secret_config 0.5.2 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/secret_config.rb +0 -1
  3. data/lib/secret_config/cli.rb +38 -18
  4. data/lib/secret_config/providers/ssm.rb +1 -1
  5. data/lib/secret_config/registry.rb +4 -0
  6. data/lib/secret_config/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4df8a3d3895f2ff46c059cd8f307803743c1b5de4d01dc271e919f1cba5b68da
4
- data.tar.gz: 9d0a0bb7f4008a626f93a1a068d42b2293334df2e906e8d019157e8087eee9d7
3
+ metadata.gz: 2f0d63fa6c5c401060b46f0295181765357cd8f9ec6627d005566db84b84ee36
4
+ data.tar.gz: d4985e50bfc36057932f30734ae16f48583eaddcee7b8d5d69a3e5721493d88a
5
5
  SHA512:
6
- metadata.gz: e8608deb9165ed58d542305677f9cfadbcc299eecb4548e1b9e6321e054710808f27176b45a92b09f292784ae2078e6329689b1ed985f163866ff19a5f1645db
7
- data.tar.gz: f59f276ded32628b170095e944b75699d0328ed4ee4b39e962c63adc9b80e70d04769a68a97d40384a261909ffcf2dd24a0040cb70769af292dd5173b6238029
6
+ metadata.gz: 35e03c3cd275db6e03a3719aaae155b3a9c12f31a1f01c0d37f320a50a589a4e582139ead7befc16b52510eca57833a2be09128647b6a6666ef86b941680e6bf
7
+ data.tar.gz: 202df652fdaca983f8f2736df883957891043a42fe6751914175145af99a43699f0e18e6883b677a25e08b3bef48fc218294f7cc9526f8d6f355e8b4ccf837c5
data/lib/secret_config.rb CHANGED
@@ -31,7 +31,6 @@ module SecretConfig
31
31
  # Which provider to use along with any arguments
32
32
  # The path will be overriden by env var `SECRET_CONFIG_PATH` if present.
33
33
  def self.use(provider, path: nil, **args)
34
- path ||= ENV["SECRET_CONFIG_PATH"]
35
34
  @registry = SecretConfig::Registry.new(path: path, provider: provider, provider_args: args)
36
35
  end
37
36
 
data/lib/secret_config/cli.rb CHANGED
@@ -83,11 +83,11 @@ module SecretConfig
83
83
  @import = file_name || STDIN
84
84
  end
85
85
 
86
- opts.on '-C', '--copy SOURCE_PATH', 'Import configuration from a file or stdin if no file_name supplied.' do |path|
86
+ opts.on '--copy SOURCE_PATH', 'Import configuration from a file or stdin if no file_name supplied.' do |path|
87
87
  @copy_path = path
88
88
  end
89
89
 
90
- opts.on '-D', '--diff [FILE_NAME]', 'Compare configuration from a file or stdin if no file_name supplied.' do |file_name|
90
+ opts.on '--diff [FILE_NAME]', 'Compare configuration from a file or stdin if no file_name supplied.' do |file_name|
91
91
  @diff = file_name
92
92
  end
93
93
 
@@ -99,27 +99,35 @@ module SecretConfig
99
99
  @path = path
100
100
  end
101
101
 
102
- opts.on '-P', '--provider PROVIDER', 'Provider to use. [ssm | file]. Default: ssm' do |provider|
102
+ opts.on '--provider PROVIDER', 'Provider to use. [ssm | file]. Default: ssm' do |provider|
103
103
  @provider = provider.to_sym
104
104
  end
105
105
 
106
- opts.on '-U', '--no-filter', 'Do not filter passwords and keys.' do
106
+ opts.on '--no-filter', 'Do not filter passwords and keys.' do
107
107
  @no_filter = true
108
108
  end
109
109
 
110
- opts.on '-d', '--prune', 'During import delete all existing keys for which there is no key in the import file.' do
110
+ opts.on '--prune', 'During import delete all existing keys for which there is no key in the import file.' do
111
111
  @prune = true
112
112
  end
113
113
 
114
- opts.on '-k', '--key_id KEY_ID', 'AWS KMS Key id or Key Alias to use when importing configuration values. Default: AWS Default key.' do |key_id|
114
+ opts.on '--key_id KEY_ID', 'Encrypt config settings with this AWS KMS key id. Default: AWS Default key.' do |key_id|
115
115
  @key_id = key_id
116
116
  end
117
117
 
118
- opts.on '-r', '--region REGION', 'AWS Region to use. Default: AWS_REGION env var.' do |region|
118
+ opts.on '--key_alias KEY_ALIAS', 'Encrypt config settings with this AWS KMS alias.' do |key_alias|
119
+ if key_alias =~ /^alias\//
120
+ @key_id = key_alias
121
+ else
122
+ @key_id = "alias/#{key_alias}"
123
+ end
124
+ end
125
+
126
+ opts.on '--region REGION', 'AWS Region to use. Default: AWS_REGION env var.' do |region|
119
127
  @region = region
120
128
  end
121
129
 
122
- opts.on '-R', '--random_size INTEGER', 'Size to use when generating random values. Whenever $random is encountered during an import. Default: 32' do |region|
130
+ opts.on '--random_size INTEGER', Integer, 'Size to use when generating random values. Whenever $random is encountered during an import. Default: 32' do |region|
123
131
  @random_size = random_size
124
132
  end
125
133
 
@@ -168,7 +176,7 @@ module SecretConfig
168
176
 
169
177
  unless delete_keys.empty?
170
178
  puts "Going to delete the following keys:"
171
- delete_keys.each {|key| puts " #{key}"}
179
+ delete_keys.each { |key| puts " #{key}" }
172
180
  sleep(5)
173
181
  end
174
182
 
@@ -250,7 +258,8 @@ module SecretConfig
250
258
 
251
259
  def fetch_config(path, filtered: true)
252
260
  registry = Registry.new(path: path, provider: provider_instance)
253
- filtered ? registry.configuration : registry.configuration(filters: nil)
261
+ config = filtered ? registry.configuration : registry.configuration(filters: nil)
262
+ sort_hash_by_key!(config)
254
263
  end
255
264
 
256
265
  def read_file(file_name_or_io)
@@ -280,14 +289,16 @@ module SecretConfig
280
289
  end
281
290
 
282
291
  def parse(data, format)
283
- case format
284
- when :yml
285
- YAML.load(ERB.new(data).result)
286
- when :json
287
- JSON.parse(data)
288
- else
289
- raise ArgumentError, "Invalid format: #{format.inspect}"
290
- end
292
+ config =
293
+ case format
294
+ when :yml
295
+ YAML.load(ERB.new(data).result)
296
+ when :json
297
+ JSON.parse(data)
298
+ else
299
+ raise ArgumentError, "Invalid format: #{format.inspect}"
300
+ end
301
+ sort_hash_by_key!(config)
291
302
  end
292
303
 
293
304
  def file_format(file_name)
@@ -306,5 +317,14 @@ module SecretConfig
306
317
  def random_password
307
318
  SecureRandom.urlsafe_base64(random_size)
308
319
  end
320
+
321
+ def sort_hash_by_key!(h)
322
+ h.keys.sort.each do |key|
323
+ value = h[key] = h.delete(key)
324
+ sort_hash_by_key!(value) if value.is_a?(Hash)
325
+ end
326
+ h
327
+ end
328
+
309
329
  end
310
330
  end
data/lib/secret_config/providers/ssm.rb CHANGED
@@ -10,7 +10,7 @@ module SecretConfig
10
10
  class Ssm < Provider
11
11
  attr_reader :client, :key_id
12
12
 
13
- def initialize(key_id: nil)
13
+ def initialize(key_id: ENV["AWS_ACCESS_KEY_ID"])
14
14
  @key_id = key_id
15
15
  logger = SemanticLogger['Aws::SSM'] if defined?(SemanticLogger)
16
16
  @client = Aws::SSM::Client.new(logger: logger)
data/lib/secret_config/registry.rb CHANGED
@@ -122,6 +122,10 @@ module SecretConfig
122
122
 
123
123
  def decompose(key, value, h = {})
124
124
  path, name = File.split(key)
125
+ if path == '.'
126
+ h[key] = value
127
+ return h
128
+ end
125
129
  last = path.split('/').reduce(h) do |target, path|
126
130
  if path == ''
127
131
  target
data/lib/secret_config/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SecretConfig
2
- VERSION = '0.5.2'
2
+ VERSION = '0.5.3'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secret_config
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.2
4
+ version: 0.5.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Reid Morrison
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-30 00:00:00.000000000 Z
11
+ date: 2019-10-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: concurrent-ruby