Sha256: dcd908f2e49a9c91ed7dbfd7464983facc85f965ad00f70fa404f4b6b472d599

Contents?: true

Size: 1.66 KB

Versions: 1

Compression:

Stored size: 1.66 KB

Contents

require 'secret_env/version'
require 'secret_env/storage'
require 'yaml'

module SecretEnv
  SECRETS_FILE = 'config/secret_env.yml'

  def self.load(env: 'development')
    config = YAML.load_file(SECRETS_FILE).fetch(env)

    storage = Storage.setup(config['storage'])

    env_map = {}
    Array(config.fetch('env')).each do |key, raw_value|
      record = Record.new(key: key, raw_value: raw_value, storage: storage, dependency: env_map)
      env_map[record.key] = record
    end

    env_map.each do |key, record|
      unless ENV.has_key?(record.key)
        ENV[record.key] = record.value
      end
    end
  end

  class Record
    attr_reader :key

    def initialize(key:, raw_value:, storage: Storage::Plain.new, dependency: {})
      @key = key
      @raw_value = raw_value.to_s
      @storage = storage
      @dependency = dependency
    end

    def value
      scanner = StringScanner.new(@raw_value)
      parts = []
      while part = scanner.scan_until(/#\{(.*?)\}/)
        secret_key = scanner.matched[2..-2] # Extract "secret" from "\#{secret}"


        secret = case
                 when ENV.has_key?(secret_key)
                   ENV[secret_key]
                 when @dependency.has_key?(secret_key)
                   # FIXME this code may cause infinite loop
                   @dependency[secret_key].value
                 else
                   @storage.retrieve(secret_key)
                 end

        raise SecretEnv::KeyNotFound unless secret
        parts << part.gsub(scanner.matched, secret)
      end
      parts << scanner.rest
      parts.join
    end
  end

  class KeyNotFound < StandardError; end
end

require 'secret_env/rails' if defined?(Rails)

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
secret_env-0.3.1 lib/secret_env.rb