secret_reader 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +2 -0
- data/Gemfile +6 -0
- data/README.md +40 -0
- data/Rakefile +2 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/secret_reader.rb +30 -0
- data/lib/secret_reader/version.rb +3 -0
- data/secret_reader-0.1.0.gem +0 -0
- data/secret_reader.gemspec +25 -0
- metadata +81 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: b179be44afe6f5643971ceaeec09602f929b06c5
|
4
|
+
data.tar.gz: 30d255d8185f762499af309bc9df10db67118d4e
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 13bbe448bf2b138ad65610f9fd3f3b8681af47d11087bdfcddf1bd60ff19e9562910fdb69265fe37cd2c00701776ba5a4a47e1ab2fd988d4f2dd670e21a295dd
|
7
|
+
data.tar.gz: 3adec7e28daedffdac2db6a1e55c9d680b12d9b574f3f5a65623a47ca77cc16e205087c76ae50873f2f3b94aa537802c66e49e49814f60d4b91fced27b6a496b
|
data/.gitignore
ADDED
data/Gemfile
ADDED
data/README.md
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
# SecretReader
|
2
|
+
|
3
|
+
Many secrets of a MOVEX application, i.e. database credentials, are so far stored in environment variables.
|
4
|
+
In Docker environment reading those secrets from a file is preferred.
|
5
|
+
|
6
|
+
SecretReader helps to combine both approaches. A secret with a given name is at first attempted to be read as
|
7
|
+
an environment variable. Only if not found it is read from a file with the fixed name __/run/secrets/secret__,
|
8
|
+
that contains simple pairs of keys and values and is expected to be delivered by the docker engine as a secret.
|
9
|
+
|
10
|
+
## Installation
|
11
|
+
|
12
|
+
Add this line to your application's Gemfile:
|
13
|
+
|
14
|
+
```ruby
|
15
|
+
gem 'secret_reader'
|
16
|
+
```
|
17
|
+
|
18
|
+
And then execute:
|
19
|
+
|
20
|
+
$ bundle
|
21
|
+
|
22
|
+
Or install it yourself as:
|
23
|
+
|
24
|
+
$ gem install secret_reader
|
25
|
+
|
26
|
+
## Usage
|
27
|
+
|
28
|
+
For instance read the database user for AMOS:
|
29
|
+
|
30
|
+
SecretReader::SecretReader.read('AMOS_DBUSER')
|
31
|
+
|
32
|
+
## Development
|
33
|
+
|
34
|
+
After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
35
|
+
|
36
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
37
|
+
|
38
|
+
## Contributing
|
39
|
+
|
40
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/secret_reader.
|
data/Rakefile
ADDED
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "secret_reader"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'secret_reader/version'
|
2
|
+
require 'yaml'
|
3
|
+
|
4
|
+
module SecretReader
|
5
|
+
# SecretReader reads a configuration with a given name.
|
6
|
+
# Configuration is read in following order, first match is returned
|
7
|
+
# 1. Environment variable
|
8
|
+
# 2. Property File
|
9
|
+
class SecretReader
|
10
|
+
|
11
|
+
if ENV['SECRET_FILE_PATH'].nil? || ENV['SECRET_FILE_PATH'].empty?
|
12
|
+
FILENAME = '/run/secrets/secret'
|
13
|
+
else
|
14
|
+
FILENAME = ENV['SECRET_FILE_PATH']
|
15
|
+
end
|
16
|
+
|
17
|
+
def self.read(name)
|
18
|
+
if !ENV[name].nil? && !ENV[name].empty?
|
19
|
+
return ENV[name]
|
20
|
+
end
|
21
|
+
|
22
|
+
if File.exist?(FILENAME)
|
23
|
+
configs = YAML.load(File.open(FILENAME, 'r'))
|
24
|
+
configs[name]
|
25
|
+
else
|
26
|
+
puts "Unable to open file #{FILENAME} "
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
Binary file
|
@@ -0,0 +1,25 @@
|
|
1
|
+
|
2
|
+
lib = File.expand_path("../lib", __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require "secret_reader/version"
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "secret_reader"
|
8
|
+
spec.version = SecretReader::VERSION
|
9
|
+
spec.authors = ["tmanig"]
|
10
|
+
spec.email = ["thomas.manig@ottogroup.com"]
|
11
|
+
|
12
|
+
spec.summary = "Read Secrets for Configuration from ENV and File"
|
13
|
+
spec.description = "Read Secrets for Configuration from ENV and File"
|
14
|
+
spec.homepage = ""
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
17
|
+
f.match(%r{^(test|spec|features)/})
|
18
|
+
end
|
19
|
+
spec.bindir = "exe"
|
20
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
21
|
+
spec.require_paths = ["lib"]
|
22
|
+
|
23
|
+
spec.add_development_dependency "bundler", "~> 1.16"
|
24
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
25
|
+
end
|
metadata
ADDED
@@ -0,0 +1,81 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: secret_reader
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.2.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- tmanig
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2018-05-08 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.16'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.16'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
description: Read Secrets for Configuration from ENV and File
|
42
|
+
email:
|
43
|
+
- thomas.manig@ottogroup.com
|
44
|
+
executables: []
|
45
|
+
extensions: []
|
46
|
+
extra_rdoc_files: []
|
47
|
+
files:
|
48
|
+
- ".gitignore"
|
49
|
+
- Gemfile
|
50
|
+
- README.md
|
51
|
+
- Rakefile
|
52
|
+
- bin/console
|
53
|
+
- bin/setup
|
54
|
+
- lib/secret_reader.rb
|
55
|
+
- lib/secret_reader/version.rb
|
56
|
+
- secret_reader-0.1.0.gem
|
57
|
+
- secret_reader.gemspec
|
58
|
+
homepage: ''
|
59
|
+
licenses: []
|
60
|
+
metadata: {}
|
61
|
+
post_install_message:
|
62
|
+
rdoc_options: []
|
63
|
+
require_paths:
|
64
|
+
- lib
|
65
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
71
|
+
requirements:
|
72
|
+
- - ">="
|
73
|
+
- !ruby/object:Gem::Version
|
74
|
+
version: '0'
|
75
|
+
requirements: []
|
76
|
+
rubyforge_project:
|
77
|
+
rubygems_version: 2.5.2.1
|
78
|
+
signing_key:
|
79
|
+
specification_version: 4
|
80
|
+
summary: Read Secrets for Configuration from ENV and File
|
81
|
+
test_files: []
|