secret-keeper 2.0.0 → 2.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +54 -38
  3. data/lib/secret-keeper.rb +12 -4
  4. data/spec/secret-keeper_spec.rb +11 -7
  5. metadata +6 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 993613940fe2fd54b0db8ea676aeaeb82a1de574b6d986a904f14e166d9826a2
4
- data.tar.gz: 92c2b76672090397d60871cf438fc597877351ae74c09cd4f43d927d2c3de0b1
3
+ metadata.gz: 02b7af882ca00b08446cf2c709b2a78dfd6dbae26f9934a86b41bf08e6c77980
4
+ data.tar.gz: be627f265da16fa8a4de25c6e03f9a58c30414d5545120cb626c6d7d647eb828
5
5
  SHA512:
6
- metadata.gz: a3c9d114ab4bcd7b0958ff3fa999e2b2ffb3c4bda4eeab15e54841daa9596d24ec6c7323893d07995e8fe6f4c7fb47ccc082e88b5c89513fe12010a350ba1b84
7
- data.tar.gz: 9a6e63acc12ef13e56237e8dde65e28b45a47423a700b71c6d79486fabcf89dbd3f13426f26e23ab08f54a9ca09fb186b00bcdefab19f6a3c1bc1e27c8682719
6
+ metadata.gz: 45144e93f9f12b0269929403be0ddb017600157cb9365a22b431e9f6b3eebe6406c9a93925365182daea38cd05d9825bfff4a317dce34a70fb936da26a2308c2
7
+ data.tar.gz: 8b525a0e7338805a3990fd615bad81ab7ee09557aceb82ce08455833c5321e4a258bae793fc33fc3c432357db8fb20f4ed8edd7bcd37bbc78449c4e8dc052112
data/README.md CHANGED
@@ -6,73 +6,89 @@ Keep all your secret files within openssl
6
6
 
7
7
  from console
8
8
 
9
- gem install secret-keeper
9
+ ```bash
10
+ gem install secret-keeper
11
+ ```
10
12
 
11
13
  with bundler, write follwing line in your Gemfile
12
14
 
13
- gem 'secret-keeper', require: false
15
+ ```bash
16
+ gem 'secret-keeper', require: false
17
+ ```
14
18
 
15
19
  ## Upgrade from v1 to v2
16
20
 
17
21
  The *remove_production* parameter of *decrypt_files* has been removed after version 2.0.0.
18
22
  If you wants to remove *production* settings after decrypt files, you can set *remove_production* option to *true* in *secret-keeper.yml*:
19
23
 
20
- ```
21
- options:
22
- remove_production: false
24
+ ```yaml
25
+ options:
26
+ remove_production: false
23
27
  ```
24
28
 
25
29
  ## Usage
26
30
  setup files need to be encrypted in config/secret-keeper.yml
27
31
 
28
- # config/secret-keeper.yml example
29
- development:
30
- ev_name: SECRET_KEEPER
31
- cipher: AES-256-CBC
32
- options:
33
- slience: false
34
- remove_production: false
35
- remove_source: false
36
- tasks:
37
- -
38
- encrypt_from: example/database.yml
39
- encrypt_to: example/database.yml.enc
40
- # decrypt_from: example/database.yml.enc
41
- # decrypt_to: example/database.yml
42
- -
43
- encrypt_from: example/secrets_from_other_source.yml
44
- encrypt_to: example/secrets.yml.enc
45
- # decrypt_from: example/secrets.yml.enc
46
- decrypt_to: example/secrets.yml
32
+ ```yaml
33
+ # config/secret-keeper.yml example
34
+ development:
35
+ ev_name: SECRET_KEEPER
36
+ cipher: AES-256-CBC
37
+ options:
38
+ slience: false
39
+ remove_production: false
40
+ remove_source: false
41
+ tasks:
42
+ -
43
+ encrypt_from: example/database.yml
44
+ encrypt_to: example/database.yml.enc
45
+ # decrypt_from: example/database.yml.enc
46
+ # decrypt_to: example/database.yml
47
+ -
48
+ encrypt_from: example/secrets_from_other_source.yml
49
+ encrypt_to: example/secrets.yml.enc
50
+ # decrypt_from: example/secrets.yml.enc
51
+ decrypt_to: example/secrets.yml
52
+ ```
47
53
 
48
54
  using environment variable SECRET_KEEPER to be your key of cipher
49
55
 
50
- $> SECRET_KEEPER=[YOUR-CIPHER-KEY-HERE] irb
56
+ ```bash
57
+ $> SECRET_KEEPER=[YOUR-CIPHER-KEY-HERE] irb
58
+ ```
51
59
 
52
60
  require on demand
53
61
 
54
- irb> require 'secret-keeper'
62
+ ```bash
63
+ irb> require 'secret-keeper'
64
+ ```
55
65
 
56
66
  encrypt files based on your tasks defined in config/secret-keeper.yml
57
67
 
58
- irb> SecretKeeper.encrypt_files
59
- # Encrypting...
60
- # * example/database.yml --> example/database.yml.enc, ok
61
- # * example/secrets.yml --> example/secrets.yml.enc, ok
62
- # Done!
68
+ ```bash
69
+ irb> SecretKeeper.encrypt_files
70
+ # Encrypting...
71
+ # * example/database.yml --> example/database.yml.enc, ok
72
+ # * example/secrets.yml --> example/secrets.yml.enc, ok
73
+ # Done!
74
+ ```
63
75
 
64
76
  decrypt files based on your tasks defined in config/secret-keeper.yml
65
77
 
66
- irb> SecretKeeper.decrypt_files
67
- # Decrypting...
68
- # * example/database.yml.enc --> example/database.yml, ok
69
- # * example/secrets.yml.enc --> example/secrets.yml, ok
70
- # Done!
78
+ ```bash
79
+ irb> SecretKeeper.decrypt_files
80
+ # Decrypting...
81
+ # * example/database.yml.enc --> example/database.yml, ok
82
+ # * example/secrets.yml.enc --> example/secrets.yml, ok
83
+ # Done!
84
+ ```
71
85
 
72
86
  ## Available Ciphers
73
87
 
74
- irb> require 'openssl'
75
- irb> OpenSSL::Cipher.ciphers
88
+ ```bash
89
+ irb> require 'openssl'
90
+ irb> OpenSSL::Cipher.ciphers
91
+ ```
76
92
 
77
93
  ## Options
78
94
 
data/lib/secret-keeper.rb CHANGED
@@ -11,7 +11,7 @@ class SecretKeeper
11
11
  printer << '(source files removed)' if sk.options['remove_source']
12
12
  ok_queue = []
13
13
  sk.tasks.each do |task|
14
- from = File.exists?(task['encrypt_from']) ? task['encrypt_from'] : task['decrypt_to']
14
+ from = File.exist?(task['encrypt_from']) ? task['encrypt_from'] : task['decrypt_to']
15
15
  to = task['encrypt_to']
16
16
 
17
17
  result = sk.encrypt_file(from, to)
@@ -58,8 +58,12 @@ class SecretKeeper
58
58
  env = ENV['RAILS_ENV'] || 'development'
59
59
  string = File.open('config/secret-keeper.yml', 'rb') { |f| f.read }
60
60
  fail 'config/secret-keeper.yml not existed nor not readable' if string.nil?
61
- config = YAML.load(string)[env]
62
- fail 'config/secret-keeper.yml incorrect or environment not exist' if config.nil?
61
+ begin
62
+ config = YAML.load(string, aliases: true)[env] || {}
63
+ rescue ArgumentError
64
+ config = YAML.load(string)[env] || {}
65
+ end
66
+ fail 'config/secret-keeper.yml incorrect or environment not exist' if config.nil? || config.empty?
63
67
  ev_name = config['ev_name'] || 'SECRET_KEEPER'
64
68
  fail "environment variable #{ev_name} not exist" if ENV[ev_name].nil?
65
69
 
@@ -88,7 +92,11 @@ class SecretKeeper
88
92
 
89
93
  def remove_production_config(file_path)
90
94
  return :ok unless file_path =~ /\.yml/
91
- hash = YAML.load_file(file_path)
95
+ begin
96
+ hash = YAML.load_file(file_path, aliases: true)
97
+ rescue ArgumentError
98
+ hash = YAML.load_file(file_path)
99
+ end
92
100
  hash.delete('production')
93
101
  File.write(file_path, YAML.dump(hash))
94
102
  :ok
data/spec/secret-keeper_spec.rb CHANGED
@@ -28,8 +28,8 @@ describe SecretKeeper do
28
28
  SecretKeeper.new.tasks.each do |task|
29
29
  source_file = task['encrypt_from']
30
30
  target_file = task['encrypt_to']
31
- expect(File.exists?(source_file)).to eq(false)
32
- expect(File.exists?(target_file)).to eq(true)
31
+ expect(File.exist?(source_file)).to eq(false)
32
+ expect(File.exist?(target_file)).to eq(true)
33
33
  end
34
34
  end
35
35
  end
@@ -38,7 +38,11 @@ describe SecretKeeper do
38
38
  it 'should return true' do
39
39
  result = SecretKeeper.decrypt_files
40
40
  expect(result).to eq(true)
41
- hash = YAML.load_file('example/secrets.yml')
41
+ begin
42
+ hash = YAML.load_file('example/secrets.yml', aliases: true)
43
+ rescue ArgumentError
44
+ hash = YAML.load_file('example/secrets.yml')
45
+ end
42
46
  expect(hash['development']['secret_key_base']).to eq('e8310af93d52f174f475940c41fbfb90417b300ebc19e1b24bd5639f4fe35c5ffaa5775a347ace9732958f656a47f6bb8e1fd0760b12e51b0b4fe1f65ef0a1d6')
43
47
  expect(hash['production']['secret_key_base']).to eq('339f639f4fe35c5ffaa47ace973260b12e51b0b4fe1f65effd283a5f054f47594b24bd565779e351a20dfd4ada4f777958f0417b305c06cdedbde392b8e1fd07')
44
48
  end
@@ -71,8 +75,8 @@ describe SecretKeeper do
71
75
  SecretKeeper.new.tasks.each do |task|
72
76
  source_file = task['decrypt_from'] || task['encrypt_to']
73
77
  target_file = task['decrypt_to'] || task['encrypt_from']
74
- expect(File.exists?(source_file)).to eq(false)
75
- expect(File.exists?(target_file)).to eq(true)
78
+ expect(File.exist?(source_file)).to eq(false)
79
+ expect(File.exist?(target_file)).to eq(true)
76
80
  end
77
81
  end
78
82
 
@@ -92,8 +96,8 @@ describe SecretKeeper do
92
96
  SecretKeeper.new.tasks.each do |task|
93
97
  source_file = task['decrypt_from'] || task['encrypt_to']
94
98
  target_file = task['decrypt_to'] || task['encrypt_from']
95
- expect(File.exists?(source_file)).to eq(false)
96
- expect(File.exists?(target_file)).to eq(true)
99
+ expect(File.exist?(source_file)).to eq(false)
100
+ expect(File.exist?(target_file)).to eq(true)
97
101
  end
98
102
  end
99
103
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secret-keeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ray Lee
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-05-27 00:00:00.000000000 Z
11
+ date: 2023-05-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -37,7 +37,9 @@ files:
37
37
  homepage: https://github.com/kdan-mobile-software-ltd/secret-keeper
38
38
  licenses:
39
39
  - MIT
40
- metadata: {}
40
+ metadata:
41
+ source_code_uri: https://github.com/kdan-mobile-software-ltd/secret-keeper
42
+ changelog_uri: https://github.com/kdan-mobile-software-ltd/secret-keeper/blob/master/CHANGELOG.md
41
43
  post_install_message:
42
44
  rdoc_options:
43
45
  - "--charset=UTF-8"
@@ -54,7 +56,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
54
56
  - !ruby/object:Gem::Version
55
57
  version: '0'
56
58
  requirements: []
57
- rubygems_version: 3.2.32
59
+ rubygems_version: 3.4.10
58
60
  signing_key:
59
61
  specification_version: 4
60
62
  summary: Keep all your secret files within openssl