samson_secret_puller 1.0.4 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/samson_secret_puller.rb +27 -13
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 51c888fa0b9252626544a64e036606bbdb3d199a
|
|
4
|
+
data.tar.gz: 0c5244ac03a2a9ed86c0ac66e277a0a9b708ac86
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fe78fb27da6431212caca45431265d937a8a085698453d5b2a902befe401346a1ac99ddec12ea401bc4fe43d508632577f4970c154b0c9ac7abc767fb56896d0
|
|
7
|
+
data.tar.gz: c156588e1ec7c22aaf8ccb1ff907e1850d4fdae074f25dfadd0c8d4a0c847a561a5fc21deef829714e0ac1b150d062ed142245313ca25b4b4f5d038143e00bea
|
data/lib/samson_secret_puller.rb
CHANGED
|
@@ -2,18 +2,14 @@ require 'forwardable'
|
|
|
2
2
|
|
|
3
3
|
module SamsonSecretPuller
|
|
4
4
|
FOLDER = '/secrets'.freeze
|
|
5
|
-
TIMEOUT = 60
|
|
6
|
-
|
|
7
|
-
class TimeoutError < StandardError
|
|
8
|
-
end
|
|
9
5
|
|
|
10
6
|
ENV = ENV # store a copy since we might replace ENV on Object
|
|
11
7
|
|
|
12
8
|
class << self
|
|
13
9
|
extend Forwardable
|
|
14
10
|
[
|
|
15
|
-
:[], :fetch, :keys, :each, :has_key?, :key?, :include?,
|
|
16
|
-
:each_with_object, :values_at, :reject, :select
|
|
11
|
+
:[], :fetch, :keys, :each, :has_key?, :key?, :include?,
|
|
12
|
+
:each_with_object, :values_at, :reject, :select, :to_a
|
|
17
13
|
].each do |method|
|
|
18
14
|
def_delegator :secrets, method
|
|
19
15
|
end
|
|
@@ -27,7 +23,22 @@ module SamsonSecretPuller
|
|
|
27
23
|
end
|
|
28
24
|
|
|
29
25
|
def []=(key, value)
|
|
30
|
-
|
|
26
|
+
if value.nil?
|
|
27
|
+
delete key
|
|
28
|
+
elsif secrets && @secret_keys.include?(key)
|
|
29
|
+
secrets[key] = value
|
|
30
|
+
else
|
|
31
|
+
ENV[key] = secrets[key] = value
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def delete(key)
|
|
36
|
+
secrets.delete(key)
|
|
37
|
+
ENV.delete(key)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def replace(other)
|
|
41
|
+
(secrets.keys + other.keys).uniq.each { |k| self[k] = other[k] }
|
|
31
42
|
end
|
|
32
43
|
|
|
33
44
|
# When we run in kubernetes we need to read secrets from ENV and secret storage
|
|
@@ -44,17 +55,20 @@ module SamsonSecretPuller
|
|
|
44
55
|
|
|
45
56
|
def secrets
|
|
46
57
|
@secrets ||= begin
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
secrets
|
|
58
|
+
combined = ENV.to_h
|
|
59
|
+
secrets = read_secrets
|
|
60
|
+
@secret_keys = secrets.keys
|
|
61
|
+
combined.merge!(secrets)
|
|
62
|
+
combined
|
|
50
63
|
end
|
|
51
64
|
end
|
|
52
65
|
|
|
53
|
-
def
|
|
54
|
-
|
|
66
|
+
def read_secrets
|
|
67
|
+
return {} unless File.exist?(FOLDER)
|
|
68
|
+
Dir.glob("#{FOLDER}/*").each_with_object({}) do |file, all|
|
|
55
69
|
name = File.basename(file)
|
|
56
70
|
next if name.start_with?(".") # ignore .done and maybe others
|
|
57
|
-
|
|
71
|
+
all[name] = File.read(file).strip
|
|
58
72
|
end
|
|
59
73
|
end
|
|
60
74
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: samson_secret_puller
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michael Grosser
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-05-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email: michael@grosser.it
|