slosilo 3.0.0 → 3.0.2.pre.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 81d8f2c013b6f88d01bd7dd4c44b39c7cf0ffaa9385afca3e7ea826dae0855c8
-  data.tar.gz: acd627ef6ca45a404ce08c7bc680c8db7ea1ebdbe10d45b248ae09e59e804a02
+  metadata.gz: 1075a35a45e236bad68485de1ceb215799e5eb7172832edd6c8fff01b7e8fa2f
+  data.tar.gz: 9ae748a89c1daf20563290d7616f543e0c6ffc3f38bd4e934278f21b5f064d4f
 SHA512:
-  metadata.gz: '098a049570888513d10bf23edacfb8c566f605a08a9e918a2a06c15839d406b14696edaf76c49b84820d3c0fc1147b0f7f754c74fdad680a98f919d134cabcc7'
-  data.tar.gz: 6cef96001fcc2932c23e106c732d9e7722afd2f6a8af11e99a023a49aa005bdc8ff9f3fa4ce278644b753acfe0e50953e14cf86114e78877368b95107a1126c0
+  metadata.gz: 20f934fccce50a269d2f01a58bc50b2a4c2689a1db667eceaafd1f8be7a582d7af7b632057f27ceeb097fdea9bd4ab113edd7897b6312fa31425faa555819cda
+  data.tar.gz: 03e1d13e0c6ff3229365da59640440772eb8cb7114ca58c95def135eb41ec48a3919a84244238e2d6a2c9df32e66ab3d43bfb37e8bf40783a241561ca112c81d

data/.github/CODEOWNERS

@@ -1,10 +1,10 @@
-* @cyberark/conjur-core-team @conjurinc/conjur-core-team @conjurdemos/conjur-core-team
+* @cyberark/conjur-core-team @conjurinc/conjur-core-team @conjurdemos/conjur-core-team @conjur-enterprise/community-and-integrations
 
 # Changes to .trivyignore require Security Architect approval
-.trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
+.trivyignore @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects @conjur-enterprise/conjur-security
 
 # Changes to .codeclimate.yml require Quality Architect approval
-.codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects
+.codeclimate.yml @cyberark/quality-architects @conjurinc/quality-architects @conjurdemos/quality-architects @conjur-enterprise/conjur-quality
 
 # Changes to SECURITY.md require Security Architect approval
-SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects
+SECURITY.md @cyberark/security-architects @conjurinc/security-architects @conjurdemos/security-architects @conjur-enterprise/conjur-security

data/.gitignore

@@ -18,4 +18,4 @@ tmp
 .rvmrc
 .project
 .kateproject.d
-.idea
+.idea

data/CHANGELOG.md

@@ -1,20 +1,50 @@
-# v3.0.0
+# Changelog
+All notable changes to this project will be documented in this file.
 
-* Transition to Ruby 3. Consuming projects based on Ruby 2 shall use slosilo V2.X.X.
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
-# v2.2.2
+## [3.0.2] - 2023-11-14
 
-* Add rake task `slosilo:recalculate_fingerprints` which rehashes the fingerprints in the keystore.
+### Changed
+
+- Moved slosilo to Github Enterprise.
+- Updated to use Ruby 3+ and conjur-enterprise/release-tools' publish-rubygem.
+
+## [3.0.1] - 2023-02-10
+
+### Fixed
+
+- The symmetric cipher class now encrypts and decrypts in a thread-safe manner.
+   [cyberark/slosilo#31](https://github.com/cyberark/slosilo/pull/31)
+
+## [3.0.0] - 2022-02-01
+
+### Changed
+
+- Transition to Ruby 3. Consuming projects based on Ruby 2 shall use slosilo V2.X.X.
+
+## [2.2.2] - 2014-01-01
+
+## Added
+
+- Add rake task `slosilo:recalculate_fingerprints` which rehashes the fingerprints in the keystore.
 **Note**: After migrating the slosilo keystore, run the above rake task to ensure the fingerprints are correctly hashed.
 
-# v2.2.1
+## [2.2.1] - 2014-01-01
+
+### Changed
+
+- Use SHA256 algorithm instead of MD5 for public key fingerprints.
+
+## [2.1.1] - 2014-01-01
 
-* Use SHA256 algorithm instead of MD5 for public key fingerprints.
+### Added
 
-# v2.1.1
+- Add support for JWT-formatted tokens, with arbitrary expiration.
 
-* Add support for JWT-formatted tokens, with arbitrary expiration.
+## [2.0.1] - 2014-01-01
 
-# v2.0.1
+### Fixed
 
-* Fixes a bug that occurs when signing tokens containing Unicode data
+- Fixes a bug that occurs when signing tokens containing Unicode data

data/Jenkinsfile

@@ -1,7 +1,46 @@
 #!/usr/bin/env groovy
+@Library("product-pipelines-shared-library") _
+
+// Automated release, promotion and dependencies
+properties([
+  // Include the automated release parameters for the build
+  release.addParams(),
+  // Dependencies of the project that should trigger builds
+  dependencies([])
+])
+
+// Performs release promotion.  No other stages will be run
+if (params.MODE == "PROMOTE") {
+  release.promote(params.VERSION_TO_PROMOTE) { infrapool, sourceVersion, targetVersion, assetDirectory ->
+    // Any assets from sourceVersion Github release are available in assetDirectory
+    // Any version number updates from sourceVersion to targetVersion occur here
+    // Any publishing of targetVersion artifacts occur here
+    // Anything added to assetDirectory will be attached to the Github Release
+
+    //Note: assetDirectory is on the infrapool agent, not the local Jenkins agent.
+
+    // Publish container images to internal registry
+    //INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "summon --yaml 'RUBYGEMS_API_KEY: !var rubygems/api-key' ${toolsDirectory}/bin/publish-rubygem slosilo"
+
+    INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "./publish.sh"
+    
+    INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "cp slosilo*.gem ${assetDirectory}"
+  }
+  release.copyEnterpriseRelease(params.VERSION_TO_PROMOTE)
+  return
+}
 
 pipeline {
-  agent { label 'executor-v2' }
+  agent { label 'conjur-enterprise-common-agent' }
+
+  triggers {
+    cron(getDailyCronString())
+  }
+
+  environment {
+    // Sets the MODE to the specified or autocalculated value as appropriate
+    MODE = release.canonicalizeMode()
+  }
 
   options {
     timestamps()
@@ -9,52 +48,73 @@ pipeline {
   }
 
   stages {
+    stage('Get InfraPool Agent') {
+      steps {
+        script {
+          INFRAPOOL_EXECUTORV2_AGENT_0 = getInfraPoolAgent.connected(type: "ExecutorV2", quantity: 1, duration: 1)[0]
+          INFRAPOOL_EXECUTORV2_RHEL_EE_AGENT_0 = getInfraPoolAgent.connected(type: "ExecutorV2RHELEE", quantity: 1, duration: 1)[0]
+        }
+      }
+    }
+
+    // Generates a VERSION file based on the current build number and latest version in CHANGELOG.md
+    stage('Validate Changelog and set version') {
+      steps {
+        script {
+          updateVersion(INFRAPOOL_EXECUTORV2_AGENT_0, "CHANGELOG.md", "${BUILD_NUMBER}")
+          INFRAPOOL_EXECUTORV2_AGENT_0.agentStash name: 'version_file', includes: "VERSION"
+          INFRAPOOL_EXECUTORV2_RHEL_EE_AGENT_0.agentUnstash name: 'version_file'
+        }
+      }
+    }
+
     stage('Test') {
       parallel {
+        
         stage('Run tests on EE') {
-          agent { label 'executor-v2-rhel-ee' }
           steps {
-            sh './test.sh'
+            script {
+              INFRAPOOL_EXECUTORV2_RHEL_EE_AGENT_0.agentSh './test.sh'
+            }
           }
           post { always {
-            stash name: 'eeTestResults', includes: 'spec/reports/*.xml', allowEmpty:true
+            script {
+              INFRAPOOL_EXECUTORV2_RHEL_EE_AGENT_0.agentStash name: 'eeTestResults', includes: 'spec/reports/*.xml', allowEmpty:true
+            }
           }}
         }
 
         stage('Run tests') {
           steps {
-            sh './test.sh'
+            script {
+              INFRAPOOL_EXECUTORV2_AGENT_0.agentSh './test.sh'
+              INFRAPOOL_EXECUTORV2_AGENT_0.agentStash name: 'TestResults', includes: 'spec/coverage/*.xml', allowEmpty:true
+            }
           }
         }
+
       }
     }
 
-    stage('Publish to RubyGems') {
-      agent { label 'executor-v2' }
+    stage('Release') {
       when {
-        allOf {
-          branch 'master'
-          expression {
-            boolean publish = false
-
-            try {
-              timeout(time: 5, unit: 'MINUTES') {
-                input(message: 'Publish to RubyGems?')
-                publish = true
-              }
-            } catch (final ignore) {
-              publish = false
-            }
-
-            return publish
-          }
+        expression {
+          MODE == "RELEASE"
         }
       }
 
       steps {
-        checkout scm
-        sh './publish-rubygem.sh'
-        deleteDir()
+        script {
+          release(INFRAPOOL_EXECUTORV2_AGENT_0) { billOfMaterialsDirectory, assetDirectory, toolsDirectory ->
+            // Publish release artifacts to all the appropriate locations
+            // Copy any artifacts to assetDirectory to attach them to the Github release
+
+            // Publish container images to internal registry
+            INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "summon ${toolsDirectory}/bin/publish-rubygem slosilo"
+
+            INFRAPOOL_EXECUTORV2_AGENT_0.agentSh "cp slosilo*.gem ${assetDirectory}"
+          }
+        }
       }
     }
   }
@@ -64,12 +124,11 @@ pipeline {
       dir('ee-results'){
         unstash 'eeTestResults'
       }
+      unstash 'TestResults'
       junit 'spec/reports/*.xml, ee-results/spec/reports/*.xml'
       cobertura coberturaReportFile: 'spec/coverage/coverage.xml'
-      sh 'cp spec/coverage/coverage.xml cobertura.xml'
-      ccCoverage("cobertura", "github.com/cyberark/slosilo")
-
-      cleanupAndNotify(currentBuild.currentResult)
+      codacy action: 'reportCoverage', filePath: "spec/coverage/coverage.xml"
+      releaseInfraPoolAgent(".infrapool/release_agents")
     }
   }
 }

data/dev/Dockerfile.dev

@@ -0,0 +1,7 @@
+FROM ruby
+
+COPY ./ /src/
+
+WORKDIR /src
+
+RUN bundle

data/dev/docker-compose.yml

@@ -0,0 +1,8 @@
+version: '3'
+services:
+  dev:
+    build:
+      context: ..
+      dockerfile: dev/Dockerfile.dev
+    volumes:
+      - ../:/src

data/lib/slosilo/symmetric.rb

@@ -5,6 +5,7 @@ module Slosilo
 
     def initialize
       @cipher = OpenSSL::Cipher.new 'aes-256-gcm' # NB: has to be lower case for whatever reason.
+      @cipher_mutex = Mutex.new
     end
 
     # This lets us do a final sanity check in migrations from older encryption versions
@@ -13,14 +14,18 @@ module Slosilo
     end
 
     def encrypt plaintext, opts = {}
-      @cipher.reset
-      @cipher.encrypt
-      @cipher.key = (opts[:key] or raise("missing :key option"))
-      @cipher.iv = iv = random_iv
-      @cipher.auth_data = opts[:aad] || "" # Nothing good happens if you set this to nil, or don't set it at all
-      ctext = @cipher.update(plaintext) + @cipher.final
-      tag = @cipher.auth_tag(TAG_LENGTH)
-      "#{VERSION_MAGIC}#{tag}#{iv}#{ctext}"
+      # All of these operations in OpenSSL must occur atomically, so we
+      # synchronize their access to make this step thread-safe.
+      @cipher_mutex.synchronize do
+        @cipher.reset
+        @cipher.encrypt
+        @cipher.key = (opts[:key] or raise("missing :key option"))
+        @cipher.iv = iv = random_iv
+        @cipher.auth_data = opts[:aad] || "" # Nothing good happens if you set this to nil, or don't set it at all
+        ctext = @cipher.update(plaintext) + @cipher.final
+        tag = @cipher.auth_tag(TAG_LENGTH)
+        "#{VERSION_MAGIC}#{tag}#{iv}#{ctext}"
+      end
     end
 
     def decrypt ciphertext, opts = {}
@@ -28,19 +33,23 @@ module Slosilo
 
       raise "Invalid version magic: expected #{VERSION_MAGIC} but was #{version}" unless version == VERSION_MAGIC
 
-      @cipher.reset
-      @cipher.decrypt
-      @cipher.key = opts[:key]
-      @cipher.iv = iv
-      @cipher.auth_tag = tag
-      @cipher.auth_data = opts[:aad] || ""
-      @cipher.update(ctext) + @cipher.final
+      # All of these operations in OpenSSL must occur atomically, so we
+      # synchronize their access to make this step thread-safe.
+      @cipher_mutex.synchronize do
+        @cipher.reset
+        @cipher.decrypt
+        @cipher.key = opts[:key]
+        @cipher.iv = iv
+        @cipher.auth_tag = tag
+        @cipher.auth_data = opts[:aad] || ""
+        @cipher.update(ctext) + @cipher.final
+      end
     end
-    
+
     def random_iv
       @cipher.random_iv
     end
-    
+
     def random_key
       @cipher.random_key
     end

data/lib/slosilo/version.rb

@@ -1,3 +1,22 @@
+# Copyright 2013-2021 Conjur Inc.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 module Slosilo
-  VERSION = "3.0.0"
-end
+  VERSION = File.read(File.expand_path('../../VERSION', __dir__))
+end

data/publish.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+set -e
+
+summon --yaml "RUBYGEMS_API_KEY: !var rubygems/api-key" \
+  publish-rubygem slosilo

data/secrets.yml

@@ -0,0 +1 @@
+RUBYGEMS_API_KEY: !var rubygems/api-key

data/slosilo.gemspec

@@ -1,6 +1,7 @@
 # -*- encoding: utf-8 -*-
 begin
   require File.expand_path('../lib/slosilo/version', __FILE__)
+#  require File.expand_path('./lib/slosilo/version.rb', __FILE__)
 rescue LoadError
   # so that bundle can be run without the app code
   module Slosilo
@@ -13,7 +14,7 @@ Gem::Specification.new do |gem|
   gem.email         = ["divided.mind@gmail.com"]
   gem.description   = %q{This gem provides an easy way of storing and retrieving encryption keys in the database.}
   gem.summary       = %q{Store SSL keys in a database}
-  gem.homepage      = ""
+  gem.homepage      = "https://github.cyberng.com/Conjur-Enterprise/slosilo/"
   gem.license       = "MIT"
 
   gem.files         = `git ls-files`.split($\)
@@ -24,13 +25,15 @@ Gem::Specification.new do |gem|
   gem.version       = Slosilo::VERSION
   gem.required_ruby_version = '>= 3.0.0'
 
-  gem.add_development_dependency 'rake'
-  gem.add_development_dependency 'rspec', '~> 3.0'
-  gem.add_development_dependency 'ci_reporter_rspec'
-  gem.add_development_dependency 'simplecov'
-  gem.add_development_dependency 'simplecov-cobertura'
-  gem.add_development_dependency 'io-grab', '~> 0.0.1'
-  gem.add_development_dependency 'sequel' # for sequel tests
-  gem.add_development_dependency 'sqlite3' # for sequel tests
-  gem.add_development_dependency 'activesupport' # for convenience in specs
+  gem.add_development_dependency 'rake', '~> 13.0' 
+  gem.add_development_dependency 'rspec', '~> 3.0' ###
+  gem.add_development_dependency 'ci_reporter_rspec', '~> 1.0'
+  gem.add_development_dependency 'simplecov', '~> 0.22'
+  gem.add_development_dependency 'simplecov-cobertura', '~> 2.0'
+  gem.add_development_dependency 'io-grab', '~> 0.0.1' ###
+  gem.add_development_dependency 'sequel', '~> 5.0' # for sequel tests
+  gem.add_development_dependency 'sqlite3', '~> 1.6' # for sequel tests
+  gem.add_development_dependency 'bigdecimal', '~> 3.0' # for activesupport
+  gem.add_development_dependency 'activesupport', '~> 7.0' # for convenience in specs
 end
+

data/spec/symmetric_spec.rb

@@ -14,8 +14,29 @@ describe Slosilo::Symmetric do
       expect(subject.encrypt(plaintext, key: key, aad: auth_data)).to eq(ciphertext)
     end
   end
-  
+
   describe '#decrypt' do
+
+    it "doesn't fail when called by multiple threads" do
+      threads = []
+
+      begin
+        # Verify we can successfuly decrypt using many threads without OpenSSL
+        # errors.
+        1000.times do
+          threads << Thread.new do
+            100.times do
+              expect(
+                subject.decrypt(ciphertext, key: key, aad: auth_data)
+              ).to eq(plaintext)
+            end
+          end
+        end
+      ensure
+        threads.each(&:join)
+      end
+    end
+
     it "decrypts with AES-256-GCM" do
       expect(subject.decrypt(ciphertext, key: key, aad: auth_data)).to eq(plaintext)
     end
@@ -56,7 +77,7 @@ describe Slosilo::Symmetric do
       end
     end
   end
-  
+
   describe '#random_iv' do
     it "generates a random iv" do
       expect_any_instance_of(OpenSSL::Cipher).to receive(:random_iv).and_return :iv

data/test.sh

@@ -1,27 +1,8 @@
 #!/bin/bash -xe
 
-iid=slosilo-test-$(date +%s)
 
-docker build -t $iid -f - . << EOF
-  FROM ruby:3.0
-  WORKDIR /app
-  COPY Gemfile slosilo.gemspec ./
-  RUN bundle
-  COPY . ./
-  RUN bundle
-EOF
+echo "==> Docker Run"
+docker run --rm --volume $PWD:/app --workdir /app cyberark/ubuntu-ruby-builder bash -c 'git config --global --add safe.directory /app && bundle && ls -ltra && bundle exec rake jenkins' || :
 
-cidfile=$(mktemp -u)
-docker run --cidfile $cidfile -v /app/spec/reports $iid bundle exec rake jenkins || :
-
-cid=$(cat $cidfile)
-
-docker cp $cid:/app/spec/reports spec/
-docker cp $cid:/app/coverage spec
-
-docker rm $cid
-
-# untag, will use cache next time if available but no junk will be left
-docker rmi $iid
-
-rm $cidfile
+echo "==> CP Coverage to Spec"
+cp -r coverage spec

metadata

@@ -1,29 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: slosilo
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.0.2.pre.2
 platform: ruby
 authors:
 - Rafał Rzepecki
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-01 00:00:00.000000000 Z
+date: 2023-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -42,44 +42,44 @@ dependencies:
   name: ci_reporter_rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.22'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.22'
 - !ruby/object:Gem::Dependency
   name: simplecov-cobertura
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: io-grab
   requirement: !ruby/object:Gem::Requirement
@@ -98,44 +98,58 @@ dependencies:
   name: sequel
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: bigdecimal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '7.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '7.0'
 description: This gem provides an easy way of storing and retrieving encryption keys
   in the database.
 email:
@@ -144,7 +158,6 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".dockerignore"
 - ".github/CODEOWNERS"
 - ".gitignore"
 - ".gitleaks.toml"
@@ -157,6 +170,8 @@ files:
 - README.md
 - Rakefile
 - SECURITY.md
+- dev/Dockerfile.dev
+- dev/docker-compose.yml
 - lib/slosilo.rb
 - lib/slosilo/adapters/abstract_adapter.rb
 - lib/slosilo/adapters/file_adapter.rb
@@ -173,7 +188,8 @@ files:
 - lib/slosilo/symmetric.rb
 - lib/slosilo/version.rb
 - lib/tasks/slosilo.rake
-- publish-rubygem.sh
+- publish.sh
+- secrets.yml
 - slosilo.gemspec
 - spec/encrypted_attributes_spec.rb
 - spec/file_adapter_spec.rb
@@ -186,7 +202,7 @@ files:
 - spec/spec_helper.rb
 - spec/symmetric_spec.rb
 - test.sh
-homepage: ''
+homepage: https://github.cyberng.com/Conjur-Enterprise/slosilo/
 licenses:
 - MIT
 metadata: {}
@@ -201,11 +217,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.4.10
 signing_key: 
 specification_version: 4
 summary: Store SSL keys in a database

data/.dockerignore

@@ -1,2 +0,0 @@
-/Gemfile.lock
-/spec/reports

data/publish-rubygem.sh

@@ -1,11 +0,0 @@
-#!/bin/bash -e
-
-docker pull registry.tld/conjurinc/publish-rubygem
-
-docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd
-
-summon --yaml "RUBYGEMS_API_KEY: !var rubygems/api-key" \
-  docker run --rm --env-file @SUMMONENVFILE -v "$(pwd)":/opt/src \
-  registry.tld/conjurinc/publish-rubygem slosilo
-
-docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd