secvault 2.0.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +57 -0
  3. data/README.md +39 -12
  4. data/lib/secvault/rails_secrets.rb +20 -22
  5. data/lib/secvault/railtie.rb +2 -10
  6. data/lib/secvault/version.rb +1 -1
  7. data/lib/secvault.rb +6 -5
  8. data/secvault-2.0.0.gem +0 -0
  9. metadata +2 -2
  10. data/lib/secvault/tasks.rake +0 -75
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 99d7d1404f42246f62cbc8349ab689b43e8f24fa0ea52dd0e10910dee9615dcc
4
- data.tar.gz: 4453d7ebce5a81e9e5fe0ed1dcd0df410a442ff669dd8dde02c15c3db3209a2e
3
+ metadata.gz: 243d63e08d1e0efc90840322ebe46d547a6733829e4cde6f009dcaee457fb141
4
+ data.tar.gz: 0c927adb97f3fdfa9e4680d59825b50b2741b11cb8131c1e61b0eca42dec75fb
5
5
  SHA512:
6
- metadata.gz: c11facd4f7abd26f8ecc9bbccabf0ede865210e220a944aee8e4640cd7851237db2c3bebeba2bc9ddee96a5fe52fa70c324f9b3f5aee4e9a09378ebf2703c91a
7
- data.tar.gz: f01237875bb61dac4a8e145adeb05c36813937f72a9d4af85c3ae6e5069c02e0df9efd4df7e1f30dee9263fc69543eb04ebbb2a6998b29a30fbced84702ada90
6
+ metadata.gz: 0abb15b103100f8205b1ec4c7890d51b9ad8d8c0f55d8d96e1f55b0e85b6d0ade146c382c32e187bfb2c952d02a3fc940ee33b9c6f9beabe598b7773e9cf9fa9
7
+ data.tar.gz: 12edf2aad07063edb1d4385bedcc8899d388eefef26499671cdddf2bc37c67bfeec39fc08729e09e19c63c04021f28642276f81354b1729a7e08940b5a47fcc9
data/CHANGELOG.md CHANGED
@@ -1,5 +1,62 @@
1
1
  ## [Unreleased]
2
2
 
3
+ ## [2.2.0] - 2025-09-22
4
+
5
+ ### Added
6
+
7
+ - **New simplified API**: `Rails::Secrets.load()` - cleaner method to load default config/secrets.yml
8
+ - **Enhanced README** with comprehensive examples for multiple files usage
9
+ - **Better documentation** showing how to parse custom files and multiple file merging
10
+ - **Backward compatibility aliases** - `parse_default` and `read` still work
11
+
12
+ ### Changed
13
+
14
+ - **Improved method naming**: `Rails::Secrets.load()` is now the preferred method over `parse_default()`
15
+ - **Enhanced documentation** in code with clear examples for single file, multiple files, and custom paths
16
+ - **Better README examples** showing advanced usage patterns
17
+
18
+ ### Examples Added
19
+
20
+ - Multiple secrets files merging: `Rails::Secrets.parse(['secrets.yml', 'secrets.local.yml'], env: Rails.env)`
21
+ - Environment-specific loading: `Rails::Secrets.load(env: 'production')`
22
+ - Custom file parsing: `Rails::Secrets.parse(['config/custom.yml'], env: Rails.env)`
23
+ - Multiple path support: `Rails::Secrets.parse([Rails.root.join('config', 'secrets.yml')], env: Rails.env)`
24
+
25
+ ### Backward Compatibility
26
+
27
+ - ✅ All existing methods still work
28
+ - ✅ `parse_default` → `load` (alias maintained)
29
+ - ✅ `read` → `load` (alias maintained)
30
+ - ✅ No breaking changes
31
+
32
+ ## [2.1.0] - 2025-09-22
33
+
34
+ ### Removed
35
+
36
+ - **Removed all rake tasks** - Ultimate simplicity! No more `rake secvault:setup`, `rake secvault:edit`, or `rake secvault:show`
37
+ - Removed `lib/secvault/tasks.rake` file entirely
38
+ - Removed rake task loading from railtie
39
+
40
+ ### Changed
41
+
42
+ - **Ultra-simple setup**: Just create `config/secrets.yml` with any text editor
43
+ - Updated README to reflect manual file creation instead of rake tasks
44
+ - Updated module documentation to show simple 3-step process
45
+ - Cleaner railtie without task loading complexity
46
+
47
+ ### Benefits
48
+
49
+ - **Zero dependencies on rake tasks** - works with just plain YAML files
50
+ - **Even simpler** - no commands to remember, just edit YAML files
51
+ - **More intuitive** - developers already know how to create and edit YAML files
52
+ - **Less code** - removed unnecessary complexity
53
+
54
+ ### Tested
55
+
56
+ - ✅ Rails 7.1 integration works perfectly
57
+ - ✅ Rails 8.0 automatic setup works perfectly
58
+ - ✅ No rake task conflicts or errors
59
+
3
60
  ## [2.0.0] - 2025-09-22
4
61
 
5
62
  ### BREAKING CHANGES
data/README.md CHANGED
@@ -21,11 +21,11 @@ bundle install
21
21
  ## Quick Start (Rails 7.2+)
22
22
 
23
23
  ```bash
24
- # 1. Create secrets.yml with rake task
25
- rake secvault:setup
24
+ # 1. Create secrets.yml
25
+ touch config/secrets.yml
26
26
 
27
- # 2. Edit secrets
28
- rake secvault:edit
27
+ # 2. Edit with your favorite editor
28
+ $EDITOR config/secrets.yml
29
29
  ```
30
30
 
31
31
  **Usage in your app:**
@@ -51,6 +51,39 @@ production:
51
51
  api_key: <%= ENV['API_KEY'] %>
52
52
  ```
53
53
 
54
+ ## Advanced Usage
55
+
56
+ **Multiple secrets files (merged in order):**
57
+ ```ruby
58
+ # Parse multiple files - later files override earlier ones
59
+ secrets = Rails::Secrets.parse([
60
+ 'config/secrets.yml',
61
+ 'config/secrets.local.yml',
62
+ 'config/secrets.production.yml'
63
+ ], env: Rails.env)
64
+ ```
65
+
66
+ **Load specific environment:**
67
+ ```ruby
68
+ # Load production secrets in any environment
69
+ production_secrets = Rails::Secrets.load(env: 'production')
70
+
71
+ # Load development secrets
72
+ dev_secrets = Rails::Secrets.load(env: 'development')
73
+ ```
74
+
75
+ **Custom files:**
76
+ ```ruby
77
+ # Parse a custom secrets file
78
+ custom_secrets = Rails::Secrets.parse(['config/custom.yml'], env: Rails.env)
79
+
80
+ # Parse from different paths
81
+ all_secrets = Rails::Secrets.parse([
82
+ Rails.root.join('config', 'secrets.yml'),
83
+ Rails.root.join('config', 'deploy', 'secrets.yml')
84
+ ], env: Rails.env)
85
+ ```
86
+
54
87
  ## Rails 7.1 Integration
55
88
 
56
89
  Test Secvault in Rails 7.1 before upgrading to 7.2+:
@@ -65,16 +98,10 @@ This replaces Rails.application.secrets with Secvault functionality. Your existi
65
98
  ```ruby
66
99
  Rails.application.secrets.api_key # ✅ Works
67
100
  Rails.application.secrets.oauth_settings # ✅ Works
68
- Rails::Secrets.parse_default # ✅ Enhanced functionality
101
+ Rails::Secrets.load # ✅ Load default config/secrets.yml
102
+ Rails::Secrets.parse(['custom.yml'], env: Rails.env) # ✅ Parse custom files
69
103
  ```
70
104
 
71
- ## Available Commands
72
-
73
- ```bash
74
- rake secvault:setup # Create plain secrets.yml file
75
- rake secvault:edit # Edit secrets.yml file
76
- rake secvault:show # Display secrets.yml content
77
- ```
78
105
 
79
106
  ## Security
80
107
 
data/lib/secvault/rails_secrets.rb CHANGED
@@ -7,43 +7,41 @@ module Secvault
7
7
  module RailsSecrets
8
8
  extend self
9
9
 
10
- # Classic Rails::Secrets.parse method
10
+ # Parse secrets from one or more YAML files
11
11
  #
12
- # Parses secrets files with support for:
13
- # - ERB templating
12
+ # Supports:
13
+ # - ERB templating for environment variables
14
14
  # - Shared sections that apply to all environments
15
15
  # - Environment-specific sections
16
+ # - Multiple files (merged in order)
16
17
  # - Deep symbolized keys
17
18
  #
18
- # Example usage:
19
- # Rails::Secrets.parse([Pathname.new('config/secrets.yml')], env: 'development')
20
- #
21
- # Example secrets.yml structure:
22
- # shared:
23
- # common_key: shared_value
19
+ # Examples:
20
+ # # Single file
21
+ # Rails::Secrets.parse(['config/secrets.yml'], env: 'development')
24
22
  #
25
- # development:
26
- # secret_key_base: dev_secret
27
- # api_key: dev_api_key
23
+ # # Multiple files (merged in order)
24
+ # Rails::Secrets.parse([
25
+ # 'config/secrets.yml',
26
+ # 'config/secrets.local.yml'
27
+ # ], env: 'development')
28
28
  #
29
- # production:
30
- # secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
31
- # api_key: <%= ENV["API_KEY"] %>
32
- #
29
+ # # Load default config/secrets.yml
30
+ # Rails::Secrets.load # uses current Rails.env
31
+ # Rails::Secrets.load(env: 'production')
33
32
  def parse(paths, env:)
34
33
  Secvault::Secrets.parse(paths, env: env.to_s)
35
34
  end
36
35
 
37
- # Convenience method to parse the default secrets file
38
- def parse_default(env: Rails.env)
36
+ # Load secrets from the default config/secrets.yml file
37
+ def load(env: Rails.env)
39
38
  secrets_path = Rails.root.join("config/secrets.yml")
40
39
  parse([secrets_path], env: env)
41
40
  end
42
41
 
43
- # Read and parse secrets for the current Rails environment
44
- def read(env: Rails.env)
45
- parse_default(env: env)
46
- end
42
+ # Backward compatibility aliases (deprecated)
43
+ alias_method :parse_default, :load
44
+ alias_method :read, :load
47
45
  end
48
46
  end
49
47
 
data/lib/secvault/railtie.rb CHANGED
@@ -13,18 +13,17 @@ module Secvault
13
13
  # Ensure initialization happens early in all environments
14
14
  config.before_configuration do |app|
15
15
  secrets_path = app.root.join("config/secrets.yml")
16
- key_path = app.root.join("config/secrets.yml.key")
17
16
 
18
17
  if secrets_path.exist? && !Rails.application.respond_to?(:secrets)
19
18
  # Early initialization for test environment compatibility
20
19
  current_env = ENV['RAILS_ENV'] || 'development'
21
- secrets = Secvault::Secrets.read_secrets(secrets_path, key_path, current_env)
20
+ secrets = Secvault::Secrets.read_secrets(secrets_path, current_env)
22
21
 
23
22
  if secrets
24
23
  Rails.application.define_singleton_method(:secrets) do
25
24
  @secrets ||= begin
26
25
  current_secrets = ActiveSupport::OrderedOptions.new
27
- env_secrets = Secvault::Secrets.read_secrets(secrets_path, key_path, Rails.env)
26
+ env_secrets = Secvault::Secrets.read_secrets(secrets_path, Rails.env)
28
27
  current_secrets.merge!(env_secrets) if env_secrets
29
28
  current_secrets
30
29
  end
@@ -33,12 +32,5 @@ module Secvault
33
32
  end
34
33
  end
35
34
 
36
- generators do
37
- require "secvault/generators/secrets_generator"
38
- end
39
-
40
- rake_tasks do
41
- load "secvault/tasks.rake"
42
- end
43
35
  end
44
36
  end
data/lib/secvault/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Secvault
4
- VERSION = "2.0.0"
4
+ VERSION = "2.2.0"
5
5
  end
data/lib/secvault.rb CHANGED
@@ -44,12 +44,13 @@ loader.setup
44
44
  # ## Usage:
45
45
  # Rails.application.secrets.api_key
46
46
  # Rails.application.secrets.oauth_settings[:google_client_id]
47
- # Rails::Secrets.parse_default(env: 'development')
47
+ # Rails::Secrets.load(env: 'development') # Load default config/secrets.yml
48
+ # Rails::Secrets.parse(['custom.yml'], env: Rails.env) # Parse custom files
48
49
  #
49
- # ## Rake Tasks:
50
- # rake secvault:setup # Create plain secrets.yml file
51
- # rake secvault:edit # Edit secrets.yml file
52
- # rake secvault:show # Display secrets.yml content
50
+ # ## Getting Started:
51
+ # 1. Create config/secrets.yml with your secrets
52
+ # 2. Use Rails.application.secrets.your_secret in your app
53
+ # 3. For production, use environment variables with ERB syntax
53
54
  #
54
55
  # @see https://github.com/unnitallman/secvault
55
56
  module Secvault
data/secvault-2.0.0.gem ADDED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secvault
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Unnikrishnan KP
@@ -60,8 +60,8 @@ files:
60
60
  - lib/secvault/railtie.rb
61
61
  - lib/secvault/secrets.rb
62
62
  - lib/secvault/secrets_helper.rb
63
- - lib/secvault/tasks.rake
64
63
  - lib/secvault/version.rb
64
+ - secvault-2.0.0.gem
65
65
  - sig/secvault.rbs
66
66
  homepage: https://github.com/unnitallman/secvault
67
67
  licenses:
data/lib/secvault/tasks.rake DELETED
@@ -1,75 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "securerandom"
4
-
5
- namespace :secvault do
6
- desc "Create a plain YAML secrets.yml file"
7
- task setup: :environment do
8
- secrets_path = Rails.root.join("config/secrets.yml")
9
-
10
- if secrets_path.exist?
11
- puts "Secrets file already exists at #{secrets_path}"
12
- else
13
- default_content = <<~YAML
14
- # Plain YAML secrets file
15
- # Environment-specific secrets for your Rails application
16
- #
17
- # For production, use environment variables with ERB syntax:
18
- # production:
19
- # api_key: <%= ENV['API_KEY'] %>
20
-
21
- development:
22
- secret_key_base: #{SecureRandom.hex(64)}
23
- # Add your development secrets here
24
- # api_key: dev_key
25
- # database_password: dev_password
26
-
27
- test:
28
- secret_key_base: #{SecureRandom.hex(64)}
29
- # Add your test secrets here
30
- # api_key: test_key
31
-
32
- production:
33
- secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
34
- # Use environment variables for production secrets
35
- # api_key: <%= ENV["API_KEY"] %>
36
- # database_password: <%= ENV["DATABASE_PASSWORD"] %>
37
- YAML
38
-
39
- File.write(secrets_path, default_content)
40
- puts "✅ Created plain secrets.yml file at #{secrets_path}"
41
- puts "⚠️ Remember to add production secrets as environment variables"
42
- puts "⚠️ Never commit production secrets to version control"
43
- end
44
- end
45
-
46
- desc "Edit the plain YAML secrets.yml file"
47
- task edit: :environment do
48
- secrets_path = Rails.root.join("config/secrets.yml")
49
-
50
- unless secrets_path.exist?
51
- puts "Secrets file doesn't exist. Run 'rake secvault:setup' first."
52
- exit 1
53
- end
54
-
55
- # Open the plain YAML file in editor
56
- editor = ENV["EDITOR"] || "vi"
57
- system("#{editor} #{secrets_path}")
58
- puts "📝 Updated #{secrets_path}"
59
- end
60
-
61
- desc "Show the plain YAML secrets.yml content"
62
- task show: :environment do
63
- secrets_path = Rails.root.join("config/secrets.yml")
64
-
65
- unless secrets_path.exist?
66
- puts "Secrets file doesn't exist. Run 'rake secvault:setup' first."
67
- exit 1
68
- end
69
-
70
- puts "📄 Contents of #{secrets_path}:"
71
- puts "#{'=' * 50}"
72
- puts File.read(secrets_path)
73
- puts "#{'=' * 50}"
74
- end
75
- end