team-secrets 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/team-secrets.rb +73 -7
- data/team-secrets.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 35393248b8a0f6356910edb2eec52fa9e8a3f6dc
|
|
4
|
+
data.tar.gz: 8936596845429a271aaecad34cc8734d24cd539b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fe4a867a2e59dddf3ac2f24a02742aa2a9c24bf2067d7c918b92bf188bec0bfdf73328af8440e5af2d4b2ce6a583115584ec4fa44e1c11367c2c1d1f7943ea44
|
|
7
|
+
data.tar.gz: 54033c7c19f98d152721ca9dce850579609dcb7df109a3ac52fbebb1dfa06435da002a7f57bb30e87635e2296ef972636c0ff756dbbf6b786a7a1839db6ba35e
|
data/lib/team-secrets.rb
CHANGED
|
@@ -19,7 +19,8 @@ program_desc 'Secrets - sharing secrets secretly'
|
|
|
19
19
|
|
|
20
20
|
pre do |global_options,command,options,args|
|
|
21
21
|
config = File.read('config.yaml') if File.exists?('config.yaml')
|
|
22
|
-
config = YAML.load(config)
|
|
22
|
+
config = YAML.load(config) if config
|
|
23
|
+
config ||= {}
|
|
23
24
|
|
|
24
25
|
unless options.key? :user && !options[:user].nil?
|
|
25
26
|
if config.key? :user
|
|
@@ -34,6 +35,10 @@ pre do |global_options,command,options,args|
|
|
|
34
35
|
|
|
35
36
|
unless options.key? :private && !options[:user].nil?
|
|
36
37
|
if config.key? :private
|
|
38
|
+
unless File.exists?(config[:private])
|
|
39
|
+
raise 'The path to your private key\'s in config.yaml is incorrect'
|
|
40
|
+
end
|
|
41
|
+
|
|
37
42
|
options[:private] = config[:private]
|
|
38
43
|
else
|
|
39
44
|
puts 'Your private key was not specified. Use the `-p` flag or put it in config.yaml.'
|
|
@@ -70,6 +75,8 @@ command :init do |c|
|
|
|
70
75
|
user_name = default if user_name.empty?
|
|
71
76
|
end
|
|
72
77
|
|
|
78
|
+
puts 'It\'s not a bad idea to create a new public/private key pair just for use with team-secrets'
|
|
79
|
+
|
|
73
80
|
key_file = options[:key_file]
|
|
74
81
|
|
|
75
82
|
until key_file && File.exists?(key_file)
|
|
@@ -97,13 +104,33 @@ command :init do |c|
|
|
|
97
104
|
manifest.update
|
|
98
105
|
manifest.writeFile 'manifest.yaml'
|
|
99
106
|
|
|
107
|
+
unless File.exists?('.gitignore')
|
|
108
|
+
puts "Generating default .gitignore..."
|
|
109
|
+
|
|
110
|
+
File.write('.gitignore', 'config.yaml')
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
puts "Generating default config.yaml..."
|
|
114
|
+
|
|
115
|
+
unless File.exists?('config.yaml')
|
|
116
|
+
config = {
|
|
117
|
+
user: user_name,
|
|
118
|
+
private: ''
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
File.write('config.yaml', config.to_yaml)
|
|
122
|
+
|
|
123
|
+
puts 'Add the path to your private key to config.yaml to make life a breeze'
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
puts
|
|
100
127
|
puts green('Done!')
|
|
101
|
-
puts 'Now, create a new repository with these files and commit. Your new secrets repo is ready to go.'
|
|
128
|
+
puts 'Now, create a new repository with these files and commit. Your new team-secrets repo is ready to go.'
|
|
102
129
|
end
|
|
103
130
|
end
|
|
104
131
|
|
|
105
|
-
desc 'Manage users for this
|
|
106
|
-
long_desc 'Add and remove users or servers who will be able to manage this
|
|
132
|
+
desc 'Manage users for this team-secrets repository'
|
|
133
|
+
long_desc 'Add and remove users or servers who will be able to manage this team-secrets repository'
|
|
107
134
|
|
|
108
135
|
command :user do |c|
|
|
109
136
|
|
|
@@ -127,13 +154,49 @@ command :user do |c|
|
|
|
127
154
|
|
|
128
155
|
# Check signatures
|
|
129
156
|
# Use current user's private key to get master key from lock_box
|
|
130
|
-
# Use master key to get all secrets
|
|
131
157
|
# Add new user's record & public key
|
|
132
158
|
# Generate new master key
|
|
133
159
|
# Encrypt all secrets with new master key
|
|
134
160
|
# Encrypt master key with each user's public key, placing in lock_box
|
|
135
161
|
# Update signatures
|
|
136
162
|
|
|
163
|
+
master_key = load_master_key(options[:user], options[:private])
|
|
164
|
+
|
|
165
|
+
manifest = ManifestManager.new master_key
|
|
166
|
+
manifest.validate
|
|
167
|
+
|
|
168
|
+
users = UserManager.new master_key
|
|
169
|
+
|
|
170
|
+
user_name = nil
|
|
171
|
+
key_file = nil
|
|
172
|
+
|
|
173
|
+
until user_name && (/\A.+\z/i =~ user_name)
|
|
174
|
+
default = `echo $USER`.chomp
|
|
175
|
+
print "The new user's username (no spaces): "
|
|
176
|
+
user_name = STDIN.gets.chomp
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
until key_file && File.exists?(key_file)
|
|
180
|
+
print "Path to new user's public key: "
|
|
181
|
+
key_file = STDIN.gets.chomp
|
|
182
|
+
puts "File does not exist or cannot be acccessed." unless File.exists?(key_file)
|
|
183
|
+
end
|
|
184
|
+
|
|
185
|
+
users.add user_name, key_file
|
|
186
|
+
users.writeFile 'users.yaml'
|
|
187
|
+
|
|
188
|
+
master_key = users.master_key
|
|
189
|
+
|
|
190
|
+
secrets.rotateMasterKey master_key
|
|
191
|
+
secrets.writeFile 'secrets.yaml'
|
|
192
|
+
|
|
193
|
+
manifest.master_key = master_key
|
|
194
|
+
manifest.update
|
|
195
|
+
manifest.writeFile 'manifest.yaml'
|
|
196
|
+
|
|
197
|
+
print green('Success! ')
|
|
198
|
+
puts 'User added.'
|
|
199
|
+
|
|
137
200
|
end
|
|
138
201
|
end
|
|
139
202
|
|
|
@@ -204,8 +267,8 @@ command :user do |c|
|
|
|
204
267
|
|
|
205
268
|
end
|
|
206
269
|
|
|
207
|
-
desc 'Manage the secrets in this
|
|
208
|
-
long_desc 'Add, read and remove secrets that users can retrieve from this
|
|
270
|
+
desc 'Manage the secrets in this team-secrets repository'
|
|
271
|
+
long_desc 'Add, read and remove secrets that users can retrieve from this team-secrets repository'
|
|
209
272
|
|
|
210
273
|
command :secret do |c|
|
|
211
274
|
|
|
@@ -415,6 +478,9 @@ on_error do |exception|
|
|
|
415
478
|
next true if exception.class.name.split("::").first == 'GLI'
|
|
416
479
|
|
|
417
480
|
$stderr.puts red(exception.message)
|
|
481
|
+
|
|
482
|
+
$stderr.puts exception.backtrace
|
|
483
|
+
|
|
418
484
|
false # skip GLI's error handling
|
|
419
485
|
end
|
|
420
486
|
|
data/team-secrets.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: team-secrets
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Bigoness
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-02-
|
|
11
|
+
date: 2017-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Encyrpt and store team secrets, passwords and API keys in a repository
|
|
14
14
|
with built-in user management
|