secret_reader 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +2 -0
  3. data/Gemfile +6 -0
  4. data/README.md +40 -0
  5. data/Rakefile +2 -0
  6. data/bin/console +14 -0
  7. data/bin/setup +8 -0
  8. data/lib/secret_reader.rb +30 -0
  9. data/lib/secret_reader/version.rb +3 -0
  10. data/secret_reader-0.1.0.gem +0 -0
  11. data/secret_reader.gemspec +25 -0
  12. metadata +81 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: b179be44afe6f5643971ceaeec09602f929b06c5
4
+ data.tar.gz: 30d255d8185f762499af309bc9df10db67118d4e
5
+ SHA512:
6
+ metadata.gz: 13bbe448bf2b138ad65610f9fd3f3b8681af47d11087bdfcddf1bd60ff19e9562910fdb69265fe37cd2c00701776ba5a4a47e1ab2fd988d4f2dd670e21a295dd
7
+ data.tar.gz: 3adec7e28daedffdac2db6a1e55c9d680b12d9b574f3f5a65623a47ca77cc16e205087c76ae50873f2f3b94aa537802c66e49e49814f60d4b91fced27b6a496b
data/.gitignore ADDED
@@ -0,0 +1,2 @@
1
+ .idea/
2
+ Gemfile.lock
data/Gemfile ADDED
@@ -0,0 +1,6 @@
1
+ source "https://rubygems.org"
2
+
3
+ git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
4
+
5
+ # Specify your gem's dependencies in secret_reader.gemspec
6
+ gemspec
data/README.md ADDED
@@ -0,0 +1,40 @@
1
+ # SecretReader
2
+
3
+ Many secrets of a MOVEX application, i.e. database credentials, are so far stored in environment variables.
4
+ In Docker environment reading those secrets from a file is preferred.
5
+
6
+ SecretReader helps to combine both approaches. A secret with a given name is at first attempted to be read as
7
+ an environment variable. Only if not found it is read from a file with the fixed name __/run/secrets/secret__,
8
+ that contains simple pairs of keys and values and is expected to be delivered by the docker engine as a secret.
9
+
10
+ ## Installation
11
+
12
+ Add this line to your application's Gemfile:
13
+
14
+ ```ruby
15
+ gem 'secret_reader'
16
+ ```
17
+
18
+ And then execute:
19
+
20
+ $ bundle
21
+
22
+ Or install it yourself as:
23
+
24
+ $ gem install secret_reader
25
+
26
+ ## Usage
27
+
28
+ For instance read the database user for AMOS:
29
+
30
+ SecretReader::SecretReader.read('AMOS_DBUSER')
31
+
32
+ ## Development
33
+
34
+ After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
35
+
36
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
37
+
38
+ ## Contributing
39
+
40
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/secret_reader.
data/Rakefile ADDED
@@ -0,0 +1,2 @@
1
+ require "bundler/gem_tasks"
2
+ task :default => :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "secret_reader"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
data/lib/secret_reader.rb ADDED
@@ -0,0 +1,30 @@
1
+ require 'secret_reader/version'
2
+ require 'yaml'
3
+
4
+ module SecretReader
5
+ # SecretReader reads a configuration with a given name.
6
+ # Configuration is read in following order, first match is returned
7
+ # 1. Environment variable
8
+ # 2. Property File
9
+ class SecretReader
10
+
11
+ if ENV['SECRET_FILE_PATH'].nil? || ENV['SECRET_FILE_PATH'].empty?
12
+ FILENAME = '/run/secrets/secret'
13
+ else
14
+ FILENAME = ENV['SECRET_FILE_PATH']
15
+ end
16
+
17
+ def self.read(name)
18
+ if !ENV[name].nil? && !ENV[name].empty?
19
+ return ENV[name]
20
+ end
21
+
22
+ if File.exist?(FILENAME)
23
+ configs = YAML.load(File.open(FILENAME, 'r'))
24
+ configs[name]
25
+ else
26
+ puts "Unable to open file #{FILENAME} "
27
+ end
28
+ end
29
+ end
30
+ end
data/lib/secret_reader/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module SecretReader
2
+ VERSION = "0.2.0"
3
+ end
data/secret_reader-0.1.0.gem ADDED
Binary file
data/secret_reader.gemspec ADDED
@@ -0,0 +1,25 @@
1
+
2
+ lib = File.expand_path("../lib", __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require "secret_reader/version"
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "secret_reader"
8
+ spec.version = SecretReader::VERSION
9
+ spec.authors = ["tmanig"]
10
+ spec.email = ["thomas.manig@ottogroup.com"]
11
+
12
+ spec.summary = "Read Secrets for Configuration from ENV and File"
13
+ spec.description = "Read Secrets for Configuration from ENV and File"
14
+ spec.homepage = ""
15
+
16
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
17
+ f.match(%r{^(test|spec|features)/})
18
+ end
19
+ spec.bindir = "exe"
20
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
21
+ spec.require_paths = ["lib"]
22
+
23
+ spec.add_development_dependency "bundler", "~> 1.16"
24
+ spec.add_development_dependency "rake", "~> 10.0"
25
+ end
metadata ADDED
@@ -0,0 +1,81 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: secret_reader
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.2.0
5
+ platform: ruby
6
+ authors:
7
+ - tmanig
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2018-05-08 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.16'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.16'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '10.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '10.0'
41
+ description: Read Secrets for Configuration from ENV and File
42
+ email:
43
+ - thomas.manig@ottogroup.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - ".gitignore"
49
+ - Gemfile
50
+ - README.md
51
+ - Rakefile
52
+ - bin/console
53
+ - bin/setup
54
+ - lib/secret_reader.rb
55
+ - lib/secret_reader/version.rb
56
+ - secret_reader-0.1.0.gem
57
+ - secret_reader.gemspec
58
+ homepage: ''
59
+ licenses: []
60
+ metadata: {}
61
+ post_install_message:
62
+ rdoc_options: []
63
+ require_paths:
64
+ - lib
65
+ required_ruby_version: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - ">="
68
+ - !ruby/object:Gem::Version
69
+ version: '0'
70
+ required_rubygems_version: !ruby/object:Gem::Requirement
71
+ requirements:
72
+ - - ">="
73
+ - !ruby/object:Gem::Version
74
+ version: '0'
75
+ requirements: []
76
+ rubyforge_project:
77
+ rubygems_version: 2.5.2.1
78
+ signing_key:
79
+ specification_version: 4
80
+ summary: Read Secrets for Configuration from ENV and File
81
+ test_files: []