secrets_cli 1.7.0 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +5 -3
- data/lib/secrets_cli/check/secrets.rb +8 -2
- data/lib/secrets_cli/vault/pull.rb +1 -1
- data/lib/secrets_cli/vault/push.rb +1 -1
- data/lib/secrets_cli/vault/read.rb +1 -1
- data/lib/secrets_cli/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 5f4e5fa55b2abbfd5be5a5f3da7c5a9a4a8679ff50b3023a04c70e15e0f93326
|
|
4
|
+
data.tar.gz: '097bf36c06562f0f36115316629741c5106882d66e265890ebfffdce57bed132'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4c09fe3b51acae59593df39c2d984226e01608071fcf3777aa4371b2981b21b8f2f176e9d0f8a04705b624113e99bd6af3f4b596cdc54e894c699c9441567bde
|
|
7
|
+
data.tar.gz: 39ee66eaef512340eacd536a52dcb908311d44cb1effd9b8b6f12abef51dccf665ac047232965cd0442f0a2f3085d30a7740bd587da7cc4d73c3bea47069acca
|
data/README.md
CHANGED
|
@@ -32,10 +32,12 @@ For `vault` itself:
|
|
|
32
32
|
|
|
33
33
|
For `secrets_cli`:
|
|
34
34
|
|
|
35
|
-
VAULT_AUTH_METHOD - this is auth method ('github', 'token'
|
|
35
|
+
VAULT_AUTH_METHOD - this is auth method ('github', 'token', 'app_id' and 'approle' supported for now)
|
|
36
36
|
VAULT_AUTH_TOKEN - this is vault auth token
|
|
37
|
-
VAULT_AUTH_APP_ID - machine app_id
|
|
38
|
-
VAULT_AUTH_USER_ID - machine user_id which matches app_id
|
|
37
|
+
VAULT_AUTH_APP_ID - machine app_id (for app_id auth)
|
|
38
|
+
VAULT_AUTH_USER_ID - machine user_id which matches app_id (for app_id auth)
|
|
39
|
+
VAULT_AUTH_ROLE_id - machine role_id (for approle auth)
|
|
40
|
+
VAULT_AUTH_SECRET_ID - machine secret_id which matches role_id (for approle auth)
|
|
39
41
|
|
|
40
42
|
For github token you only need `read:org` permissions.
|
|
41
43
|
|
|
@@ -3,15 +3,17 @@ module SecretsCli
|
|
|
3
3
|
class Secrets
|
|
4
4
|
include SecretsCli::Helpers
|
|
5
5
|
|
|
6
|
+
attr_reader :action
|
|
6
7
|
attr_reader :options
|
|
7
8
|
|
|
8
|
-
def initialize(options)
|
|
9
|
+
def initialize(action, options)
|
|
10
|
+
@action = action
|
|
9
11
|
@options = options
|
|
10
12
|
end
|
|
11
13
|
|
|
12
14
|
def call
|
|
13
15
|
error! 'Missing .secrets' unless File.exist?('.secrets')
|
|
14
|
-
error! 'Missing secrets_file' if missing_secret_file?
|
|
16
|
+
error! 'Missing secrets_file' if require_secrets_file? && missing_secret_file?
|
|
15
17
|
error! 'Missing secrets_storage_key' if missing_secret_storage_key?
|
|
16
18
|
end
|
|
17
19
|
|
|
@@ -21,6 +23,10 @@ module SecretsCli
|
|
|
21
23
|
options.secrets_file.nil? && config.secrets_file.nil?
|
|
22
24
|
end
|
|
23
25
|
|
|
26
|
+
def require_secrets_file?
|
|
27
|
+
action != :read
|
|
28
|
+
end
|
|
29
|
+
|
|
24
30
|
def missing_secret_storage_key?
|
|
25
31
|
options.secrets_storage_key && config.secrets_storage_key.nil?
|
|
26
32
|
end
|
|
@@ -5,7 +5,7 @@ module SecretsCli
|
|
|
5
5
|
|
|
6
6
|
def initialize(options)
|
|
7
7
|
super
|
|
8
|
-
SecretsCli::Check::Secrets.new(options).call
|
|
8
|
+
SecretsCli::Check::Secrets.new(:pull, options).call
|
|
9
9
|
@secrets_file = options.secrets_file || config.secrets_file
|
|
10
10
|
@secrets_dir = options.secrets_dir || '.'
|
|
11
11
|
end
|
|
@@ -5,7 +5,7 @@ module SecretsCli
|
|
|
5
5
|
|
|
6
6
|
def initialize(options)
|
|
7
7
|
super
|
|
8
|
-
SecretsCli::Check::Secrets.new(options).call
|
|
8
|
+
SecretsCli::Check::Secrets.new(:push, options).call
|
|
9
9
|
@secrets_storage_key = options.secrets_storage_key || config.secrets_storage_key
|
|
10
10
|
@secrets_file = options.secrets_file || config.secrets_file
|
|
11
11
|
@secrets = File.read(secrets_file)
|
|
@@ -4,7 +4,7 @@ module SecretsCli
|
|
|
4
4
|
def initialize(options)
|
|
5
5
|
super
|
|
6
6
|
options.default(verbose: !options.ci_mode)
|
|
7
|
-
SecretsCli::Check::Secrets.new(options).call
|
|
7
|
+
SecretsCli::Check::Secrets.new(:read, options).call
|
|
8
8
|
@secrets_storage_key = options.secrets_storage_key || config.secrets_storage_key
|
|
9
9
|
end
|
|
10
10
|
|
data/lib/secrets_cli/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secrets_cli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stjepan Hadjic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-01-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -176,7 +176,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
176
176
|
version: '0'
|
|
177
177
|
requirements: []
|
|
178
178
|
rubyforge_project:
|
|
179
|
-
rubygems_version: 2.
|
|
179
|
+
rubygems_version: 2.7.3
|
|
180
180
|
signing_key:
|
|
181
181
|
specification_version: 4
|
|
182
182
|
summary: This is a CLI for easier use of https://www.vaultproject.io/
|