secrets_cli 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +22 -10
- data/lib/secrets_cli/version.rb +1 -1
- data/secrets_cli.gemspec +1 -0
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b7fcace3daa493f83afd8a9d6e8ba45c28bf16eb
|
|
4
|
+
data.tar.gz: f9612adf56af992dbbd5f7e840ab1974ecde0010
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5a9cc18855a4c5e715901e3c4f752169213eab337f595b482cabdf2af349f49e543e4b2ac30b84e8e8baff4f6ce6b3309c66d8cad0ece223dcab4b6ff45f1143
|
|
7
|
+
data.tar.gz: bcc28cfcb65809493dc96aa7fcba1061f0b831c39f4cad32a043e9d7a200026e527f32ae65e45d3732893308e5ebe976a6941ab4f553b425c10bd5fe57e62d35
|
data/README.md
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
|
+
[](https://badge.fury.io/rb/secrets_cli)
|
|
2
|
+
|
|
1
3
|
# SecretsCli
|
|
2
4
|
|
|
3
|
-
This is a CLI for easier use of (
|
|
5
|
+
This is a CLI for easier use of [vault](https://www.vaultproject.io/)
|
|
4
6
|
|
|
5
7
|
## Installation
|
|
6
8
|
|
|
@@ -23,14 +25,17 @@ Or install it yourself as:
|
|
|
23
25
|
`vault` must be installed on system. This gem adds a dependancy to `vault-binaries` which will install `vault` for you.
|
|
24
26
|
|
|
25
27
|
Following environemt variables need to be set:
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
28
|
+
|
|
29
|
+
VAULT_ADDR - this is an address to vault server
|
|
30
|
+
SECRETS_VAULT_AUTH_METHOD - this is auth method ('github' or 'token' supported for now)
|
|
31
|
+
SECRETS_VAULT_AUTH_TOKEN - this is vault auth token
|
|
32
|
+
|
|
33
|
+
For github token you only need `read:org` permissions.
|
|
29
34
|
|
|
30
35
|
## Usage
|
|
31
36
|
|
|
32
|
-
All commands have
|
|
33
|
-
Some of the commands have
|
|
37
|
+
All commands have `--help` with detailed descriptions of options.
|
|
38
|
+
Some of the commands have `--verbose` switch which will print out the commands it run.
|
|
34
39
|
|
|
35
40
|
### Init
|
|
36
41
|
|
|
@@ -39,30 +44,37 @@ Some of the commands have --verbose switch which will print out the commands it
|
|
|
39
44
|
This will create `.secrets` file with project configuration. The command will ask you all it needs to know if you do not
|
|
40
45
|
supply the config through options.
|
|
41
46
|
|
|
47
|
+
These configs need to be set:
|
|
48
|
+
|
|
49
|
+
`secrets_file` - file where your secrets are kept. `config/application.yml` for figaro, `.env` for dotenv or something else.
|
|
50
|
+
`secrets_repo` - vault 'repo' where your secrets will be kept. Example: `rails/secrets/`
|
|
51
|
+
`secrets_field` - a field in vault repo where the contents of secrets_file will be written. Example: `secrets`
|
|
52
|
+
|
|
42
53
|
### Auth
|
|
43
54
|
|
|
44
55
|
$ secrets auth
|
|
45
56
|
|
|
46
57
|
You need to first authenticate yourself on vault server to be able to read and write.
|
|
47
|
-
Needs to be done only
|
|
58
|
+
Needs to be done only _once_ for token.
|
|
48
59
|
|
|
49
60
|
### Read
|
|
50
61
|
|
|
51
62
|
$ secrets read
|
|
52
63
|
|
|
53
|
-
This will only read from vault.
|
|
64
|
+
This will only read from vault repo + environment. Environment can be set by `--environment` option, `RAILS_ENV` variable.
|
|
65
|
+
Default is `development` if nothing is set. Example: `rails/secrets/environment`
|
|
54
66
|
|
|
55
67
|
### Pull
|
|
56
68
|
|
|
57
69
|
$ secrets pull
|
|
58
70
|
|
|
59
|
-
This will pull from vault and write to your secrets file.
|
|
71
|
+
This will pull from vault and write to your secrets file. For environment see `Read`
|
|
60
72
|
|
|
61
73
|
### Push
|
|
62
74
|
|
|
63
75
|
$ secrets push
|
|
64
76
|
|
|
65
|
-
This will push from your secrets file to vault.
|
|
77
|
+
This will push from your secrets file to vault. For environment see `Read`
|
|
66
78
|
|
|
67
79
|
## Development
|
|
68
80
|
|
data/lib/secrets_cli/version.rb
CHANGED
data/secrets_cli.gemspec
CHANGED
|
@@ -31,6 +31,7 @@ Gem::Specification.new do |spec|
|
|
|
31
31
|
spec.add_development_dependency 'rspec'
|
|
32
32
|
spec.add_development_dependency 'pry'
|
|
33
33
|
|
|
34
|
+
spec.add_runtime_dependency 'commander'
|
|
34
35
|
spec.add_runtime_dependency 'tty', '~> 0.4.0'
|
|
35
36
|
spec.add_runtime_dependency 'vault-binaries'
|
|
36
37
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secrets_cli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stjepan Hadjic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-02-
|
|
11
|
+
date: 2016-02-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -66,6 +66,20 @@ dependencies:
|
|
|
66
66
|
- - ">="
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '0'
|
|
69
|
+
- !ruby/object:Gem::Dependency
|
|
70
|
+
name: commander
|
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
|
72
|
+
requirements:
|
|
73
|
+
- - ">="
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: '0'
|
|
76
|
+
type: :runtime
|
|
77
|
+
prerelease: false
|
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - ">="
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '0'
|
|
69
83
|
- !ruby/object:Gem::Dependency
|
|
70
84
|
name: tty
|
|
71
85
|
requirement: !ruby/object:Gem::Requirement
|