secret_data 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/.travis.yml

@@ -0,0 +1,18 @@
+language: ruby
+bundler_args: --without development darwin linux
+rvm:
+  - 1.9.3
+  - 1.9.2
+  - jruby-18mode
+  - jruby-19mode
+  - rbx-18mode
+  - rbx-19mode
+  - ruby-head
+  - jruby-head
+  - ree
+script:
+  - bundle exec rspec
+branch:
+  only:
+    - master
+    - develop

data/Gemfile

@@ -0,0 +1,24 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in secret_data.gemspec
+gemspec
+
+group :test, :development do
+  gem 'rspec'
+  gem 'fakefs'
+end
+
+group :development do
+  gem 'rake'
+  gem 'simplecov'
+  gem 'redcarpet'
+
+  gem 'guard-bundler'
+  gem 'guard-rspec'
+  gem 'guard-yard'
+
+  # Watch file change events instead of polling
+  gem 'rb-fsevent', :require => false, :group => :darwin              # OSX
+  gem 'rb-inotify', :require => false, :group => :linux               # Linux
+  gem 'wdm',        :require => false, :platforms => [:mswin, :mingw] # Windows
+end

data/Guardfile

@@ -0,0 +1,38 @@
+#!/usr/bin/env ruby
+
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+
+guard 'bundler' do
+  watch('Gemfile')
+  # Uncomment next line if Gemfile contain `gemspec' command
+  # watch(/^.+\.gemspec/)
+end
+
+guard 'rspec' do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+
+  # Rails example
+  watch(%r{^app/(.+)\.rb$})                           { |m| "spec/#{m[1]}_spec.rb" }
+  watch(%r{^app/(.*)(\.erb|\.haml)$})                 { |m| "spec/#{m[1]}#{m[2]}_spec.rb" }
+  watch(%r{^app/controllers/(.+)_(controller)\.rb$})  { |m| ["spec/routing/#{m[1]}_routing_spec.rb", "spec/#{m[2]}s/#{m[1]}_#{m[2]}_spec.rb", "spec/acceptance/#{m[1]}_spec.rb"] }
+  watch(%r{^spec/support/(.+)\.rb$})                  { "spec" }
+  watch('config/routes.rb')                           { "spec/routing" }
+  watch('app/controllers/application_controller.rb')  { "spec/controllers" }
+
+  # Capybara request specs
+  watch(%r{^app/views/(.+)/.*\.(erb|haml)$})          { |m| "spec/requests/#{m[1]}_spec.rb" }
+
+  # Turnip features and steps
+  watch(%r{^spec/acceptance/(.+)\.feature$})
+  watch(%r{^spec/acceptance/steps/(.+)_steps\.rb$})   { |m| Dir[File.join("**/#{m[1]}.feature")][0] || 'spec/acceptance' }
+end
+
+
+guard 'yard' do
+  watch(%r{app/.+\.rb})
+  watch(%r{lib/.+\.rb})
+  watch(%r{ext/.+\.c})
+end

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Alexander Wenzowski
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,58 @@
+[![Build Status](https://secure.travis-ci.org/wenzowski/secret-data.png)](http://travis-ci.org/wenzowski/secret-data)
+
+SecretData
+==========
+
+A helper class for silencing secret data.
+
+
+Installation
+------------
+
+Add this line to your application's Gemfile:
+
+    gem 'secret_data'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install secret_data
+
+
+Usage
+-----
+
+Example usage with VCR gem to silence api credentials.
+
+    require 'secret_data'
+    require 'vcr'
+
+    secret_data = SecretData.new(:yml_path => 'your_config.yml')
+    VCR.configure do |c|
+      secret_data.silence! do |find, replace|
+        c.filter_sensitive_data(replace) { find }
+      end
+    end
+
+Configuration via block is also allowed.
+
+    SecretData.new.configure {|config|
+      config.message = '~*~GOODBYE_{{var}}~*~'  # optional
+      config.add_from_env('API_SECRET')         # reads ENV['API_SECRET']
+    }.silence!{|secret, message|
+      puts "Have some ultra-confidential data: #{secret}!"
+      puts "...whoops, I should have shown you #{message}."
+    }
+
+
+Contributing
+------------
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/config.yml

@@ -0,0 +1,4 @@
+---
+description: secret
+nested:
+  another: secret2

data/lib/secret_data.rb

@@ -0,0 +1,9 @@
+require 'secret_data/version'
+require 'secret_data/silencer'
+
+##
+# This class is intended as a helper for keeping track of 
+# pairs of secret data and generating unique, human-readable
+# placeholders suitable for public release.
+class SecretData
+end

data/lib/secret_data/silencer.rb

@@ -0,0 +1,70 @@
+require 'yaml'
+require 'erb'
+
+class SecretData
+  attr_accessor :message
+
+  def initialize(opts={})
+    @message  = '____SILENCED_{{var}}____'
+    @secrets  = {}
+
+    load_yaml!(opts[:yml_path]) if opts[:yml_path]
+  end
+
+  def configure(&block)
+    block.call(self)
+    self
+  end
+
+  ##
+  # Iterates through each secret and display message pair.
+  # 
+  def silence(&block)
+    @secrets.each_pair do |secret, message|
+      block.call secret, message
+    end
+  end
+
+  ##
+  # Loads a secret from ENV using the environment variable name 
+  # to generate an appropriate display message.
+  def add_from_env(var_name)
+    recursive_load(var_name => ENV[var_name])
+  end
+
+  ##
+  # Loads secrets from a hash of variable name keys and 
+  # corresponding secrets.
+  def add(hash)
+    recursive_load(nested_hash)
+  end
+
+  ##
+  # Loads secrets from a YAML file of nested hashes, eg.
+  #
+  #     ---
+  #     variable_name: secret_value
+  #     nested_hash:
+  #       another_variable: another_secret
+  def load_yaml!(yml_path)
+    nested_hash = YAML.load(ERB.new(File.read(yml_path)).result)
+    recursive_load(nested_hash)
+  end
+
+  private
+
+  def recursive_load(nested_hash, context='')
+    nested_hash.each_pair do |key, val|
+      case val
+      when String
+        @secrets[val] = message_for("#{context}#{key}")
+      when Hash
+        recursive_load(val, "#{context}#{key}_")
+      end
+    end
+  end
+
+  def message_for(key)
+    @message.gsub /\{\{var\}\}/, "#{key.to_s}"
+  end
+end

data/lib/secret_data/version.rb

@@ -0,0 +1,3 @@
+class SecretData
+  VERSION = '0.0.1'
+end

data/secret_data.gemspec

@@ -0,0 +1,21 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/secret_data/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Alexander Wenzowski"]
+  gem.email         = ["alexander@wenzowski.com"]
+  gem.description   = %q{A helper class for silencing secret data.}
+  gem.summary       = <<-EOF
+    SecretData loads sensitives strings from YAML, ENV, or Hash and 
+    automatically generates a placeholder string that is safe to publsh
+    publicly, yet descriptive enough not to inhibit debugging.
+  EOF
+  gem.homepage      = "https://github.com/wenzowski/secret_data"
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "secret_data"
+  gem.require_paths = ["lib"]
+  gem.version       = SecretData::VERSION
+end

data/spec/lib/secret_data/silencer_spec.rb

@@ -0,0 +1,65 @@
+require 'spec_helper'
+
+describe SecretData do
+
+  context '#initialize' do
+    context 'with YAML', :fakefs do
+      subject { SecretData.new :yml_path => 'config.yml' }
+
+      before :each do
+        File.open('config.yml', 'w') do |f| 
+          f.write({
+            'description' => 'secret',
+            'nested' => {
+              'another' => 'secret2'
+            }
+          }.to_yaml)
+        end
+      end
+
+      it do 
+        subject.instance_variable_get('@secrets').should == {
+          'secret' => "____SILENCED_description____",
+          'secret2' => "____SILENCED_nested_another____"
+        }
+      end
+    end
+  end
+
+  context '#silence' do
+    subject {
+      ENV['VAR'] = 'secret data'
+      SecretData.new.configure{|c| c.add_from_env('VAR') }
+    }
+
+    it do
+      subject.silence {|secret, message|
+        secret.should == 'secret data'
+        message.should == '____SILENCED_VAR____'
+      }
+    end
+  end
+
+  context '#message_for' do
+    subject { SecretData.new }
+
+    context 'default message' do
+      it do
+        subject.send(
+          :message_for, 'FOO'
+        ).should == '____SILENCED_FOO____'
+      end
+    end
+
+    context 'custom message' do
+      it do
+        subject.configure do |config|
+          config.message = '{{var}}'
+        end
+        subject.send(:message_for, 'FOO').should == 'FOO'
+      end
+    end
+  end
+
+
+end

data/spec/lib/secret_data/version_spec.rb

@@ -0,0 +1,5 @@
+require 'spec_helper'
+
+describe SecretData do
+  it { SecretData::VERSION.should eq('0.0.1'), "Please don't bump the version." }
+end

data/spec/lib/secret_data_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe SecretData do
+  it do
+    expect { SecretData.new }.to_not raise_error
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,30 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+begin
+  require 'simplecov'
+  SimpleCov.start
+rescue LoadError
+end
+
+require 'secret_data'
+require 'fakefs/safe'
+require 'fakefs/spec_helpers'
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+
+  config.include FakeFS::SpecHelpers, :fakefs => true
+end

metadata

@@ -0,0 +1,75 @@
+--- !ruby/object:Gem::Specification
+name: secret_data
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Alexander Wenzowski
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-11-02 00:00:00.000000000 Z
+dependencies: []
+description: A helper class for silencing secret data.
+email:
+- alexander@wenzowski.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .travis.yml
+- Gemfile
+- Guardfile
+- LICENSE
+- README.md
+- Rakefile
+- config.yml
+- lib/secret_data.rb
+- lib/secret_data/silencer.rb
+- lib/secret_data/version.rb
+- secret_data.gemspec
+- spec/lib/secret_data/silencer_spec.rb
+- spec/lib/secret_data/version_spec.rb
+- spec/lib/secret_data_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/wenzowski/secret_data
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -2849534964713371609
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -2849534964713371609
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: SecretData loads sensitives strings from YAML, ENV, or Hash and  automatically
+  generates a placeholder string that is safe to publsh publicly, yet descriptive
+  enough not to inhibit debugging.
+test_files:
+- spec/lib/secret_data/silencer_spec.rb
+- spec/lib/secret_data/version_spec.rb
+- spec/lib/secret_data_spec.rb
+- spec/spec_helper.rb
+has_rdoc: