sidekiq-encrypted_args 1.1.0 → 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGE_LOG.md +31 -12
- data/README.md +28 -1
- data/VERSION +1 -1
- data/lib/sidekiq/encrypted_args/client_middleware.rb +1 -1
- data/lib/sidekiq/encrypted_args.rb +9 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0fdd24a7aeee28447ee34b8bddaa462a967a4d01ded3b9e0fc1c3561310c9a0a
|
|
4
|
+
data.tar.gz: 42e1f30f93d6c1c9c71e25b9ef46ea1334d89a09746f4cb75f6facf38c0943be
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c6c1409dac2ed256f73c5f18d303adaba6e28fec7114b97ea943d16e1aaa34cb3107233c0cce4ab372b085430c7c4b4b2efbc555b123f13aef72bd2691d44170
|
|
7
|
+
data.tar.gz: 765dea1c7d85313a4ef7451f1ce5293ee7a8cfab53304037ff1f4f4d056831fb7250e3478e87bce8e92023c03cca4788f1276e923830d6343e7edc9e1574ab52
|
data/CHANGE_LOG.md
CHANGED
|
@@ -1,24 +1,43 @@
|
|
|
1
|
-
#
|
|
1
|
+
# Changelog
|
|
2
|
+
All notable changes to this project will be documented in this file.
|
|
3
|
+
|
|
4
|
+
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
5
|
+
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
6
|
+
|
|
7
|
+
## 1.1.1
|
|
8
|
+
|
|
9
|
+
### Fixed
|
|
10
|
+
- Client middleware will no longer encrypt already encrypted arguments when a job is retried.
|
|
2
11
|
|
|
3
12
|
## 1.1.0
|
|
4
13
|
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
14
|
+
### Added
|
|
15
|
+
- Use `to_json` if it is defined when serializing encrypted args to JSON.
|
|
16
|
+
- Add client middleware to the server default configuration. This ensures that arguments will be encrypted if a worker enqueues a job with encrypted arguments.
|
|
17
|
+
- Client middleware now reads sidekiq options from the job hash instead of from the worker class so that the list of encrypted arguments is always in sync on the job payload.
|
|
18
|
+
- Added additional option to specify encrypted args with array of argument indexes.
|
|
19
|
+
|
|
20
|
+
### Changed
|
|
21
|
+
- Client middleware is now prepended while server middleware is appended.
|
|
22
|
+
|
|
23
|
+
### Fixed
|
|
24
|
+
- Don't raise error if undefined class name is passed to client middleware as a string.
|
|
25
|
+
|
|
26
|
+
### Deprecated
|
|
27
|
+
- Deprecated setting encrypted args as hash or array of booleans.
|
|
12
28
|
|
|
13
29
|
## 1.0.2
|
|
14
30
|
|
|
15
|
-
|
|
31
|
+
### Changed
|
|
32
|
+
- Remove overly noisy log warning when running without the secret set
|
|
16
33
|
|
|
17
34
|
## 1.0.1
|
|
18
35
|
|
|
19
|
-
|
|
20
|
-
|
|
36
|
+
### Added
|
|
37
|
+
|
|
38
|
+
### Fixed
|
|
39
|
+
- Added support for scheduled jobs
|
|
21
40
|
|
|
22
41
|
## 1.0.0
|
|
23
42
|
|
|
24
|
-
|
|
43
|
+
- Initial release
|
data/README.md
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
# Sidekiq Encrypted Args
|
|
2
2
|
|
|
3
3
|
[](https://github.com/bdurand/sidekiq-encrypted_args/actions?query=workflow%3A%22Continuous+Integration%22)
|
|
4
|
-
[](https://codeclimate.com/github/bdurand/sidekiq-encrypted_args/maintainability)
|
|
5
4
|
[](https://github.com/testdouble/standard)
|
|
6
5
|
|
|
7
6
|
Support for encrypting arguments for [Sidekiq](https://github.com/mperham/sidekiq).
|
|
@@ -106,3 +105,31 @@ You can also safely add encryption to an existing worker. Any jobs that are alre
|
|
|
106
105
|
## Encryption
|
|
107
106
|
|
|
108
107
|
Encrypted arguments are stored using AES-256-GCM with a key derived from your secret using PBKDF2. For more info on the underlying encryption, refer to the [SecretKeys](https://github.com/bdurand/secret_keys) gem.
|
|
108
|
+
|
|
109
|
+
## Installation
|
|
110
|
+
|
|
111
|
+
Add this line to your application's Gemfile:
|
|
112
|
+
|
|
113
|
+
```ruby
|
|
114
|
+
gem "sidekiq-encrypted_args"
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
And then execute:
|
|
118
|
+
```bash
|
|
119
|
+
$ bundle
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
Or install it yourself as:
|
|
123
|
+
```bash
|
|
124
|
+
$ gem install sidekiq-encrypted_args
|
|
125
|
+
```
|
|
126
|
+
|
|
127
|
+
## Contributing
|
|
128
|
+
|
|
129
|
+
Open a pull request on GitHub.
|
|
130
|
+
|
|
131
|
+
Please use the [standardrb](https://github.com/testdouble/standard) syntax and lint your code with `standardrb --fix` before submitting.
|
|
132
|
+
|
|
133
|
+
## License
|
|
134
|
+
|
|
135
|
+
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.1.
|
|
1
|
+
1.1.1
|
|
@@ -28,7 +28,7 @@ module Sidekiq
|
|
|
28
28
|
if encrypted_args
|
|
29
29
|
job_args = job["args"]
|
|
30
30
|
job_args.each_with_index do |value, position|
|
|
31
|
-
if encrypted_args.include?(position)
|
|
31
|
+
if encrypted_args.include?(position) && !EncryptedArgs.encrypted?(value)
|
|
32
32
|
job_args[position] = EncryptedArgs.encrypt(value)
|
|
33
33
|
end
|
|
34
34
|
end
|
|
@@ -31,7 +31,7 @@ module Sidekiq
|
|
|
31
31
|
@encryptors = make_encryptors(value)
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
-
# Add the client and server middleware to the Sidekiq
|
|
34
|
+
# Add the client and server middleware to the default Sidekiq
|
|
35
35
|
# middleware chains. If you need to ensure the order of where the middleware is
|
|
36
36
|
# added, you can forgo this method and add it yourself.
|
|
37
37
|
#
|
|
@@ -64,6 +64,7 @@ module Sidekiq
|
|
|
64
64
|
# @return [String]
|
|
65
65
|
def encrypt(data)
|
|
66
66
|
return nil if data.nil?
|
|
67
|
+
|
|
67
68
|
json = (data.respond_to?(:to_json) ? data.to_json : JSON.generate(data))
|
|
68
69
|
encrypted = encrypt_string(json)
|
|
69
70
|
if encrypted == json
|
|
@@ -85,6 +86,13 @@ module Sidekiq
|
|
|
85
86
|
JSON.parse(json)
|
|
86
87
|
end
|
|
87
88
|
|
|
89
|
+
# Check if a value is encrypted.
|
|
90
|
+
#
|
|
91
|
+
# @return [Boolean]
|
|
92
|
+
def encrypted?(value)
|
|
93
|
+
SecretKeys::Encryptor.encrypted?(value)
|
|
94
|
+
end
|
|
95
|
+
|
|
88
96
|
# Private helper method to get the encrypted args option from an options hash. The value of this option
|
|
89
97
|
# can be `true` or an array indicating if each positional argument should be encrypted, or a hash
|
|
90
98
|
# with keys for the argument position and true as the value.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sidekiq-encrypted_args
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Durand
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2023-04-03 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: sidekiq
|
|
@@ -91,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
91
91
|
- !ruby/object:Gem::Version
|
|
92
92
|
version: '0'
|
|
93
93
|
requirements: []
|
|
94
|
-
rubygems_version: 3.
|
|
94
|
+
rubygems_version: 3.2.22
|
|
95
95
|
signing_key:
|
|
96
96
|
specification_version: 4
|
|
97
97
|
summary: Support for encrypting arguments that contain sensitive information in sidekiq
|