/rails credentials:show')
+    else
+      env.downcase!
+      file = "config/credentials/#{env}.yml.enc"
+      key = "config/credentials/#{env}.key"
+      system("bin/rails encrypted:show #{file} -k #{key}")
+    end
+  end
+  task :edit, [:environment] do |_, args|
+    ENV['EDITOR'] += ' --wait' if ENV['EDITOR'].present? && (ENV['EDITOR'] == 'code' || ENV['EDITOR'].ends_with?('/code')) # Stupid fix for vscode exiting too quickly
+    env = args[:environment]
+    if env.blank?
+      system('bin/rails credentials:edit')
+    else
+      env.downcase!
+      file = "config/credentials/#{env}.yml.enc"
+      key = "config/credentials/#{env}.key"
+      system("bin/rails encrypted:edit #{file} -k #{key}")
+    end
+  end
+end

data/rails_environment_credentials.gemspec CHANGED Viewed

@@ -3,7 +3,7 @@
 $LOAD_PATH << File.join(File.dirname(__FILE__), 'lib')
 require 'rails_environment_credentials/version'
-Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
+Gem::Specification.new do |s|
   s.name        = 'rails_environment_credentials'
   s.version     = RailsEnvironmentCredentials::VERSION
   s.authors     = ['Taylor Yelverton']
@@ -29,4 +29,6 @@ Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
   s.add_dependency('activesupport', '>= 5.0.0')
   s.add_dependency('railties', '>= 5.0.0')
+  s.add_dependency('httparty', '~> 0.16.2')
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_environment_credentials
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Taylor Yelverton
@@ -38,6 +38,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 5.0.0
+- !ruby/object:Gem::Dependency
+  name: httparty
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.2
 description: Add support for different credentials for different environments to Rails
 email: rubygems@yelvert.io
 executables: []
@@ -55,7 +69,9 @@ files:
 - lib/rails_environment_credentials/key_strategies/base.rb
 - lib/rails_environment_credentials/key_strategies/none.rb
 - lib/rails_environment_credentials/key_strategies/raw.rb
+- lib/rails_environment_credentials/railtie.rb
 - lib/rails_environment_credentials/version.rb
+- lib/tasks/credentials.rake
 - rails_environment_credentials.gemspec
 homepage: https://github.com/ComplyMD/rails_environment_credentials
 licenses: