shippy 0.2.4 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/shippy/cli/main.rb +3 -0
- data/lib/shippy/cli/secrets.rb +11 -0
- data/lib/shippy/cli/templates/config/secrets.yml.enc +0 -0
- data/lib/shippy/cli/templates/config/shippy.yml +1 -1
- data/lib/shippy/cli.rb +1 -0
- data/lib/shippy/config.rb +1 -1
- data/lib/shippy/secrets.rb +1 -1
- data/lib/shippy/secrets_manager.rb +74 -0
- data/lib/shippy/version.rb +1 -1
- data/lib/shippy.rb +1 -0
- metadata +4 -2
- data/lib/shippy/cli/templates/config/secrets.yml +0 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2c8514e699c44724105cd11bc6b9034e7fe36c992403642bba781a16e7c74aac
|
|
4
|
+
data.tar.gz: 5356c87f5316dff2637f5f78a0271a8fdcce4a41bfbd6fb128e3aca654087452
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e25771e02e107140eebaf7f8f0f90c66974040d3ebdb0258e819da8a508060d9e297d37e2e2b2e9a4d355f2f4f5491963aa7bd5440c45ca6751170d241fafc72
|
|
7
|
+
data.tar.gz: ea3feb9af3d644ef5e82149d09da0479cb46f010e07cdb1422dd73a58d90afac106c0db47f3b7e59b5732dc310b8876491848263c0b228fdbb4b1866d71689f2
|
data/lib/shippy/cli/main.rb
CHANGED
|
File without changes
|
data/lib/shippy/cli.rb
CHANGED
data/lib/shippy/config.rb
CHANGED
data/lib/shippy/secrets.rb
CHANGED
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
require "active_support"
|
|
2
|
+
require "active_support/encrypted_configuration"
|
|
3
|
+
require "tempfile"
|
|
4
|
+
require "fileutils"
|
|
5
|
+
|
|
6
|
+
module Shippy
|
|
7
|
+
class SecretsManager
|
|
8
|
+
attr_reader :content_path, :key_path, :output
|
|
9
|
+
|
|
10
|
+
def initialize(
|
|
11
|
+
content_path: "config/secrets.yml.enc",
|
|
12
|
+
key_path: "config/master.key",
|
|
13
|
+
env_key: "SHIPPY_MASTER_KEY",
|
|
14
|
+
output: $stdout
|
|
15
|
+
)
|
|
16
|
+
@content_path = content_path
|
|
17
|
+
@key_path = key_path
|
|
18
|
+
@env_key = env_key
|
|
19
|
+
@output = output
|
|
20
|
+
|
|
21
|
+
@config = ActiveSupport::EncryptedConfiguration.new(
|
|
22
|
+
config_path: @content_path,
|
|
23
|
+
key_path: @key_path,
|
|
24
|
+
env_key: @env_key,
|
|
25
|
+
raise_if_missing_key: true
|
|
26
|
+
)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def edit
|
|
30
|
+
ensure_key_exists!
|
|
31
|
+
|
|
32
|
+
original_content = if File.exist?(content_path)
|
|
33
|
+
@config.read
|
|
34
|
+
else
|
|
35
|
+
"# Add your secrets here. They will be encrypted on save.\n" \
|
|
36
|
+
"# keys: values\n"
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
Tempfile.create(["secrets", ".yml"]) do |tmp_file|
|
|
40
|
+
tmp_file.write(original_content)
|
|
41
|
+
tmp_file.close
|
|
42
|
+
|
|
43
|
+
editor = ENV["EDITOR"] || "vim"
|
|
44
|
+
system("#{editor} #{tmp_file.path}")
|
|
45
|
+
|
|
46
|
+
new_content = File.read(tmp_file.path)
|
|
47
|
+
|
|
48
|
+
if new_content != original_content
|
|
49
|
+
@config.write(new_content)
|
|
50
|
+
output.puts "✅ Secrets updated and encrypted to #{content_path}"
|
|
51
|
+
else
|
|
52
|
+
output.puts "⚠️ No changes detected."
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
rescue ActiveSupport::EncryptedFile::MissingKeyError
|
|
56
|
+
output.puts "❌ Error: Missing '#{key_path}'. Run 'setup' first to generate a key."
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def read
|
|
60
|
+
YAML.safe_load(@config.read, symbolize_names: true).to_h
|
|
61
|
+
rescue Errno::ENOENT
|
|
62
|
+
{}
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def ensure_key_exists!
|
|
66
|
+
return if File.exist?(key_path)
|
|
67
|
+
|
|
68
|
+
output.puts "Generating new master key at #{key_path}..."
|
|
69
|
+
FileUtils.mkdir_p(File.dirname(key_path))
|
|
70
|
+
File.write(key_path, ActiveSupport::EncryptedConfiguration.generate_key)
|
|
71
|
+
output.puts "⚠️ IMPORTANT: Add #{key_path} to your .gitignore!"
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
data/lib/shippy/version.rb
CHANGED
data/lib/shippy.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shippy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marius Bobin
|
|
@@ -164,11 +164,12 @@ files:
|
|
|
164
164
|
- lib/shippy/cli/init.rb
|
|
165
165
|
- lib/shippy/cli/main.rb
|
|
166
166
|
- lib/shippy/cli/prune.rb
|
|
167
|
+
- lib/shippy/cli/secrets.rb
|
|
167
168
|
- lib/shippy/cli/server.rb
|
|
168
169
|
- lib/shippy/cli/templates/apps/proxy/docker-compose.rb
|
|
169
170
|
- lib/shippy/cli/templates/apps/proxy/traefik/config.yml.erb
|
|
170
171
|
- lib/shippy/cli/templates/apps/proxy/traefik/dynamic_config.yml
|
|
171
|
-
- lib/shippy/cli/templates/config/secrets.yml
|
|
172
|
+
- lib/shippy/cli/templates/config/secrets.yml.enc
|
|
172
173
|
- lib/shippy/cli/templates/config/shippy.yml
|
|
173
174
|
- lib/shippy/commander.rb
|
|
174
175
|
- lib/shippy/compiler.rb
|
|
@@ -176,6 +177,7 @@ files:
|
|
|
176
177
|
- lib/shippy/config.rb
|
|
177
178
|
- lib/shippy/repo.rb
|
|
178
179
|
- lib/shippy/secrets.rb
|
|
180
|
+
- lib/shippy/secrets_manager.rb
|
|
179
181
|
- lib/shippy/service.rb
|
|
180
182
|
- lib/shippy/version.rb
|
|
181
183
|
homepage: https://mbobin.me/shippy
|