RubyGems - secret-keeper - Versions diffs - 0.2.0 → 0.2.2 - Mend

secret-keeper 0.2.0 → 0.2.2

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA256:
-  metadata.gz: 49be9c6350530e4855836833f631aa841df1df85501ff00c44da8c62939eea4d
-  data.tar.gz: 36f4ee5f518c3c65ee10fa9c01d5c612cc7989ce4c1877eb62a10f05e273423c
+SHA1:
+  metadata.gz: 125a92be1b1a91a487b487a7ad5896a6944fa565
+  data.tar.gz: d2c860df86d3711ca1c1f475be655eb9c30c1306
 SHA512:
-  metadata.gz: b916e8add32b2cb01c858f5312046a4c7fee841b73500c64dbc250e069b098a58e36b76a233c48b7f98b1a2ff4b4de5042f8525afb7e9b0912c874f32564d1ca
-  data.tar.gz: 48aabb92cfdd6ecb11cde87f3fc9ac863ed391ba32b6c1d088a287e3ed7aca7e2f73614aff573dd6a1330232d693dcbdf6f2135f149325bbdec8e5a6d04084d7
+  metadata.gz: 28eccb33926ba31c2e192faea7bc09ac460d2fbe5822c785f39ea63bd50f4653e29d6e2764a4a982668512834207a16f016570bea282d9dd8c993492e33ce9c4
+  data.tar.gz: d1639ce6af25d95ffcd11f76bd06d2daee2351f441ccb6690f173bbd1e49d9de5cf4110b5c450dbe32b82f3a72c61399969cc31a8351273b20db7ed502eb509e

data/README.md CHANGED Viewed

@@ -12,17 +12,34 @@ with bundler, write follwing line in your Gemfile
     gem 'secret-keeper', require: false
 ## Usage
-using environment variable OPENSSL_PASS to be your key of cipher
+1. setup files need to be encrypted in config/secret-keeper.yml
+    # config/secret-keeper.yml example
+    development:
+      ev_name: SECRET_KEEPER
+      cipher: AES-256-CBC
+      tasks:
+        -
+          encrypt_from: example/database.yml
+          encrypt_to: example/database.yml.enc
+          # decrypt_from: example/database.yml.enc
+          # decrypt_to: example/database.yml
+        -
+          encrypt_from: example/secrets_from_other_source.yml
+          encrypt_to: example/secrets.yml.enc
+          # decrypt_from: example/secrets.yml.enc
+          decrypt_to: example/secrets.yml
+2. using environment variable SECRET_KEEPER to be your key of cipher
-    $> OPENSSL_PASS=[YOUR-CIPHER-KEY-HERE] irb
+    $> SECRET_KEEPER=[YOUR-CIPHER-KEY-HERE] irb
-require on demand
+3. require on demand
     irb> require 'secret-keeper'
-encrypt files based on your tasks defined in config/secret-keeper.yml
+4. encrypt files based on your tasks defined in config/secret-keeper.yml
     irb> SecretKeeper.encrypt_files
     # Encrypting...
@@ -30,7 +47,7 @@ encrypt files based on your tasks defined in config/secret-keeper.yml
     #   * example/secrets.yml --> example/secrets.yml.enc, ok
     # Over!
-decrypt files based on your tasks defined in config/secret-keeper.yml
+5. decrypt files based on your tasks defined in config/secret-keeper.yml
     irb> SecretKeeper.decrypt_files
     # Decrypting...
@@ -40,24 +57,5 @@ decrypt files based on your tasks defined in config/secret-keeper.yml
 ## Available Ciphers
-    OpenSSL::Cipher.ciphers
-## Config Example
-    development: &development
-      cipher: AES-256-CBC
-      tasks:
-        -
-          encrypt_from: example/database.yml
-          encrypt_to: example/database.yml.enc
-          # decrypt_from: example/database.yml.enc
-          # decrypt_to: example/database.yml
-        -
-          encrypt_from: example/secrets_from_other_source.yml
-          encrypt_to: example/secrets.yml.enc
-          # decrypt_from: example/secrets.yml.enc
-          decrypt_to: example/secrets.yml
-    test:
-      <<: *development
-    production:
-      <<: *development
+    irb> require 'openssl'
+    irb> OpenSSL::Cipher.ciphers

data/lib/secret-keeper.rb CHANGED Viewed

@@ -37,11 +37,13 @@ class SecretKeeper
   end
   def initialize
-    fail 'environment variable OPENSSL_PASS not exist' if ENV['OPENSSL_PASS'].nil?
     env = ENV['RAILS_ENV'] || 'development'
     string = File.open('config/secret-keeper.yml', 'rb') { |f| f.read }
+    fail 'config/secret-keeper.yml not existed nor not readable' if string.nil?
     config = YAML.load(string)[env]
     fail 'config/secret-keeper.yml incorrect or environment not exist' if config.nil?
+    @ev_name = config['ev_name'] || 'SECRET_KEEPER'
+    fail "environment variable #{@ev_name} not exist" if ENV[@ev_name].nil?
     @tasks = config['tasks']
     @using_cipher = OpenSSL::Cipher.new(config['cipher'])
@@ -71,13 +73,13 @@ class SecretKeeper
   def encrypt(data)
     cipher = @using_cipher.encrypt
-    cipher.key = Digest::SHA2.hexdigest(ENV['OPENSSL_PASS'])[0..(cipher.key_len-1)]
+    cipher.key = Digest::SHA2.hexdigest(ENV[@ev_name])[0..(cipher.key_len-1)]
     cipher.update(data) + cipher.final
   end
   def decrypt(data)
     cipher = @using_cipher.decrypt
-    cipher.key = Digest::SHA2.hexdigest(ENV['OPENSSL_PASS'])[0..(cipher.key_len-1)]
+    cipher.key = Digest::SHA2.hexdigest(ENV[@ev_name])[0..(cipher.key_len-1)]
     cipher.update(data) + cipher.final
   end
 end

data/spec/secret-keeper_spec.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 describe SecretKeeper do
   before(:each) do
-    ENV['OPENSSL_PASS'] = 'PASSWORD'
+    ENV['SECRET_KEEPER'] = 'PASSWORD_HERE'
   end
   describe '.encrypt_files' do
@@ -16,14 +16,14 @@ describe SecretKeeper do
       expect(result).to eq(true)
     end
-    it 'should be false, if OPENSSL_PASS incorrect' do
-      ENV['OPENSSL_PASS'] = 'incorrect'
+    it 'should be false, if SECRET_KEEPER incorrect' do
+      ENV['SECRET_KEEPER'] = 'incorrect'
       result = SecretKeeper.decrypt_files
       expect(result).to eq(false)
     end
-    it 'should raise error, if OPENSSL_PASS nil' do
-      ENV['OPENSSL_PASS'] = nil
+    it 'should raise error, if SECRET_KEEPER nil' do
+      ENV['SECRET_KEEPER'] = nil
       expect{ SecretKeeper.decrypt_files }.to raise_error(RuntimeError)
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: secret-keeper
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.2
 platform: ruby
 authors:
 - Ray Lee
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-04-11 00:00:00.000000000 Z
+date: 2018-06-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -34,7 +34,7 @@ files:
 - README.md
 - lib/secret-keeper.rb
 - spec/secret-keeper_spec.rb
-homepage: https://github.com/redtear1115/secret-keeper
+homepage: https://gitlab.com/ray-lee/secret-keeper
 licenses:
 - MIT
 metadata: {}
@@ -55,7 +55,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 2.6.14
 signing_key:
 specification_version: 4
 summary: Keep all your secret files within openssl