RubyGems - rails_key_rotator - Versions diffs - 0.2.3 → 0.2.4 - Mend

rails_key_rotator 0.2.3 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +20 -9
data/lib/rails_key_rotator/railtie.rb +1 -1
data/lib/rails_key_rotator/version.rb +1 -1
data/lib/rails_key_rotator.rb +2 -1
data/rails_key_rotator.gemspec +3 -5
metadata +5 -5

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c1583daf18681adbf057da6b49f0b1d31edde595911bae83460fd0ca7088d38f
-  data.tar.gz: 28024ed59be4ed43b9476eb3c0927a0a0a16370949a4c6bb1b98caf4f1ae770e
+  metadata.gz: eaa46a03f93b85091d320d81de8241cfc1f8f9151c9f6ff13c232bf17bc146a9
+  data.tar.gz: 98dc1e4cde4cc1365ed765d8142540c751709dc2ed66a8cdb48cef90f768c38a
 SHA512:
-  metadata.gz: b54587fcd4c6f39ed55143893c66550222e08eb1e2a6db07a1cafa3e574e78a47ad726b4d4b7cb6c9c24a7a2218ec5ba2054206ca0e30f7830638e56424c08de
-  data.tar.gz: 1a02f4f16ebe9ca906b587d2654358282febe8ed5c17348945989a583d70475eb5418a7aaaf4dd8cb9875bd94462124221f0705ea8166e48745527c98b0ebc18
+  metadata.gz: da389d3403d24bb9159445693fa1690d875e5ddde24f4edbee80dd10a67787ec98c359434d642b0f5541581df63a986d29f2c6fe5273e5e07030396a35c843c4
+  data.tar.gz: 465b459024d8efa98b3347febf3961ee2f14883a1201082b899a66d2527202a75f87d3f717fd02cc5cd1c552bef2171498c2a9c375495a0020c4bc7dd8aad339

data/README.md CHANGED Viewed

@@ -1,5 +1,13 @@
 # RailsKeyRotator
+[![Gem Version](https://badge.fury.io/rb/rails_key_rotator.svg)](https://badge.fury.io/rb/rails_key_rotator)
+> **Warning**
+> **THIS IS BETA SOFTWARE**
+>
+> Major version zero (0.y.z) is for initial development. Anything MAY change at any time. The public API SHOULD NOT be considered stable.
+> See: <https://semver.org/#spec-item-4>
 ## Installation
 Install the gem and add to the application's Gemfile by executing:
@@ -15,14 +23,15 @@ If bundler is not being used to manage dependencies, install the gem by executin
 > **Warning**
 > **DON'T FORGET TO HANDOUT THE NEW KEY TO YOUR COLLEAGUES!**
-1. Run the rake taks
+1.  Run the rake taks
         $ RAILS_ENV=production bundle exec rake key_rotator:rotate
         Starting process:
         -> Copy config/credentials/production.key -> config/credentials/production.key.bak-2023-10-15-084335
         -> Copy config/credentials/production.yml.enc -> config/credentials/production.yml.enc.bak-2023-10-15-084335
-        -> Writing 774ef137809953c633f03233d3ec5d35 to config/credentials/production.key
+        -> Writing the key "774ef137809953c633f03233d3ec5d35" to config/credentials/production.key
+        -> Writing the re-encrypted credentials to config/credentials/production.yml.enc
         Finished! The next steps are:
@@ -33,12 +42,11 @@ If bundler is not being used to manage dependencies, install the gem by executin
     This will backup current key / credentials, create a new key and saves encrypts the credentails w/ this new key for the current `RAILS_ENV`
+2.  Deploying this variable as an env `RAILS_MASTER_KEY_NEW`
-2. Deploying this variable as an env `RAILS_MASTER_KEY_NEW`
+3.  Commit and deploy new encrypted file.
-3. Commit and deploy new encrypted file.
-4. After a while when everything is back in sync replace `RAILS_MASTER_KEY` w/ the new key and delete `RAILS_MASTER_KEY_NEW`
+4.  After a while when everything is back in sync replace `RAILS_MASTER_KEY` w/ the new key and delete `RAILS_MASTER_KEY_NEW`
 ## Process
@@ -50,14 +58,12 @@ When we've defined `RAILS_MASTER_KEY_NEW` it means we are rotating the encryptio
 3. If not, we will fallback to the old key, thus leave `RAILS_MASTER_KEY` alone
-See: https://www.reddit.com/r/rails/comments/x4sujc/deploying_a_rotated_credentials_key_without/
 ## Development
 This project uses docker and [dip](https://github.com/bibendi/dip), a.k.a. the _Docker Interaction Program._
 To use it:
 ```shell
 gem install dip
 dip provision
@@ -77,3 +83,8 @@ The gem is available as open source under the terms of the [MIT License](https:/
 ## Code of Conduct
 Everyone interacting in the RailsKeyRotator project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/LeipeLeon/rails_key_rotator/blob/master/CODE_OF_CONDUCT.md).
+## Thanks to:
+- The fine folks of [kerkdienstgemist.nl](https://github.com/kdgm) allowed me to extract the basics from their sourcecode.
+- The [original inspirator](https://www.reddit.com/user/abuisman/) after some googling: <https://www.reddit.com/r/rails/comments/x4sujc/deploying_a_rotated_credentials_key_without/>

data/lib/rails_key_rotator/railtie.rb CHANGED Viewed

@@ -4,7 +4,7 @@ require "rails"
 module RailsKeyRotator
   class Railtie < Rails::Railtie
-    config.before_initialize do
+    config.before_configuration do
       RailsKeyRotator.rotated?
     end
     rake_tasks do

data/lib/rails_key_rotator/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module RailsKeyRotator
-  VERSION = "0.2.3"
+  VERSION = "0.2.4"
 end

data/lib/rails_key_rotator.rb CHANGED Viewed

@@ -104,6 +104,7 @@ module RailsKeyRotator
     end
     def write_credentials(contents) # the new configuration
+      say "Writing the re-encrypted credentials to #{credentials_path}"
       ActiveSupport::EncryptedConfiguration.new(
         config_path: credentials_path,
         key_path: key_path,
@@ -113,7 +114,7 @@ module RailsKeyRotator
     end
     def write_key
-      say "Writing #{new_key} to #{key_path}"
+      say %(Writing the key "#{new_key}" to #{key_path})
       File.write(key_path, new_key)
     end
   end

data/rails_key_rotator.gemspec CHANGED Viewed

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
 require_relative "lib/rails_key_rotator/version"
 Gem::Specification.new do |spec|
@@ -10,7 +8,7 @@ Gem::Specification.new do |spec|
   spec.summary = "Rotate your RAILS_MASTER_KEY with ease"
   # spec.description = "TODO: Write a longer description or delete this line."
-  spec.homepage = "https://www.wendbaar.nl"
+  spec.homepage = "https://github.com/LeipeLeon/rails_key_rotator"
   spec.license = "MIT"
   spec.required_ruby_version = ">= 2.6.0"
@@ -18,8 +16,8 @@ Gem::Specification.new do |spec|
   spec.metadata["rubygems_mfa_required"] = "true"
   spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://github.com/LeipeLeon/rails_key_rotator"
-  spec.metadata["changelog_uri"] = "https://github.com/LeipeLeon/rails_key_rotator/CHANGELOG.md"
+  spec.metadata["source_code_uri"] = spec.homepage
+  spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/main/CHANGELOG.md"
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails_key_rotator
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors:
 - Leon Berenschot
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-10-16 00:00:00.000000000 Z
+date: 2023-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -61,14 +61,14 @@ files:
 - lib/tasks/key_rotator.rake
 - rails_key_rotator.gemspec
 - sig/rails_key_rotator.rbs
-homepage: https://www.wendbaar.nl
+homepage: https://github.com/LeipeLeon/rails_key_rotator
 licenses:
 - MIT
 metadata:
   rubygems_mfa_required: 'true'
-  homepage_uri: https://www.wendbaar.nl
+  homepage_uri: https://github.com/LeipeLeon/rails_key_rotator
   source_code_uri: https://github.com/LeipeLeon/rails_key_rotator
-  changelog_uri: https://github.com/LeipeLeon/rails_key_rotator/CHANGELOG.md
+  changelog_uri: https://github.com/LeipeLeon/rails_key_rotator/blob/main/CHANGELOG.md
 post_install_message:
 rdoc_options: []
 require_paths: